Lisa Bock reviews the various attacks that can occur at any layer of the OSI model, including OS fingerprinting, SSL strip, and DDoS attacks, which can act as a smokescreen to camouflage other, more dangerous attacks.
- [Narrator] Attacks can occur at any layer of the OSI model. Let's take a look at the different layers and the types of attacks. In the physical layer we might see cutting cables, jamming, or keystroke logging. At the data link layer we might see sniffing, ARP cache poisoning, or a macof attack. At the network layer we could see ICMP flooding, OS fingerprinting, IP address spoofing, or routing table poisoning.
At the transport layer we could see SYN flooding, invalid TCP flags, or UDP floods. At the session layer we could see session hijacking or DNS poisoning. At the presentation layer we could see unicode vulnerabilities or an SSL strip. At the application layer we could see buffer overflows, cross-site scripting, or distributed denial of service. Multilayer attacks can occur in several layers of the network stack.
In the application layer we saw that there was a distributed denial of service attack, which is a unique attack in which their efforts are to interrupt or suspend services for any length of time. A DDoS attack is effective because it uses zombie armies or botnets that hackers can control remotely. Hackers frequently use DDoS attacks as a smokescreen to camouflage other, more dangerous attacks by overloading mainstream services.
If an organization experiences signs of DDoS, such as slow network performance, website or firewall failover, they should investigate for possible related data breach activity. DDoS attacks are a serious threat and are difficult to defend against. At any given time, many DDoS attacks are taking place all over the world. I'm at this website, Digital Attack Map, and it shows top daily DDoS attacks worldwide.
I'm at December 26, 2013, showing a large-scale NTP reflection attacks, and down below, if you'd like to see more, you can explore the gallery. Attacks can occur at any layer of the OSI model, yet a DDoS attack is a serious threat that can act as a smokescreen and camouflage other more dangerous attacks.
- Trends in cyberattacks
- Preventing system compromise
- Analyzing packets
- Using Wireshark
- Creating firewall rules
- Baselining a network
- Using capture filters
- Using a ring buffer
- Handling OSI layer attacks
- Identifying attack signatures
- Using VirusTotal
- Handling unwanted TOR activity