Hacking and the OSI Model (TCP/IP)
Layer 7
- URL Obfuscation
- Buffer Overflows
- MITM
- Brute Force
- DNS Poisoning
- DHCP Starvation (application)
- Service Flood Request
- Back Orifice, NetCat, Tini, NetBus, FU, Brutus
- Application Hijacking
- XSS
Commonly Targeted
protocols
- HTTP
- POP3
- SMTP
- IMAP
- DNS
Layer 6
- File Type Conversions
- HEX editing
Commonly Targeted
Filetypes
- .html
- .doc
- .php
- .xml
- .txt
- .mp3
- .wav
Layer 5
- SMB
- RPC
- NFS
- SQL Injection
Commonly Targeted
Protocols
- SQL
- NFS
- RPC
Layer 4
- TCP
- SRAF UP (Flags)
- To learn how this works, record a conversation in Wireshark and then play the stream back and watch the flags change from source to destination
- Syn Flooding with spoofed IP source address
- Session Hijacking
- Netstat
- UDP
- Fraggle
- Tools
- Hping
Commonly Targeted
Protocols
- TCP
- UPD
Layer 3
- IP
- IPSec
- AH
- ESP
- Oakley, ISAKMP, IKE
- Routing Protocols
- RIP, OSPF, IGRP, BGP, EGP, HRSP
- MITM
- IP Spoofing
- ICMP Flood
- ICMP
- Smurf Attack – Broadcast address, spoofed source address, large packet
- Ping Of Death – Large Fragmented packet (>65000)
- Routers
- Some Tools
- Nmap
- NetCat
- Hping
Layer 2
- MAC Flooding
- MAC Spoofing
- MAC Duplicating
- ARP Poisoning
- ARP Spoofing
- Man-In-The-Middle
- Switches / Hubs
- Wan Encapsulations
- X.25, Frame Relay, HDLC, SDLC, ISDN BRI, ISDN PRI,
- VPN
- L2f, L2TP, PPTP
- NDIS
Layer 1
- Fiber Optics
- TX/RX
- Cat 5
- WiFi
- Twisted Pair, Coax,
No comments:
Post a Comment