Application Layer Protocols and Known Security Issues

Description

The application layer contains a variety of protocols that are commonly needed by users. One widely used application protocol is HTTP (HyperText Transfer Protocol), which is the basis for the World Wide Web. When a browser wants a Web page, it sends the name of the page it wants to the server hosting the page using HTTP. The server then sends the page back. Other application protocols are used for file transfer, electronic mail, and network news.

Network Data Unit

Data

Main Security Issues

  • Remote Code Execution
  • Command Spoofing
  • Process Hijacking
  • Lateral Movement
  • DDoS/DoS
  • CVE Vulnerabilities
  • Command Injection
  • File Includes
  • Local File Read/Write
  • Privilege Escalation
  • Host Takeover

Protocol Examples

Application Layer OpSec

This is quite in-depth and will be posted in a special blog on securing later 7.