EP009

Episode 9 – Seven Layer Burrito

Music provided by: Denis Kreynin https://soundcloud.com/denis-kreynin

 

2 major models for communication: TCP and OSI model

TCP is maybe too abstract and OSI may be too granular

 

Designed to speak with same layer on other end of communication but must speak one layer up or down unless physical

Physical: wires (manholes, CN) or airwaves/microwaves; taps; conduits

Data Link: See episode 4; MAC address filtering

Network: See episode 4; IP; IPSec

Transport: See episode 5; TCP/UDP

Session: Session negotiation, reconnections, etc; RPC/NetBios; TLS/SSL

Presentation: How information is exchanged, ASCII/EBCDIC/MP3; manipulation attacks

Application: interface to application logic

 

The 8th layer is humans

References:

OSI Model and comparison vs TCP/IP model: https://en.wikipedia.org/wiki/OSI_model#Comparison_with_TCP.2FIP_model

physical: DVAC vs Cellular protection: https://www.imotionsecurite.com/alarm_cellular_link.html

Wicked reference for all security concepts, and properly defines what is a detterent vs preventative controls in context of what Matt and Max were chatting about: https://cryptome.org/2013/09/infosecurity-cert.pdf

TCP injection attack: https://securedb.blogspot.ca/2010/08/tcp-session-injection.html