๐ NETWORK SECURITY โ OSI Layer 1โ8
OSI Model (Layer 1โ7) + Layer 8 tidak resmi yang justru paling sering jebol. Setiap layer punya threat, defender, dan attacker masing-masing. Satu serangan bisa menembus satu layer dan cascade ke layer lain.
Cara Baca
Layer 1 = paling fisik (kabel). Layer 7 = paling abstrak (aplikasi). Layer 8 = manusia. Kolom Blue Team = pertahanan. Kolom Red Team = serangan. Baca dari bawah ke atas untuk memahami attack surface secara sistematis.
Tabel Threat per OSI Layer
| OSI Layer | Nama Layer | โฃ๏ธ Threat yang Bersarang | ๐ต Blue Team (Defender) | ๐ด Red Team (Attacker) |
|---|---|---|---|---|
| Layer 1 | Physical | Tap kabel fisik, hardware keylogger, evil maid attack, rogue device ditempel ke switch | Physical security, tamper-evident seal, port lock USB, CCTV rack server | LAN Tap (Throwing Star), USB Rubber Ducky, O.MG Cable |
| Layer 2 | Data Link | ARP Poisoning, MAC Spoofing, VLAN Hopping, rogue switch | 802.1X NAC, Dynamic ARP Inspection (DAI), port security, private VLAN | Ettercap, Bettercap, Yersinia (VLAN attack) |
| Layer 3 | Network | IP Spoofing, BGP Hijack, ICMP Tunnel (data exfil lewat ping), route poisoning | Firewall stateful, BCP38 ingress filtering, BGP route filtering (RPKI) | Scapy, BGP hijack nation-state (China Telecom incidents), iodine (DNS tunnel) |
| Layer 4 | Transport | TCP SYN Flood, port scanning, session hijacking, UDP amplification DDoS | IPS/IDS (Suricata, Snort), rate limiting, SYN Cookie, Anycast DDoS mitigation | Nmap, Masscan, hping3, Mirai botnet |
| Layer 5โ6 | Session / Presentation | SSL Stripping, TLS Downgrade Attack, rogue certificate, cert pinning bypass | HSTS Preload, certificate pinning, TLS 1.3 enforcement, CT log monitoring | SSLstrip2, MITM frameworks, Burp Suite (cert spoof) |
| Layer 7 | Application | SQLi, XSS, RCE, API abuse, SSRF, deserialisasi berbahaya, Log4Shell | WAF (ModSecurity, Cloudflare), SAST/DAST, bug bounty, patch management | Burp Suite Pro, SQLmap, Nuclei, ffuf, exploit-db |
| โ ๏ธ Layer 8 | Human (tidak resmi) | Phishing, Spear Phishing, Vishing, Pretexting, BEC (Business Email Compromise) | Security awareness training, MFA wajib, anti-phishing gateway (Proofpoint), simulasi phishing internal | GoPhish, Social Engineering Toolkit (SET), OSINT (Maltego, SpiderFoot) |
Layer 8 adalah Layer Paling Berbahaya
Tidak ada firewall yang bisa memblokir manusia yang sudah ditipu. Social engineering melewati semua kontrol teknis di Layer 1โ7 sekaligus.
Peta Posisi Threat โ Network
Layer 1 โ Physical โ Tap kabel, rogue device
Layer 2 โ Data Link โ ARP Poison, VLAN Hop
Layer 3 โ Network โ IP Spoof, BGP Hijack
Layer 4 โ Transport โ SYN Flood, DDoS
Layer 5-6โ Session/Present. โ SSL Strip, TLS Downgrade
Layer 7 โ Application โ SQLi, XSS, RCE, Log4Shell
Layer 8 โ โ MANUSIA DI SINI โ Phishing bypass semua layer di atas
๐ Lihat Juga
- Master Index
- Endpoint Security โ CPU Ring & Boot Chain Threat
- Data Recovery โ Partition & Data Recovery Level 0โ7
- OSINT & RF Hierarchy โ OSINT & RF yang melintas di atas jaringan
- Infrastruktur Cloud โ Cloud networking & Zero Trust
- Kriptografi & Biometrik โ Enkripsi yang melindungi Layer 5โ7
- Search Hierarchy โ Information Access via jaringan
Network Security | OSI Layer 1โ8 ยท Blue Team vs Red Team per Layer