From the course: Wireshark: Malware and Forensics
OSI layer attacks - Wireshark Tutorial
From the course: Wireshark: Malware and Forensics
OSI layer attacks
- [Narrator] Attacks can occur at any layer of the OSI model. Let's take a look at the different layers and the types of attacks. In the physical layer we might see cutting cables, jamming, or keystroke logging. At the data link layer we might see sniffing, ARP cache poisoning, or a macof attack. At the network layer we could see ICMP flooding, OS fingerprinting, IP address spoofing, or routing table poisoning. At the transport layer we could see SYN flooding, invalid TCP flags, or UDP floods. At the session layer we could see session hijacking or DNS poisoning. At the presentation layer we could see unicode vulnerabilities or an SSL strip. At the application layer we could see buffer overflows, cross-site scripting, or distributed denial of service. Multilayer attacks can occur in several layers of the network stack. In the application layer we saw that there was a distributed denial of service attack, which is a unique attack in which their efforts are to interrupt or suspend services for any length of time. A DDoS attack is effective because it uses zombie armies or botnets that hackers can control remotely. Hackers frequently use DDoS attacks as a smokescreen to camouflage other, more dangerous attacks by overloading mainstream services. If an organization experiences signs of DDoS, such as slow network performance, website or firewall failover, they should investigate for possible related data breach activity. DDoS attacks are a serious threat and are difficult to defend against. At any given time, many DDoS attacks are taking place all over the world. I'm at this website, Digital Attack Map, and it shows top daily DDoS attacks worldwide. I'm at December 26, 2013, showing a large-scale NTP reflection attacks, and down below, if you'd like to see more, you can explore the gallery. Attacks can occur at any layer of the OSI model, yet a DDoS attack is a serious threat that can act as a smokescreen and camouflage other more dangerous attacks.
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.