Kali/Layer 4 Attacks: Difference between revisions
From charlesreid1
(Created page with "=Transport (Layer 4) Attacks= This page covers the use of Kali to carry out attacks on layer 4. Also see Kali/Workflow. ==Review== Let's review the network stack before...") |
|||
| Line 15: | Line 15: | ||
Once you're on a network and have been assigned an IP, you can see various packets flying around the network. The routing and transport of these packets is Layer 4. Attacks that can occur on this layer occur through the use and manipulation of packet traffic. | Once you're on a network and have been assigned an IP, you can see various packets flying around the network. The routing and transport of these packets is Layer 4. Attacks that can occur on this layer occur through the use and manipulation of packet traffic. | ||
For example, suppose the goal is to create a denial of service on a computer. On the physical layer, we would create a denial of service by jamming the radio signal, or physically tampering with a network line. On the transport layer, a denial of service is created by utilizing the properties of the TCP/IP layer and how packets are dealt with. Normally, when two computers are making a connection, they perform a three-way handshake: the client sends a SYN, the server sends a SYN-ACK, and the client sends an ACK. A [[SYN Flood]] is a type of attack where a huge number of SYN requests are sent, and the client never follows up on the connection. If your server isn't configured properly, | ===Denial of Service=== | ||
For example, suppose the goal is to create a denial of service on a computer. On the physical layer, we would create a denial of service by jamming the radio signal, or physically tampering with a network line. On the transport layer, a denial of service is created by utilizing the properties of the TCP/IP layer and how packets are dealt with. | |||
Normally, when two computers are making a connection, they perform a three-way handshake: the client sends a SYN, the server sends a SYN-ACK, and the client sends an ACK. A [[SYN Flood]] is a type of attack where a huge number of SYN requests are sent, and the client never follows up on the connection. If your server isn't configured properly, each SYN packet will use up another spot in the queue, which will quickly eat up all available TCP connections, and lead to a denial of service. | |||
This attack occurs on the transport layer - it jams up the normal workings of the transport layer and interferes with the normal delivery of packets. | |||
=Flags= | =Flags= | ||
{{KaliAttackLayersFlag}} | {{KaliAttackLayersFlag}} | ||
Revision as of 09:30, 19 August 2016
Transport (Layer 4) Attacks
This page covers the use of Kali to carry out attacks on layer 4. Also see Kali/Workflow.
Review
Let's review the network stack before we launch into network layer attacks.
| Layer | Name | Function |
|---|---|---|
| 7 | Application | Topmost layer, provides users a means to access network resources (only level seen by end user) |
| 6 | Presentation | Transforms data received into a format that is readable by the application layer. Handles encryption/description for secure data |
| 5 | Session | Manages communication sessions between computers. Manages connections with other devices. Half-duplex or full duplex. |
| 4 | Transport | Provide reliable data transport services to lower layers. |
| 3 | Network | Routes data between physical networks. Handles addressing, via IP. Handles packet fragmentation and error detection. Router level. Most complex layer. |
| 2 | Data Link | Transports data across a network. Provides addressing scheme to identify physical devices, bridges, switches, MAC addresses. |
| 1 | Physical | The physical medium for the network communication signals. |
(Please Do Not Touch Steve's Pet Alligator)
(Phys Dat Net Trans Sesh Prezzy App)
Layer 4 is the Transport layer. It handles the transport of packets.
Scenario
Once you're on a network and have been assigned an IP, you can see various packets flying around the network. The routing and transport of these packets is Layer 4. Attacks that can occur on this layer occur through the use and manipulation of packet traffic.
Denial of Service
For example, suppose the goal is to create a denial of service on a computer. On the physical layer, we would create a denial of service by jamming the radio signal, or physically tampering with a network line. On the transport layer, a denial of service is created by utilizing the properties of the TCP/IP layer and how packets are dealt with.
Normally, when two computers are making a connection, they perform a three-way handshake: the client sends a SYN, the server sends a SYN-ACK, and the client sends an ACK. A SYN Flood is a type of attack where a huge number of SYN requests are sent, and the client never follows up on the connection. If your server isn't configured properly, each SYN packet will use up another spot in the queue, which will quickly eat up all available TCP connections, and lead to a denial of service.
This attack occurs on the transport layer - it jams up the normal workings of the transport layer and interferes with the normal delivery of packets.
Flags
 |
Attack Layers pages addressing attack vectors, tools, and methodologies for each layer of the network stack.
1 Physical Attacks: Kali/Layer 1 Attacks 2 Data/MAC Attacks: Kali/Layer 2 Attacks 3 Network Attacks: Kali/Layer 3 Attacks 4 Transport Attacks: Kali/Layer 4 Attacks 5 Session Attacks: Kali/Layer 5 Attacks 6 Presentation Attacks: Kali/Layer 6 Attacks 7 Application Attacks: Kali/Layer 7 Attacks
Template:MITMFlag · Template:DoSFlag · Template:MetasploitableFlag Category:Attacks · Category:Kali Attack Layers Flags · Template:KaliAttackLayersFlag · e |