Network layering models
OSI - reference model - structured into 7 layers and TCP/IP or Department of Defense model - structured into 4 layers. Encapsulation is common to both - layers isolated on a technical level and operate independently
OSI - defined in 1984 Open System Interconnect ISO/IEC 7498-1. Latest revision 1994
Application Layer Presentation Layer Session Layer Transport Layer Network Layer Data Link Layer Physical Layer
OSI - Physical Layer - Layer 1
describes the networking hardware - such as electrical signals and bits and bytes such as network interfaces and cabling. Repeaters for communication trnsfer devices at this layer.
OSI - The Data-Link Layer - Layer 2
describes data transfer between machines, for instance by an Ethernet - prepares the packet it receives form the network layer to be transmitted as frames on the network, detects errorrs in frames, converts higher layers into bits. Has two sub layers - logical link control (LLC) - manages connections between peers; - Medai Access Control (MAC) - transmits and recieves frames between peers. Moves data to the next physically connected device. SLIP, CSLIP, PPP at this layer.
OSI - Network Layer - Layer 3
describes data transfer between machines for instance by the Internet Protocol (IP) - moves information between two hosts that are not physically connected. Uses logical addressing - Internet Protocol (IP) is the most important network layer protocol. IP uses the destination IP address to transmit packets thorugh networks - Addressing. Fragmentation - IP will subdivide a packet if its size is greater than the maximum size allowed. routers used as this layer, does not guarantee error free delivery. ICMP and IGMP at this layer. Single unit of IP data is a datagram.
OSI - Transport Lyer - Layer 4
describes data transfer between applications, flow control, and error detectection and correction for instance by TCP - end to end transport between hosts. User Datagram Protocol (UDP) and Transmission Control Protocol (TCP) are important transport layer protocols. TCP provides error free transmission. Does not provide confidentiality. Unit of TCP data is a segment. Controls rate of packet transfers. End to End.
OSI- Session Layer - Layer 5
describes the handshake between applications, for instance authentication process - logical persistent connection between peer hosts - responsible for creating, maintaining, and tearing down the session. Full duplex - both host can exchange info simulateneously and independent; Half Duplex - hosts can exchange information but only one host at a time; Simplex only one host can send information to its peer. Information travels in one direction only. With Presentation layer can provide end to end security
OSI - Presentation Layer - Layer 6
describes the presentation of information, such as ASCII syntax - assures peer applications use a common format to represent data. Services: data conversion, character code translation, compresion, encryption and decryption. Two sublayer components: CASE - provides and request services; SASE - application specific services. With Session layer can provide end to end security
OSI - Application Layer - Layer 7
describes the structure, interpretation, and handling of information. In security terms it is relevant because it relies on all underlying layers. From the point of view of the (ISC)2 Common Body of Knowledge, the application layer is covered in the Operations section. Portal to Network based Services - determining the identity and availability of remote applications. HTTP, FTP, SMTP. Provides non-repudiation services - integrity of data
RIP in Layer 3
Routing information Protocol - uses only hop counts to determine routing metric
OSPF in layer 3
Open shortest path first - require large amounts of CPU power and memory
Border Gateway Protocol in Layer 3 (BGP)
allow fully decentralized routing - exchanges routing information between gateway hosts
ICMP in layer 3
Internet Control Message Protocol - means to send error messages and to probe network at Network layer.
client sends a SYN segment, server sends an ACL and a SYN, client sends an ACK. Stateful packet filter.
TCP/IP Reference Model
Link Layer, network layer, transport layer, application layer
physical communication and routing - covers OSI 1&2
Covers OSI layer 3
covers OSI layer 4
Covers OSI layers 5,6,7
four octets; two parts network number and the host. Network number assigned by ICANN. Host represents the network interface within the network. Range of 0 -255
Class of IP Addresses for Network number
Class A - 1-127 (1 octet) Class B - 128-191 (2 octets) Class C- 192-223 (3 octets) Class D - 224-239 (multicast) Class E - 240-155 (Reserved)
Class A - Computer's loop back address
127.0.0.0 - troubleshooting at machine level
Modernization of IPV4 (32 bits). IPV6 is 128 bits and supports two hosts
TCP and UDP
map data connections through the association of port numbers managed by Internet Assigned Numbers Authority (IANA). 65,536 (216) ports exist. Port number length of 16. TCP connection oriented. UDP is not.
Well known ports
0 through 1023 - used by privileged processes and users
1024-49151 - can be registered with IANA by application developers but are not assigned by them - users may not have privileges to run an application on a well-known port
Dynamic or Private Ports
49152 -65535 can be freely used by applications; one typical use for these ports is initiation of return connections for requested data or services.
User Datagram Protocol
UDP - lightweight service for connectionless data transfer without error detection and correction - easy prey to spoofing techniques.
Real-time protocol (RTP) and real-time control protocol (RTCP)
MBone - RFC 2960
Multicasting protocol, reliable UDP and Stream control transmission protocol (SCTP)