You've loaded an old revision of the document! If you save it, you will create a new version with this data. Media Files{{tag>deutsch blog it-security}} ====== OSI layer cyber attacks ====== Listing of attacks according to [[wpde>OSI-Modell]] and associated risk minimisation. ^ Possible attacks ^ OSI Layer ^ Risk minimisation ^ | @lightsalmon: [[wpde>SQL-Injection]], [[wpde>Cross-Site-Scripting]] , [[wpde>Remote Code Execution]] | @#ff34b3: **Application** | @#c1ffc1: Patch management, vulnerability management, web application firewall (WAF) | | @lightsalmon: [[wpde>Code_Injection|Code Injection]], Data Format Manipulation, Serialisation Attacks | @#ff34b3: **Representation** | @#c1ffc1: Check and clean up data input, use secure programme libraries | | @lightsalmon: [[wpde>Session_Hijacking|Session Hijacking]], Token Based Attacks, Session Sidejacking | @#ff34b3: **Session** | @#c1ffc1: randomised session IDs, automated logout mechanisms, secure tokens for user authentication | | @lightsalmon: [[wpde>SYN-Flood|SYN flood attacks]], TCP session hijacking, UDP flood | @#ff34b3: **Transport** | @#c1ffc1: Monitor and control network traffic at the firewall, mitigate SYN flood attacks, implement secure data exchange | | @lightsalmon: IP spoofing, ICMP attacks, denial of service attacks | @#ff34b3: **Mediation** | @#c1ffc1: Firewall filtering, [[wpde>Intrusion_Detection_System|IDS]], [[wpde>Intrusion_Prevention_System|IPS]], prevent IP address spoofing via the router | | @lightsalmon: MAC address spoofing, [[wpde>ARP-Spoofing|ARP spoofing]] | @#ff34b3: **Backup** | @#c1ffc1: Limit the number of MAC IDs on a port, network segmentation via VLAN | | @lightsalmon: physical manipulation, such as pulling network cables or cutting the power supply | @#ff34b3: **Bit transmission** | @#c1ffc1: Access restriction, video surveillance | ---- Source: [[https://www.linkedin.com/company/ethical-hackers-academy/]]Please solve the following equation to prove you're human. 42 +7 = Please keep this field empty: SavePreviewCancel Edit summary Note: By editing this page you agree to license your content under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International