Network Gate--OSI model of network isolation from network attack

the OSI model of network isolation viewed from network attack

On the network isolation, we must first talk about the security risks of the network. What is risk. Scan, attack, invade, Trojan and so on

is risk. It can be difficult to describe all of the network attacks in a comprehensive way, and there may be thousands of them, but it is entirely possible to

Summarized and summarized to locate the layer in the OSI model of TCP/IP so as to find a solution.


Attack on the physical layer of the OSI model: the lowest level of the OSI model is the physical layer. The physical layer of work is divided into two pieces, one is the hardware

Normal work, and the second is the logical representation of the physical layer. Unless the hacker enters the engine room and touches the hardware, it is difficult to go directly to

Attack and destroy hardware. But the logical representation of the physical layer can be attacked. In the case of the etheric layer, it is difficult for hackers to contact

The Ethernet card on the computer, but the hacker May forge the MAC address of the user's Ethernet card, thereby attacking the logical representation of the physical layer

, to achieve the purpose of denial of service. The physical layer's hardware is not able to attack, but the logical representation can be attacked, so the net

The logical representation of the physical layer must be interrupted by the envelope isolation.


Data link attacks on the OSI model: Data link is the concept of a communication protocol. Make sure that you can build on the physical layer

A data link that carries out communication. Each kind of physical hardware has its own unique communication protocol, which supports the unique number

According to the link way. Such as X.25 's modem Support X.25 protocol, Ethernet card support Ethernet protocol and so on. To the Data link layer

Intrusion, denial of service, and information theft, such as interception, can be exploited. In fact, before the internet was born, black

The term "Guest" exists. Early telephone companies such as Bell's communications system and telephone network were plagued by communications hacking

。 The early telephone dial-up BBS, such as FidoNet, was also attacked by hackers, although it adopted the Kermit Protocol and

is not today the TCP/IP over PPP protocol. Network isolation must interrupt the communication connection.


Attack on the network layer (IP) protocol of the OSI model: an attack on the IP protocol is the most important attack on the Internet at the moment.


The main defects of IP protocol include that IP communication is not required for authentication, IP data transmission is not encrypted, IP packet and

Reorganization mechanism is not perfect, the IP address of the expression does not need to be real and confirm true and false. Like our well-known IP fragment attack, the source path

Numerous attacks, such as attacks, IP spoofing, IP forgery, ping flooding and ping of death, are all exploited by IP protocol

The flaw of the IP protocol is attacked. Therefore, network isolation must detach the IP protocol.


Attack on the Transport Layer (TCP/UDP) protocol of the OSI model: the TCP/IP protocol corresponds to the transport layer in its OSI model, mainly

is the TCP and UDP protocol. The TCP protocol is attacked, which mainly utilizes TCP's three times handshake mechanism. Like the current popular SYN

Flooding attack, ACK flooding attack and so on are the use of TCP three times handshake mechanism. Attacks on UDP protocols, mainly

Traffic attack, enhance the reliability of UDP communication, in order to achieve the purpose of denial of service. Therefore network isolation must be stripped

TCP/UDP agreement.


Attack on the session layer of the OSI model: This is a typical application attack. An attacker steals a legitimate user's session letter

And then impersonate the user to achieve the purpose of unauthorized access, or to steal the rights and information of legitimate users. Based on session

The most typical case of an attack is to attack cookies or token. In some applications, such as E-commerce, e-government or BBS, etc.

, user identity authentication Landing, the user has a complete set of rights control mechanism, and this mechanism is a lot of use session

To achieve. Once the hacker successfully attacks the session, it has the user's rights. Network isolation required split session

Protocol attacks on the presentation layer of the OSI model: OSI's presentation layer is translated by format, data is compressed and decompressed, data

Encryption and decryption, to provide a standard application interface to ensure that different systems can be used for normal communication. As a matter of fact

is to solve the problem of open platform, that is, how multi-platform computers can implement application communication through the same open network. On the table

The current level of attack, of course, is for format translation and data processing to attack. A typical case is a Unicode attack,

and compute overflow attacks. Network isolation must peel the application's presentation layer.


Attack on the OSI model application layer: attack on the application layer is the most serious attack at the moment. Attacks on the application layer include the

Face is very wide, such as attacks on application protocol vulnerabilities, attacks on application data, attacks on application operating system platforms, and so on.

Application-Layer attack methods include: Uncensored Web-mode information entry; Access control for application permissions is compromised; body

Authentication and session management is compromised; cross-site vulnerability to code execution, cache overflow vulnerability, pop-up vulnerability, error handling

Improper, unsafe storage, denial of service, unsafe configuration management. Network isolation must split the application protocol.


All network attacks must reside on a layer of the network OSI model, otherwise it is not a network attack. Now that the TCP/IP protocol

All seven layers of the OSI model are at risk of being attacked, so it is necessary to disconnect all seven layers of the OSI model to ensure security.

Network isolation disconnects all seven layers of the OSI model, completely eliminating security threats from the network. OSI Model for network isolation

The pattern is as follows: