Information Security & US & Life & Love & Fashion & Hacking & Passion

Application layer(7) Recognized as the top layer of the OSI model, this layer serves as the window for application services. home of email programs, FTP, Telnet, web browsers, and office productivity suites, a viruses, worms, Trojan horse programs,

Presentation layer(6) The Presentation layer is responsible for taking data that has been passed up from lower levels and putting it into a format that Application layer programs can understand. The most critical process handled at this layer is encryption and decryption.

Session layer(5) Its functionality is put to use when creating, controlling, or shutting down a TCP session. Items such as the TCP connection establishment and TCP connection occur here. Session-layer protocols include items such as Remote Procedure Call and SQLNet from Oracle. The Session layer is vulnerable to attacks such as session hijacking. A session hijack can occur when a legitimate user has his session stolen by a hacker.

Transport layer(4) ensures completeness by handling end-to-end error recovery and flow control. Transport-layer protocols include TCP, a connection-oriented protocol. TCP provides reliable communication through the use of handshaking, acknowledgments, error detection, and session teardown, as well as User Datagram Protocol (UDP), a connectionless protocol. UDP offers speed and low overhead as its primary advantage. Security concerns at the transport level include Synchronize (SYN) attacks, Denial of Service (DoS), and buffer overflows.

Network layer(3). logical addressing and routing. The Network layer is the home of the Internet Protocol (IP), which makes a best effort at delivery of datagrams from their source to their destination. Security concerns at the network level include route poisoning, DoS, spoofing, and fragmentation attacks. Fragmentation attacks occur when hackers manipulate datagram fragments to overlap in such a way to crash the victim’s computer. IPSec is a key security service that is available at this layer.

Data Link layer(2). is responsible for formatting and organizing the data before sending it to the Physical layer. The Data Link layer organizes the data into frames. A frame is a logical structure in which data can be placed; it’s a packet on the wire. When a frame reaches the target device, the Data Link layer is responsible for stripping off the data frame and passing the data packet up to the Network layer. The Data Link layer is made up of two sub layers, including the logical link control layer (LLC) and the media access control layer (MAC). You might be familiar with the MAC layer, as it shares its name with the MAC addressing scheme. These 6-byte (48-bit) addresses are used to uniquely identify each device on the local network. A major security concern of the Data Link layer is the Address Resolution Protocol (ARP) process. ARP is used to resolve known Network layer addresses to unknown MAC addresses. ARP is a trusting protocol and, as such, can be used by hackers for ARP poisoning, which can allow them access to traffic on switches they should not have.

Physical layer(1). bit-level communication takes place. The bits have no defined meaning on the wire, but the Physical layer defines how long each bit lasts and how it is transmitted and received. From a security standpoint, you must be concerned anytime a hacker can get physical access. By accessing a physical component of a computer network—such as a computer, switch, or cable—the attacker might be able to use a hardware or software packet sniffer to monitor traffic on that network. Sniffers enable attacks to capture and decode packets. If no encryption is being used, a great deal of sensitive information might be directly available to the hacker.

from CEH

1. XSS
1. Severity : High
2. URI was set to 1<div style=width:expression(prompt(957586))>
   URL encoded GET input genre was set to " onmouseover=prompt(968437) bad="
   
   
   
2. Application Error Msg
1. Severity : Medium
2. URL encoded GET input key was set to '"'");|]*{%0d%0a<%00>
   Error message found:

   java.lang.NumberFormatException: For input string:

   
   
   
3. Error Msg on Page
1. Severity : Medium
2. Pattern found:

   java.lang.NumberFormatException: For input string:

   
   
   
4. Insecure crossdomain.xm
1. Severity : Medium
2. The browser security model normally prevents web content from one domain from accessing data from another domain. This is commonly known as the "same origin policy". URL policy files grant cross-domain permissions for reading data. They permit operations that are not permitted by default. The URL policy file is located, by default, in the root directory of the target server, with the name crossdomain.xml (for example, at www.example.com/crossdomain.xml).
   
   When a domain is specified in crossdomain.xml file, the site declares that it is willing to allow the operators of any servers in that domain to obtain any document on the server where the policy file resides. The crossdomain.xml file deployed on this website opens the server to all domains (use of a single asterisk "*" as a pure wildcard is supported) like so:

   <cross-domain-policy>
   <allow-access-from domain="*" />
   </cross-domain-policy>
   

   This practice is suitable for public servers, but should not be used for sites located behind a firewall because it could permit access to protected areas. It should not be used for sites that require authentication in the form of passwords or cookies. Sites that use the common practice of authentication based on cookies to access private or user-specific data should be especially careful when using cross-domain policy files.
   This vulnerability affects Server.