DEV Community

Cover image for Lanjutan Lapisan OSI
Nabire Cyber Security profile image Putra Koteka
Putra Koteka for Nabire Cyber Security

Posted on

1

Lanjutan Lapisan OSI

#security #networking #cybersecurity #network

link alternatif :
https://telegra.ph/Lanjutan-Lapisan-OSI-07-25

OSI layer 1

1. Application Layer

Definition : Lapisan paling atas yang berinteraksi dengan aplikasi pengguna akhir. Memberikan layanan jaringan langsung kepada aplikasi pengguna.
Kemungkinan Serangan Siber:

  • SQL Injection: Inserting malicious SQL queries to manipulate databases.
  • Cross-Site Scripting (XSS): Injecting scripts into web pages viewed by other users.
  • Remote Code Execution (RCE): Executing arbitrary code on a remote server.

Kontrol Serangan:

  • Regular patching to fix vulnerabilities.
  • Input validation to ensure data integrity.
  • Web Application Firewalls (WAF) to filter and monitor HTTP requests.

2. Presentation Layer

Definition: Lapisan ini menerjemahkan data antara lapisan aplikasi dan jaringan. Menangani pemformatan data, enkripsi, dan kompresi.
Kemungkinan Serangan Siber:

  • Data Format Manipulation: Altering the format of data to exploit vulnerabilities.
  • Code Injection: Introducing malicious code into data streams.
  • Serialization Attacks: Manipulating serialized data to alter application behavior.

Kontrol Serangan:

  • Validate and sanitize user inputs to prevent attacks.
  • Use secure data serialization libraries to manage data safely.

3. Session Layer

Definition: Mengelola sesi antara aplikasi. Mendirikan, memelihara, dan menghentikan koneksi.
Kemungkinan Serangan Siber:

  • Session Hijacking: Taking over a user session to gain unauthorized access.
  • Token-Based Attacks: Exploiting session tokens to impersonate users.
  • Session Sidejacking: Capturing session cookies to gain access.

Kontrol Serangan:

  • Randomize session IDs to prevent predictable attacks.
  • Enforce secure logout mechanisms to terminate sessions.
  • Use tokens for user authentication to enhance security.

4. Transport Layer

Definition: Bertanggung jawab untuk transfer data yang andal antara perangkat. Menjamin pemulihan kesalahan dan kontrol aliran.
Kemungkinan Serangan Siber:

  • SYN Flood Attacks: Overwhelming a server with connection requests.
  • TCP Session Hijacking: Taking control of an active TCP session.
  • UDP Flooding: Sending excessive UDP packets to disrupt service.

Kontrol Serangan:

  • Monitor and control firewall traffic to detect anomalies.
  • Mitigate SYN flood attacks using rate limiting.
  • Implement secure data exchange protocols.

OSI layer 2

5. Network Layer

Definition: Mengelola routing dan pengiriman paket data antara perangkat. Menangani pengalamatan logis melalui alamat IP.
Kemungkinan Serangan Siber:

  • IP Spoofing: Sending packets from a false IP address to disguise the sender.
  • ICMP Attacks: Exploiting ICMP packets to overload systems (e.g., ping flood).
  • Denial-of-Service (DoS) Attacks: Making a service unavailable by overwhelming it.

Kontrol Serangan:

  • Utilize firewall filtering to block malicious traffic.
  • Use Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) for monitoring.
  • Configure routers to prevent IP address spoofing.

6. Data Link Layer

Definition: Menjamin transfer data yang andal antara node. Menangani deteksi dan koreksi kesalahan.
Kemungkinan Serangan Siber:

  • MAC Address Spoofing: Changing the MAC address to gain unauthorized access.
  • ARP Spoofing: Sending false ARP messages to redirect traffic.
  • VLAN Hopping: Gaining access to traffic on different VLANs.

Kontrol Serangan:

  • Implement port security to limit the number of MAC addresses per port.
  • Utilize ARP spoofing detection methods.
  • Enable VLAN trunking protocols for secure communication.

7. Physical Layer

Definition: Lapisan terendah yang berurusan dengan koneksi fisik antara perangkat. Termasuk elemen perangkat keras dan media transmisi.
Kemungkinan Serangan Siber:

  • Physical Tampering: Unauthorized physical access to devices or networks.
  • Eavesdropping: Listening to private communications without consent.
  • Man-in-the-Middle (MITM) Attacks: Intercepting and altering communications between two parties.

Kontrol Serangan:

  • Implement access controls to restrict physical access.
  • Use CCTV surveillance for monitoring sensitive areas.
  • Secure cabling to prevent unauthorized access to the network infrastructure.
  • Conduct regular inspections and monitoring for vulnerabilities.

OSI layer 3

Gabung skuad:
🈴 daily. dev : https://app.daily.dev/squads/nabirecybersecurity
🈴 dev. to : https://dev.to/nabirecybersecurity
🈴 Facebook: https://www.facebook.com/profile.php?id=61562542336488

profile
Heroku
 Promoted

Heroku

This site is built on Heroku

Join the ranks of developers at Salesforce, Airbase, DEV, and more who deploy their mission critical applications on Heroku. Sign up today and launch your first app!

Get Started

Top comments (0)

profile
Pieces.app
 Promoted

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

Read next

leo_scott_357f10236fabe00 profile image

How to Make a Product Secure: A Developer's Perspective

Leo Scott -

theerej_c profile image

Mastering Linux Process Management Like a Pro πŸš€

Theerej C -

xmanhugo profile image

Don’t make security an afterthought when designing APIs

xmanhugo -

oluwaseun_musa profile image

Building Cloud Security Efforts with AWS CAF and Well-Architected Framework

Seun -

πŸ‘‹ Kindness is contagious

Please leave a ❀️ or a friendly comment on this post if you found it helpful!

Okay