Essays24.com - Term Papers and Free Essays
Search

Security And The Osi Model

Essay by   •  October 28, 2010  •  1,411 Words (6 Pages)  •  2,126 Views

Essay Preview: Security And The Osi Model

Report this essay
Page 1 of 6

Security and the OSI Model

Network security is a topic that reaches far beyond the realm of firewalls, passwords, and user ID accounts. For a network and data to remain secure there must be protective measures at each level in the OSI interconnect model. While each layer basically operates autonomously of the other it is important to ensure that the data being transmitted from the host to destination has not been tampered with or is being prevented from reaching its destination. There are seven level to the OSI interconnect model; each with its own special tasks, abilities, and weaknesses.

There are seven layers in the OSI interconnect model; they are the Physical, Datalink, Network, Transport, Session, Presentation, and Application layers. Layer one the physical layer deals with the actual physical connections to the real world. All of the wires, power cords, and hardware that make up the physical portions of a network are part of the physical layer. There are several security issues that can cause physical layer problems within a network. The easiest way to cause a denial of service would be to simply remove power or disconnect or cut an important network cable going to a crucial piece of equipment. Another security concern would be a tapping of the physical medium allowing an attacker to copy or even corrupt the data stream. The best way to prevent these types of attacks is to keep facilities secure, keep all critical areas under lock and key and perform routine audits to ensure the infrastructure is safe and secure.

The second layer in the OSI model is the data link layer; here data is transmitted and received reliably across a physical medium.

Two of the biggest threats to the data link layer have to deal with ARP and the process of wardriving. ARP is the protocol that maps an IP address to a physical address or MAC address within the network. ARP is a simple protocol that was never designed for authentication. Any end station that has access to the layer two environment can claim any IP address if the proper security measures are not taken. ARP spoofing or ARP poisoning occurs when an attacker's computer forges its credentials to allow the host to believe that it is the intended recipient. If the attackers computer forwards all of the data that is to be sent to the intended host it is very likely that the "man in the middle" would go undetected. At any time the attacker can make changes to the data that is forwarded, copy and use the data, or flood the network with erroneous packets that cause data collisions and effectively bring network traffic to a halt. The process of wardriving is a new threat that has surfaced with the popularity of 802.11 style wireless connections. Poor security with these devices allows an attacker virtually unrestricted access to the data link layer and beyond. It is not very difficult to walk around various areas in a busy metropolitan area and pick up unsecured wireless signals and gain access to private networks where the owner has little idea of you presence.

The third layer is the network layer. In the network layer data is routed through various physical networks while traveling to a known host. Information contained in the network layer allows routers to make decisions on how the data gets to its destination. Security issues within layer 3 generally revolve around the router.

It is often very difficult to determine if the identity of the source address is indeed from the trusted source. It is possible for an attacker to force a DNS server to present an incorrect address and claim to be a resource that is the sender wishes to communicate with. Such an attack is called spoofing and is very common these days in the e-mail form where attackers attempt to get important information while displaying false credentials like a bank the victim banks with etc. The best way to prevent security issues in layer 3 is to utilize a properly configured firewall that will only let necessary traffic past its boundaries. A properly configured router will use a robust method of communication and authentication with authorized users and peers.

In the transport layer which is the fourth layer data from the upper layers is packaged into data packets. Data from the lower levels is reassembled and passed on to the upper levels here. The biggest security threat to this layer has to do with open ports used by Windows and other programs that accept data from any source attempting to communicate on that port. Open or vulnerable ports allow Trojan horse viruses to perform their work. The best defense against attacks at this level is a firewall with strict rules that cover all available layer four protocols such as UDP, TCP, ICMP, etc.

The fifth layer or the session layer organizes data into logical flows. The session layer manages the connection and disconnection of communication sessions. The biggest security concerns for the session layers deal with

...

...

Download as:   txt (8 Kb)   pdf (101 Kb)   docx (11.5 Kb)  
Continue for 5 more pages »
Only available on Essays24.com