Explore BrainMass

Importance of OSI

Why is it important to understand the different layers of the OCI model when working on network security?

What is the relationship between the OSI model and the TCP/IP Protocol.

Solution Preview

Why is it important to understand the different layers of the OCI model when working on network security?

Network Security problems map directly to the logical constructs presented in the OSI Seven Layer Network Model:

* Physical Layer Vulnerabilities
Loss of Power
Loss of Environmental Control
Physical Theft of Data and Hardware
Physical Damage or Destruction of Data And Hardware
Unauthorized changes to the functional environment (data connections,
removable media, adding/removing resources)
Disconnection of Physical Data Links
Undetectable Interception of Data
Keystroke & Other Input Logging

* Physical Layer Controls
Locked perimeters and enclosures
Electronic lock mechanisms for logging & detailed authorization
Video & Audio Surveillance
PIN & password secured locks
Biometric authentication systems
Data Storage Cryptography
Electromagnetic Shielding

* Link Layer Vulnerability Examples
MAC Address Spoofing (station claims the identity of another)
VLAN circumvention (station may force direct communication with other stations,
bypassing logical controls such as subnets and firewalls.)
Spanning Tree errors may be accidentally or purposefully introduced, causing the
layer two environment to transmit packets in infinite loops.
In wireless media situations, layer two protocols may allow free connection to the
network by unauthorized entities, or weak authentication and encryption may
allow a false sense of security.
Switches may be forced to flood traffic to all VLAN ports rather than selectively
forwarding to the appropriate ports, allowing interception of data by any
device connected to a VLAN.

* Link Layer Controls
MAC Address Filtering- Identifying stations by address and cross-referencing
physical port or logical access
Do not use VLANs to enforce secure designs. Layers of trust should be
physically isolated from one another, with policy engines such as firewalls
Wireless applications must be carefully evaluated for unauthorized access
exposure. Built-in encryption, authentication, and MAC filtering may be
applied to secure networks.

* Network Layer Vulnerabilities
Route spoofing - propagation of false network topology
IP Address Spoofing- false source addressing on malicious packets
Identity & Resource ID Vulnerability - Reliance on addressing to identify
resources and peers can be brittle and vulnerable

* Network Layer Controls
Route policy controls - Use strict anti-spoofing and route filters at network ...