TheLazy.Dev
Portfolio GitHub

Blog

security |networking |cybersecurity |network

Lanjutan Lapisan OSI

putrakoteka

Putra Koteka

Posted on July 25, 2024

Lanjutan Lapisan OSI

link alternatif :
https://telegra.ph/Lanjutan-Lapisan-OSI-07-25

OSI layer 1

1. Application Layer

Definition : Lapisan paling atas yang berinteraksi dengan aplikasi pengguna akhir. Memberikan layanan jaringan langsung kepada aplikasi pengguna.
Kemungkinan Serangan Siber:

  • SQL Injection: Inserting malicious SQL queries to manipulate databases.
  • Cross-Site Scripting (XSS): Injecting scripts into web pages viewed by other users.
  • Remote Code Execution (RCE): Executing arbitrary code on a remote server.

Kontrol Serangan:

  • Regular patching to fix vulnerabilities.
  • Input validation to ensure data integrity.
  • Web Application Firewalls (WAF) to filter and monitor HTTP requests.

2. Presentation Layer

Definition: Lapisan ini menerjemahkan data antara lapisan aplikasi dan jaringan. Menangani pemformatan data, enkripsi, dan kompresi.
Kemungkinan Serangan Siber:

  • Data Format Manipulation: Altering the format of data to exploit vulnerabilities.
  • Code Injection: Introducing malicious code into data streams.
  • Serialization Attacks: Manipulating serialized data to alter application behavior.

Kontrol Serangan:

  • Validate and sanitize user inputs to prevent attacks.
  • Use secure data serialization libraries to manage data safely.

3. Session Layer

Definition: Mengelola sesi antara aplikasi. Mendirikan, memelihara, dan menghentikan koneksi.
Kemungkinan Serangan Siber:

  • Session Hijacking: Taking over a user session to gain unauthorized access.
  • Token-Based Attacks: Exploiting session tokens to impersonate users.
  • Session Sidejacking: Capturing session cookies to gain access.

Kontrol Serangan:

  • Randomize session IDs to prevent predictable attacks.
  • Enforce secure logout mechanisms to terminate sessions.
  • Use tokens for user authentication to enhance security.

4. Transport Layer

Definition: Bertanggung jawab untuk transfer data yang andal antara perangkat. Menjamin pemulihan kesalahan dan kontrol aliran.
Kemungkinan Serangan Siber:

  • SYN Flood Attacks: Overwhelming a server with connection requests.
  • TCP Session Hijacking: Taking control of an active TCP session.
  • UDP Flooding: Sending excessive UDP packets to disrupt service.

Kontrol Serangan:

  • Monitor and control firewall traffic to detect anomalies.
  • Mitigate SYN flood attacks using rate limiting.
  • Implement secure data exchange protocols.

OSI layer 2

5. Network Layer

Definition: Mengelola routing dan pengiriman paket data antara perangkat. Menangani pengalamatan logis melalui alamat IP.
Kemungkinan Serangan Siber:

  • IP Spoofing: Sending packets from a false IP address to disguise the sender.
  • ICMP Attacks: Exploiting ICMP packets to overload systems (e.g., ping flood).
  • Denial-of-Service (DoS) Attacks: Making a service unavailable by overwhelming it.

Kontrol Serangan:

  • Utilize firewall filtering to block malicious traffic.
  • Use Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) for monitoring.
  • Configure routers to prevent IP address spoofing.

6. Data Link Layer

Definition: Menjamin transfer data yang andal antara node. Menangani deteksi dan koreksi kesalahan.
Kemungkinan Serangan Siber:

  • MAC Address Spoofing: Changing the MAC address to gain unauthorized access.
  • ARP Spoofing: Sending false ARP messages to redirect traffic.
  • VLAN Hopping: Gaining access to traffic on different VLANs.

Kontrol Serangan:

  • Implement port security to limit the number of MAC addresses per port.
  • Utilize ARP spoofing detection methods.
  • Enable VLAN trunking protocols for secure communication.

7. Physical Layer

Definition: Lapisan terendah yang berurusan dengan koneksi fisik antara perangkat. Termasuk elemen perangkat keras dan media transmisi.
Kemungkinan Serangan Siber:

  • Physical Tampering: Unauthorized physical access to devices or networks.
  • Eavesdropping: Listening to private communications without consent.
  • Man-in-the-Middle (MITM) Attacks: Intercepting and altering communications between two parties.

Kontrol Serangan:

  • Implement access controls to restrict physical access.
  • Use CCTV surveillance for monitoring sensitive areas.
  • Secure cabling to prevent unauthorized access to the network infrastructure.
  • Conduct regular inspections and monitoring for vulnerabilities.

OSI layer 3

Gabung skuad:
šŸˆ“ daily. dev : https://app.daily.dev/squads/nabirecybersecurity
šŸˆ“ dev. to : https://dev.to/nabirecybersecurity
šŸˆ“ Facebook: https://www.facebook.com/profile.php?id=61562542336488

šŸ’– šŸ’Ŗ šŸ™… šŸš©
putrakoteka
Putra Koteka

Posted on July 25, 2024

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related

Lanjutan Lapisan OSI
security Lanjutan Lapisan OSI

July 25, 2024