Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

OSI Model: Layers 4, 3 & 2

No description
by

Dante M

on 8 February 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of OSI Model: Layers 4, 3 & 2

OSI Model: Layers 4, 3 & 2
Layer 3: Network
Provides funtionality for forwarding network packets from one node to another.
Scapy: Packet Crafting
Scapy is a packet crafting tool built in
python. It is completely customizable as long as you understand packets and python
Packet crafting
Examples of packet crafting
IP Addressing
Arp poisoning and Tcp session hijack
A basic ARp poisoning MITM attack puts you between the victim and the gateway

Ip addresses are unique dentifiers on a network allowing for communication across one or more networks.
TCP & UDP
UDP is connectionless, used for videos and other services that do not require %100 accuracy
Layer 4 Syn Flood
You send specially crafted packets that have their flag set to (SYN), this creates an open connection
Layer 4: Transport Layer
Provides the reliable delivery of data end-to-end. In the correct sequence without errors.

With an emphasis on Penetration Testing
Main transport protocols are TCP (Transport Control protocol) and UDP (User Datagram Protocol)
The transfer of Data can be reliable or unreliable.
ARP Spoofing
Can be compared to a post office
TCP is the more ubiquitous of the two, forming the backbone of most connections on the internet.
TCP is session based, this session is what happens during all tcp connections such as most Client server connections.
Tcp Session Handshake
Connectionless and unreliable
Is responsible for host addressing
IP address consists of 4 octets that define the address. ex. 192.168.40.1 or 10.200.15.1
All computers on the internet are represented
by an IP address
Layer 3 hack
Layer 2: Data Link Layer
Data Link layer allows for communication between nodes on the same network
The data sent between devices is called
a frame

The physical address or the Mac address is
used to uniquely identify devices, cannot be changed and is unique to every device
Protocols IEEE 802.11, token ring, ethernet
01:23:45:67:89:ab
Firs three fields define the manufacturer of the network device

Arp (Address Resolution Protocol)
is a table that keeps the transation between a mac address and a IP address
The hacker impersonates both the server and and the clients mac address. ARP tables map an IP address to a mac address but if the attacker spoofs his address he can impersonate the client and the server and execute a Man in the middle atttack.
Special software such as
scapy or Cain and Abel is
required for man in the middle
Arp poisoning is one way to position a device like wire shark in order to monitor the network
Data gram
Packet
Frame
Path a Packet takes down the stack
Encapsulation
Fragmentation
Each layer adds a header
Each packet, datagram,frame PDU
becomes fragmented and reassembled at each node
You repeat this process enough and it will
DOS the server because it has to many open connections and it will eat all the resources

Attacking a layer three device could include attacking a router
Gain access to router by, exploit or guessing the default pass
Change routing table of router to send legitimate traffic to illegitimate sources
Scapy is a tool meant to be built for each situation
Scapy can send and receive packets and respond in real time if programmed too.
Each OSI layer can be customized. Each layer
is stacked in order to make the perfect PDU
Once that happens any sniffing can occur but
more interestingly you can put up a proxy in between instead of just sending the packets away and inject in their session and grab anything.
Full transcript