Osi Layers

The OSI model has seven layers, with each having different types of security responsibilities. The seven layers are application, presentation, session, transport, network, datalink and physical with control being passed down from layer to layer starting with application. The biggest threat to these layers is through people, sometimes known as the 8th layer of the OSI model.

Companies should take the time to educate their employees on the security threats that each individual brings to the company. Throwing personal information into a dumpster and not shredding this information is a huge security risk. Each individual is given a password to access the system for his or her job and should never reveal their password to anyone. Employee’s must keep in mind that anything done under their login and password is considered that persons responsibility and therefore, by keeping their password safe, it eliminates the possibility of someone else using his or her log-in for malicious purposes.

The first real layer of the OSI level is the application layer. It includes software such as File Transfer Protocol (FTP), telnet, DNS, HTTP. FTP is used to move files from one system to another and is at high risk for hacking. More secure FTP programs exist today called FTP over SSL and FTP over SSH. All Banks use the more secure FTP programs to do EFT transfers. When using telnet a company should require a login and password even if they allow anonymous connections. Telnet transfers in clear text which can allow a hacker to read the clear text as it goes over the network. DNS is an application that translates addresses as they come in, if they are not configured correctly a full zone transfer. HTTP security issues revolve around that fact that hackers can get to the web server and create a backdoor. HTTP’s were introduced to stop this back door from happening.

Data Line Layer “responds to service requests from the network layer and issues service requests to the physical layer (N/A, 2007)”. ““The Data link layer performs the error check using the Frame Check Sequence (FCS) in the trailer and discards the frame if an error is detected (N/A, 1996-2007”. Hubs and Switches are part of this layer and are responsible for only sending data to the hosts that need them. One of the major uses at this level by companies is virtual private networks (VPN) which allows users