2 DATA LINK LAYER
This is the layer where transmission of data packets has been prepared by the physical layer. Communication of the data link is somehow weak in terms of security. The key component at layer 2 communications is the switch, which is also used for communication at layer 3. Data link is susceptible to many layer 3 attacks. The prime example of the layer 2 element is 'wardriving' the method of going around searching for wireless LAN (802.11) Network with default security settings. VLAN in layer 2 switches are also vulnerable to attacks. (Reed 2003) All the OSI layers face different threat that affect them at their various stages. Highlighted are the problems faced by layer two of the OSI model and the solution to the problems. CAM (Content-Addressable Memory) table overflow, MAC (Media access control) spoofing, STP (Spanning Tree Protocol) Manipulation, ARP (Address Resolution Protocol) attack, and VLAN hopping are the problems faced by data link layers. CAM can be controlled by configuring port security on switch in order to provide a MAC address specification on a particular switch port so that it can be learnt and memorized by the port to detect an invalid address on the port. Like in CAM, port security commands can also be used to control MAC-spoofing attacks. The command can allow the switch to specify a protection action whenever violations of port- security occur. A BPDU guard is used to control manipulation of STP. This guard is put in place for network administrators to predict actively a network topology.ARP attacks can be mitigated by using Hold-down timers in the configuration interface menu. This can be achieved by setting an entry-stayed time in the ARP cache.
Control of VLAN hopping could be done by issuing VLAN IDs for trunk ports, and disabling of unused switch port and putting them in an unused VLAN.
3 NETWORK LAYER
The network layer is a medium used by packets to get to their final destination over multiple data. As said earlier in the previous chapter above, virtually all the layers have challenges of security. The lowest third layer of the OSI model is known to face challenges of information privacy problems and Denial of Service attacks. Internet protocol (IP) is the well-known protocol for the network layer. There are many security risks associated with the IP in the network layer. The part of the security risk Affecting network layers are network layer packet sniffing, route spoofing, IP Address spoofing.
Route policy controls - This mitigation gives a network administrator total control over the routing behavior of particular system. This control also improves network stability.
Authentication— Packet sniffing can be mitigated by various methods, and the using of strong one-time passwords is one mitigating method it could also be controlled by deploying switch infrastructure to counter the use of packet sniffers.
4. TRANSPORT LAYER
The transport layer makes use of mechanisms such as TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) to provide end-to-end communication services, which allow data to completely arrive at its destination. Poor handling of undefined conditions is one the problems this layer is facing. Overuse of a particular port for multiple functions could also be a vulnerability of transport layers as well as poor handling of undefined conditions, transport protocol implementation differences, transport-layer mechanisms overloading.
Firewall rules that can be used to limit access to specific transmission protocols and sub protocol information should be strict. Other measures include preventing out-of-state packets, by inspecting the layer at firewall from entering the perimeter and preventing the attacker and takeover of communications by implementing stronger transmission and layer session identification mechanisms.
5. SESSION LAYER
The session layer keeps track of data communications and organizes them into a logical flow. This layer also establishes, manages, and terminates sessions between applications and manages the data exchange between presentation layer entities. Attackers can cause damage to company`s network through this medium by unlimited attempts to guess the password, and they can as well make use of cruder methods to exhaust possible password strings. Weakness of used authentication mechanisms, hijacking and spoofing of session identification, failed authentication attempts could lead to information leakages, and unlimited failed sessions can help attackers to accessing credentials.
The following precautions should be put in place so as to prevent the error from happening or to eradicate it if happed already. Passwords should be well encrypted and change on a regular basis, there should be a specific expiry data for a particular user account for regular monitoring, session identification information should be protected through cryptographic means, the use of timing machine is encouraged for limiting failed session attempts.
6. PRESENTATION LAYER
The presentation layer deals with service request responsibility from the application layer and service request issuing to the session layer. The presentation layer is known for three functions: encoding and decoding data, encrypting and decrypting data, compressing and decompressing data. Although presentation layer is one of the most secured layer among the OSI model, it has its own threats. The threats common to this layer are fake certificate attacks and man-in-the- middle attacks.
Care should be taken when handling unexpected input, because it can crash applications, privacy protection could be exploited by cryptography flaws and remote manipulation or information leakage could occur when using external supply input unintentionally.
The solution that should be put in place to counter the above mentioned vulnerabilities include input coming into the application function should be carefully specified and checked; separating user input and program control functions; cryptography solutions should be reviewed continuously to ensure current security versus emerging threats.
