Scribd
Upload
5 views

Osi Model Explained

The OSI model is a framework that facilitates communication between different operating systems by dividing the communication process into seven layers, each responsible for specific functions. These layers include the Physical, Data Link, Network, Transport, Session, Presentation, and Application layers, each with its own roles and potential security vulnerabilities. Understanding the OSI model helps in grasping network structures and improving data transmission security.

Uploaded by

Sreekanth Daravath
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
5 views

Osi Model Explained

The OSI model is a framework that facilitates communication between different operating systems by dividing the communication process into seven layers, each responsible for specific functions. These layers include the Physical, Data Link, Network, Transport, Session, Presentation, and Application layers, each with its own roles and potential security vulnerabilities. Understanding the OSI model helps in grasping network structures and improving data transmission security.

Uploaded by

Sreekanth Daravath
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

What is OSI Model?

The OSI model is a model created to enable communication between different operating
systems. With this model, it has become easier to understand network structures. It divides the
process of communication into seven layers, each responsible for specific aspects of data
transmission. These layers work together to ensure that data is successfully transferred from
one device to another over a network.

1. Physical Layer (Layer 1)


What it does:
It deals with the physical connection between devices and the transmission of raw binary data
(0s and 1s) over a medium, such as cables, fiber optics, or wireless signals.

Attacks at This Layer:


- Wiretapping: Tapping into cables to eavesdrop on data.

- Jamming: Disrupting wireless communication using radio interference.

- Physical Tampering: Gaining access to routers/switches to damage or modify.

Example: Ethernet cables, switches, or wireless signals like Wi-Fi.

2. Data Link Layer (Layer 2)


What it does:
It handles the reliable transfer of data frames between devices on the same network. It
manages error detection, flow Control, and physical addressing (MAC addresses) and frame
synchronization

Attacks at This Layer:


- MAC Spoofing: Impersonating another device by changing MAC address.

- ARP Spoofing/Poisoning: Redirecting traffic on LAN by manipulating ARP tables.

Example: When a computer sends data to another computer on the same network, the MAC
address is used to identify the destination device (like an Ethernet frame).
3. Network Layer (Layer 3)
What it does:
This layer handles the routing and forwarding of data packets between devices across different
networks. It is responsible for logical addressing, such as IP addresses.

Attacks at This Layer:


- IP Spoofing: Sending packets with a forged IP address.

- Routing Attacks: Manipulating routing tables or protocols like RIP or OSPF.

- DoS Attacks: Flooding the network with traffic to exhaust resources

Example: The IP addresses used for routing data over the internet, like when you send an email
to someone across the globe. Routers operate at this layer to direct traffic to the correct
destination.

4. Transport Layer (Layer 4)


What it does:
It ensures end-to-end communication, error correction, and flow control between devices. It
establishes, manages, and terminates connections between devices.

Attacks at This Layer:


- TCP SYN Flooding: Exhausting resources by sending repeated SYN requests.

- Port Scanning: Identifying open ports to find vulnerable services.

Example: Protocols like TCP (Transmission Control Protocol) and UDP (User Datagram
Protocol) work here. TCP guarantees data delivery by checking for errors and ensuring the
packets arrive in the correct order.
5. Session Layer (Layer 5)
What it does:
It manages sessions or connections between applications. It establishes, maintains, and
terminates communication sessions between devices.

Attacks at This Layer:


- Session Hijacking: Stealing session tokens to impersonate a user.

- Man-in-the-Middle (MiTM): Intercepting session traffic.

Example: A video call between two people is managed at this layer, ensuring the session
remains active and can be closed once the call is finished.

6. Presentation Layer (Layer 6)


What it does:
It translates data between the application layer and the network. It handles data encryption,
compression, and translation (e.g., converting data formats like JPEG, MP4, PDF,).

Attacks at This Layer:


- SSL/TLS Attacks: Exploiting weak encryption or old versions.

- Code Injection via malformed input (like media files or scripts).

Example: If you're sending an encrypted email or accessing a website with SSL (Secure
Sockets Layer), the encryption and decryption processes are handled at this layer.

7. Application Layer (Layer 7)


What it does:
This is the top layer that directly interacts with end-user applications. It provides services like
email, file transfer, and web browsing.

Attacks at This Layer:


- Phishing: Fake login pages trick users.

- SQL Injection / XSS: Web app vulnerabilities.

Example: When you use a web browser to visit a website, HTTP (Hypertext Transfer Protocol)
operates at this layer. Similarly, email applications use SMTP (Simple Mail Transfer Protocol) to
send messages.

You might also like