In Chapter 2, “How Hackers Hack,” the various ways attackers try to exploit a computing device were discussed. These included physical attacks, zero‐days, unpatched software, social engineering, password issues, eavesdropping/man‐in‐the‐middle attacks, data leaks, misconfiguration, denial‐of‐service, user errors, and malware. All of these attacks can be accomplished on either the computing device itself or the network connecting to the computing device.
Network attacks can be anywhere along the Open Systems Interconnection (OSI) model (
https://en.wikipedia.org/wiki/OSI_model). The OSI model is a very commonly known and used construct showing the different layers of interconnection along a network and to a networked computing device. The OSI model has seven abstraction layers:
All layers could be applied to a network and its controlling devices (because network devices run applications, too), although many could be applied directly on the computing device as well. A physical attack could be any scenario where a network or network equipment is physically accessed, damaged, or stolen. The Data‐Link layer often applies to Ethernet bridges, network switches, and protocols and standards at those layers like a device’s MAC Address (
https://en.wikipedia.org/wiki/MAC_address). The Network layer refers to routing. The Transport and Session layers refer to upper layer protocols, ...