OSI Layer and respective attack by shunux

Layer Attack
Physical Layer Sniffing
Example: Intercepting and analyzing
raw binary data exchanged between
two devices on an Ethernet cable using
a network tap.

Data Link Layer Spoofing

Example: MAC address spoofing
attack, where an attacker manipulates

ux
or impersonates the Media Access
Control (MAC) address of a network
device.

Network Layer Man in the middle attack

Example: Man-in-the-Middle (MitM)
attack, where an attacker intercepts and
un
potentially alters communication
between two parties by positioning
themselves between them in the
network, gaining the ability to
eavesdrop, manipulate, or redirect
traffic. Eg: ARP spoofing, IP spoofing,
DNS spoofing.
Sh

Transport Layer Reconnaissance

Example: scanning a range of ports on
a target system using tools like Nmap
or scanning scripts.

DoS
Example: TCP SYN Flood attack,
where an attacker floods a target server
with a high volume of TCP connection
requests (SYN packets) in an attempt to
overwhelm its resources and disrupt its
ability to establish legitimate
connections.
 OSI Layer and respective attack by shunux

Session Layer Hijacking

Example: In this attack, the attacker
steals or manipulates the session ID or
token used to identify a user's ongoing
session, typically after the user has
successfully authenticated. Once the
attacker gains control of the session,
they can impersonate the legitimate
user and potentially perform actions or
access resources on the system as if
they were the authorized user.

ux
Presentation Layer Cipher-Text Injection Attack
Example: An attacker injects malicious
code or ciphertext into the data being
transmitted between two systems,
targeting the presentation layer. This
could lead to improper decryption,
rendering of data, or even
un
compromising the integrity of the
communication.

Application Layer Exploitation

Example: SQLi, XSS etc.

Phishing
Sh

(Can be considered but most people

don’t consider)