Loopus

Pro Content

This lesson requires Loopus Pro access. Upgrade to unlock all courses, labs, and challenges.

Network Penetration TestingNetwork Fundamentals

OSI Model & TCP/IP

20 min
theory
+30 XP

Learning Objectives

  • Understand the OSI and TCP/IP models
  • Learn how network layers interact
  • Identify security implications at each layer

OSI Model and TCP/IP

Understanding network architecture is fundamental to penetration testing. The OSI and TCP/IP models describe how data travels across networks, with each layer presenting unique security considerations and attack opportunities.

The OSI Reference Model

The Open Systems Interconnection model divides networking into seven layers from Physical at the bottom to Application at the top. Each layer encapsulates data from the layer above, adding headers and potentially trailers.

Security at Each Layer

Layer 2 (Data Link) attacks include ARP spoofing and cache poisoning, MAC address spoofing, VLAN hopping, and switch CAM table overflow.

Layer 3 (Network) attacks include IP spoofing, ICMP attacks, routing protocol attacks, and fragmentation attacks.

Layer 4 (Transport) attacks include port scanning, TCP session hijacking, SYN flooding, and UDP flooding.

Layer 7 (Application) attacks include protocol-specific vulnerabilities, authentication attacks, input validation flaws, and business logic attacks.

TCP/IP Model

The practical TCP/IP model consolidates into four layers: Application, Transport, Internet, and Network Access.

TCP vs UDP

TCP (Transmission Control Protocol) is connection-oriented with reliable delivery, ordered packets, flow control, and three-way handshake. UDP (User Datagram Protocol) is connectionless with no guaranteed delivery, preferred for speed over reliability.

Practical Implications

Understanding these models helps pentesters choose appropriate scanning techniques, identify attack surfaces at each layer, bypass security controls, and craft custom packets for exploitation.

Answer the Questions0 / 4 completed

📚 KnowledgeQuestion 1

How many layers are in OSI?

Format: *****(5 chars)
Exact match required
⌨️ Hands-OnQuestion 2

What layer routes IP packets?

Format: *******(7 chars)
Exact match required
📚 KnowledgeQuestion 3

What protocol creates a 3-way handshake?

Format: ***(3 chars)
Exact match required
⌨️ Hands-OnQuestion 4

What connectionless protocol is faster?

Format: ***(3 chars)
Exact match required
Answer all questions correctly to unlock the next lesson

Interactive Sandbox

Loading sandbox...
Answer all questions to continue