Project Part 1:
Multi-Layered Security Plan
Introduction: Describe each layer of the Open System Interconnection (OSI) Model. List a security feature of each layer if it applies. List the protocol of each layer if it applies. List types of attacks that are you protecting against in each layer. Your goal is to be able to protect a web hosting company that has a global presence. This web hosting company supports customers in the following industries: Medical, Financial, and Governmental.
Physical Layer: The Physical Layer defines the physical properties of the network, such as voltage levels, cable types, and interface pins (Baker). Any attack on the ...view middle of the document...
One can imagine the last thing in the minds of the designers was that someone would one day exploit this technology. In today’s security climate it would make sense to have exploits as a consideration. The primary protocol of this layer is the ARP, or Address Resolution Protocol. Network Interface Cards (NIC) exists to give computers the ability to talk to each other. To do this they need to be able to find each other. In order to do this they are assigned a single unique address – known as a MAC Address. Media Access Control (MAC) Addresses are used by ARP. RP is a protocol that allows a source computer to ask other computers if they know the MAC address of the machine it wants to speak with. The main attack for this layer is ARP Cashe Poisoning which can alter the ARP Cashe with invalid info causing the computer to send delicate info to the “attackers” computer. Proper protection against this form of attack is fairly simple. As an attacker would need physical access to your network, you simply need to know who is at your work stations and allow your employees to question the authority of any unknown individuals within your network areas.
Network Layer: This is the layer that routes data through various physical networks while traveling to a known host (Baker). IP addresses are assigned and utilized at this layer for unique identification. In order for a system to communicate with the Internet, it must have an associated public IP address. This address allows a system to contact the outside world and allows the outside world to contact the host. This border to our system is a vulnerable opening to the outside world. Routers are simple machines that decide how to send information from one logical network to another based on Internet Protocol (IP) and all its routing decisions on that information. The best defense on this layer is the comprehensive use of either NAT or PAT as well as up to date software on your routers. Network Address Translation (NAT) is a service that temporarily assigns a private IP address to a public IP address. In this sense, for a time, there is a one-to-one relationship between a private and a public address. It is necessary to lease a pool of public IP address for NAT to work. Port Address Translations (PAT), on the other hand, allows a single public IP address to be bound to multiple virtual ports. In this way, multiple networked hosts can share a single public identity on the Internet, providing a more cost effective and secure solution. In either event, the internal IP address is hidden to the outside world, providing us with some anonymity.
The Transport Layer: This layer ensures the reliable arrival of messages and provides error checking mechanisms and data flow controls and provides services for both "connection-mode" transmissions and for "connectionless-mode" transmissions (Baker). Primary Protocols for this layer are Transport Control Protocol (TCP) and User Datagram Protocol (UDP). Most attacks to...