From charlesreid1

Session (Layer 5) Attacks


Review: Layer 5 is the session layer, which sits above the transport and network layers. The transport and network layers cover how pieces of a conversation are delivered; the session layer handles the overall conversation.

NetworkStack  · e

Layer Name Function
7 Application Topmost layer, provides users a means to access network resources (only level seen by end user)
6 Presentation Transforms data received into a format that is readable by the application layer. Handles encryption/description for secure data
5 Session Manages communication sessions between computers. Manages connections with other devices. Half-duplex or full duplex.
4 Transport Provide reliable data transport services to lower layers.
3 Network Routes data between physical networks. Handles addressing, via IP. Handles packet fragmentation and error detection. Router level. Most complex layer.
2 Data Link Transports data across a network. Provides addressing scheme to identify physical devices, bridges, switches, MAC addresses.
1 Physical The physical medium for the network communication signals.

(Please Do Not Touch Steve's Pet Alligator)


The scenario for a Layer 5 Session attack is if you are on the same network as a sheep, and you wish to interfere somehow with that particular conversation.

Session Hijacking

Session hijacking involves an attacker taking control of an ongoing session between two nodes. This is possible because authentication happens only at the start of a conversation. Thus an attacker masquerades as an end node of the session and hijacks the session.