DEV Community

Cover image for Lanjutan Lapisan OSI
Putra Koteka for Nabire Cyber Security

Posted on

Lanjutan Lapisan OSI

link alternatif :
https://telegra.ph/Lanjutan-Lapisan-OSI-07-25

OSI layer 1

1. Application Layer

Definition : Lapisan paling atas yang berinteraksi dengan aplikasi pengguna akhir. Memberikan layanan jaringan langsung kepada aplikasi pengguna.
Kemungkinan Serangan Siber:

  • SQL Injection: Inserting malicious SQL queries to manipulate databases.
  • Cross-Site Scripting (XSS): Injecting scripts into web pages viewed by other users.
  • Remote Code Execution (RCE): Executing arbitrary code on a remote server.

Kontrol Serangan:

  • Regular patching to fix vulnerabilities.
  • Input validation to ensure data integrity.
  • Web Application Firewalls (WAF) to filter and monitor HTTP requests.

2. Presentation Layer

Definition: Lapisan ini menerjemahkan data antara lapisan aplikasi dan jaringan. Menangani pemformatan data, enkripsi, dan kompresi.
Kemungkinan Serangan Siber:

  • Data Format Manipulation: Altering the format of data to exploit vulnerabilities.
  • Code Injection: Introducing malicious code into data streams.
  • Serialization Attacks: Manipulating serialized data to alter application behavior.

Kontrol Serangan:

  • Validate and sanitize user inputs to prevent attacks.
  • Use secure data serialization libraries to manage data safely.

3. Session Layer

Definition: Mengelola sesi antara aplikasi. Mendirikan, memelihara, dan menghentikan koneksi.
Kemungkinan Serangan Siber:

  • Session Hijacking: Taking over a user session to gain unauthorized access.
  • Token-Based Attacks: Exploiting session tokens to impersonate users.
  • Session Sidejacking: Capturing session cookies to gain access.

Kontrol Serangan:

  • Randomize session IDs to prevent predictable attacks.
  • Enforce secure logout mechanisms to terminate sessions.
  • Use tokens for user authentication to enhance security.

4. Transport Layer

Definition: Bertanggung jawab untuk transfer data yang andal antara perangkat. Menjamin pemulihan kesalahan dan kontrol aliran.
Kemungkinan Serangan Siber:

  • SYN Flood Attacks: Overwhelming a server with connection requests.
  • TCP Session Hijacking: Taking control of an active TCP session.
  • UDP Flooding: Sending excessive UDP packets to disrupt service.

Kontrol Serangan:

  • Monitor and control firewall traffic to detect anomalies.
  • Mitigate SYN flood attacks using rate limiting.
  • Implement secure data exchange protocols.

OSI layer 2

5. Network Layer

Definition: Mengelola routing dan pengiriman paket data antara perangkat. Menangani pengalamatan logis melalui alamat IP.
Kemungkinan Serangan Siber:

  • IP Spoofing: Sending packets from a false IP address to disguise the sender.
  • ICMP Attacks: Exploiting ICMP packets to overload systems (e.g., ping flood).
  • Denial-of-Service (DoS) Attacks: Making a service unavailable by overwhelming it.

Kontrol Serangan:

  • Utilize firewall filtering to block malicious traffic.
  • Use Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) for monitoring.
  • Configure routers to prevent IP address spoofing.

6. Data Link Layer

Definition: Menjamin transfer data yang andal antara node. Menangani deteksi dan koreksi kesalahan.
Kemungkinan Serangan Siber:

  • MAC Address Spoofing: Changing the MAC address to gain unauthorized access.
  • ARP Spoofing: Sending false ARP messages to redirect traffic.
  • VLAN Hopping: Gaining access to traffic on different VLANs.

Kontrol Serangan:

  • Implement port security to limit the number of MAC addresses per port.
  • Utilize ARP spoofing detection methods.
  • Enable VLAN trunking protocols for secure communication.

7. Physical Layer

Definition: Lapisan terendah yang berurusan dengan koneksi fisik antara perangkat. Termasuk elemen perangkat keras dan media transmisi.
Kemungkinan Serangan Siber:

  • Physical Tampering: Unauthorized physical access to devices or networks.
  • Eavesdropping: Listening to private communications without consent.
  • Man-in-the-Middle (MITM) Attacks: Intercepting and altering communications between two parties.

Kontrol Serangan:

  • Implement access controls to restrict physical access.
  • Use CCTV surveillance for monitoring sensitive areas.
  • Secure cabling to prevent unauthorized access to the network infrastructure.
  • Conduct regular inspections and monitoring for vulnerabilities.

OSI layer 3

Gabung skuad:
🈴 daily. dev : https://app.daily.dev/squads/nabirecybersecurity
🈴 dev. to : https://dev.to/nabirecybersecurity
🈴 Facebook: https://www.facebook.com/profile.php?id=61562542336488

Top comments (0)