Scribd
Upload
65 views2 pages

Physical Layer Vulnerabilities

This document outlines vulnerabilities at each layer of the OSI model: Physical layer vulnerabilities include loss of power, environmental control, theft of hardware/data, and physical damage. Link layer vulnerabilities allow spoofing of MAC addresses and VLANs. Network layer vulnerabilities permit route and IP spoofing. Transport layer issues involve handling of undefined conditions and overloading of port numbers. Session and presentation layers are prone to weak authentication and cryptographic flaws. Application layer vulnerabilities encompass open design, backdoors, inadequate access controls, and program logic flaws.

Uploaded by

Marti Piciorus
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
65 views2 pages

Physical Layer Vulnerabilities

This document outlines vulnerabilities at each layer of the OSI model: Physical layer vulnerabilities include loss of power, environmental control, theft of hardware/data, and physical damage. Link layer vulnerabilities allow spoofing of MAC addresses and VLANs. Network layer vulnerabilities permit route and IP spoofing. Transport layer issues involve handling of undefined conditions and overloading of port numbers. Session and presentation layers are prone to weak authentication and cryptographic flaws. Application layer vulnerabilities encompass open design, backdoors, inadequate access controls, and program logic flaws.

Uploaded by

Marti Piciorus
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Physical Layer Vulnerabilities:

1. Loss of Power
2. Loss of Environmental Control
3. Physical Theft of Data and Hardware
4. Physical Damage or Destruction of Data And Hardware
5. Unauthorized changes to the functional environment (data connections, removable
media, adding/removing resources)
6. Disconnection of Physical Data Links Undetectable Interception of Data
7. Keystroke & Other Input Logging
Link Layer Vulnerabilities

1. MAC Address Spoofing (station claims the identity of another)


2. VLAN circumvention (station may force direct communication with other stations,
bypassing logical controls such as subnets and firewalls.)
3. Spanning Tree errors may be accidentally or purposefully introduced, causing the layer
two environment to transmit packets in infinite loops.
4. In wireless media situations, layer two protocols may allow free connection to the
network by unauthorized entities, or weak authentication and encryption may allow a false
sense of security.
5. Switches may be forced to flood traffic to all VLAN ports rather than selectively
forwarding to the appropriate ports, allowing interception of data by any device connected to a
VLAN.
Network Layer Vulnerabilities

1. Route spoofing - propagation of false network topology


2. IP Address Spoofing- false source addressing on malicious packets
3. Identity & Resource ID Vulnerability - Reliance on addressing to identify resources
and peers can be brittle and vulnerable.
Transport Layer Vulnerabilities

1. Mishandling of undefined, poorly defined, or “illegal” conditions


2. Differences in transport protocol implementation allow “fingerprinting’ and other
enumeration of host information
3. Overloading of transport-layer mechanisms such as port numbers limit the ability to
effectively filter and qualify traffic.
4. Transmission mechanisms can be subject to spoofing and attack based on crafted
packets and the educated guessing of flow and transmission values, allowing the disruption or
seizure of control of communications.
Session Layer Vulnerabilities

Weak or non-existent authentication mechanisms


1. Passing of session credentials such as user ID and password in the clear, allowing
intercept and unauthorized use
2. Session identification may be subject to spoofing and hijack Leakage of information
based on failed authentication attempts Unlimited failed sessions allow brute-force attacks on
access credentials
Presentation Layer Vulnerabilities

1. Poor handling of unexpected input can lead to application crashes or surrender of


control to execute arbitrary instructions.
2. Unintentional or ill-advised use of externally supplied input in control contexts may
allow remote manipulation or information leakage.
3. Cryptographic flaws may be exploited to circumvent privacy protections
Application Layer Vulnerabilities

1. Open design issues allow free use of application resources by unintended parties
Backdoors and application design flaws bypass standard security controls
2. Inadequate security controls force “all-or-nothing” approach, resulting in either
excessive or insufficient access.
3. Overly complex application security controls tend to be bypassed or poorly understood
and implemented.
4. Program logic flaws may be accidentally or purposely used to crash programs or cause
undesired behavior

You might also like