OSI 7 Layers

Open Systems Interconnection (OSI) model describes seven layers that computer systems sue to communicate over a network. The modern Internet is no longer based on OSI, but on the simpler TCP/IP model.

However, the OSI 7-layer model is still widely used because it helps visualize and communicate how networs operate, and helps isolate and troubleshoot networking problems.

The 7 OSI layers are:

  1. Physical Layer: Transmits raw bit stream over the physical medium
  2. Data Link Layer: Defines the format of data on the network
  3. Network Layer: Decides which physical path the data will take
  4. Transport Layer: Transmits data using transmission protocols including TCP and UDP
  5. Session Layer: Maintains connections and is responsible for controlling ports and sessions
  6. Presentation Layer: Ensures that data is in a usable format and is where data encryption occurs
  7. Application Layer: Human-computer interaction layer, where applications can access the network services

Wireshark

Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, the project was renamed Wireshark in May 2006 due to trademark issues.

Layer 1 (Physical Layer)

The physical layer is responsible for the physical cable or wireless connection between network nodes. It defines the connector, the electrical cable or wireless technology connecting the devices, and is responsible for transmission of the raw data, which is simply a series of 0s and 1s, while taking care of bit rate control.

LAN

Local Area Network (LAN) is a computer network that interconnects computers within a limited area such as a residence, school, laboratory, university campus or office building.

WAN

Wide area network (WAN) is a telecommunications network that extends over a large geographic area.

UTP

Unshielded Twisted Pair (UTP) is an unshielded twisted pair cable used in computer and telecommunications mediums. Its frequency range is suitable for transmitting both data and voice via a UTP cable. Therefore, it is widely used in the telephone, computers, etc. It is a pair of insulated copper wires twisted together to reduce noise generated by external interference. It is a wire with no additional shielding, like aluminium foil, to protect its data from the exterior.

Advantages of UTP

  1. It is cheap.
  2. It is designed to reduce crosstalk, RFI, and EMI.
  3. Its size is small, making its installation easier
  4. It is useful for short-distance network connections like home and small organizations.
  5. It is the most commonly used networking cable in the market. It is also known as faster copper-based data transmission cable.
  6. It is suitable for transmitting both data and voice via UTP cable.

Disadvantages of UTP

  1. It can only be used in length segment up to 100 meters.
  2. It has limited bandwidth for transmitting the data.
  3. It does not provide a secure connection for data transmitting over the network.

STP

Shielded Twisted Pair (STP) is a type of twisted pair cable that contains an extra wrapping foil or copper braid jacket to protect the cable from defects like cuts, losing bandwidth, noise, and signal to the interference. It is a cable that is usually used underground, and therefore it is costly than UTP. It supports the higher data transmission rates across the long distance. We can also say it is a cable with metal sheath or coating that surround each pair of the insulated conductor to protect the wire from external users and prevent electromagnetic noise from penetrating.

Advantages of STP

  1. It has lower noise and attenuation than UTP.
  2. It is shielded with a plastic cover that protects the STP cable from a harsh environment and increases the data transmission rate.
  3. It redues the chances of crosstalk and protects from external interference.
  4. A modular connection helps to terminate the connection of the STP cable.

Disadvantages of STP

  1. It is the most expensive wire from UTP cables.
  2. It requires more maintenance to reduce the loss of data signals.
  3. There is no segnment improvement in length despite its thick and heavier connection.
  4. It is used only as a grounded wire.

Layer 2 (Data Link Layer)

The data link layer establishes and terminates a connection between two physically-connected nodes on a network. It breaks up packets into frames and sends them from source to destination. This layer is composed of two parts—Logical Link Control (LLC), which identifies network protocols, performs error checking and synchronizes frames, and Media Access Control (MAC) which uses MAC addresses to connect devices and define permissions to transmit and receive data.

Ethernet

A family of wired computer networking technologies commonly used in local area networks (LAN), metropolitan area networks (MAN), and wide area networks (WAN). Ethernet is used to connect devices in a network and is still a popular form of network connection. Ethernet is used for its high speed, security and reliability. Its un-wired counterpart is Wi-Fi.

Advantages of Ethernet

  1. Relatively low cost
  2. Backward compatibility
  3. Generally resistant to noise
  4. Good data transfer quality
  5. Speed
  6. Reliability
  7. Data security, as common firewalls can be used

Disadvantages of Ethernet

  1. Intended for smaller, shorter distance networks
  2. Limited mobility
  3. Use of longer cables can create crosstalk
  4. Doesn't work well with real-time or interactive applications
  5. Speeds decrease with increased traffic
  6. Receivers don't acknowledge the reception of data packets
  7. Troubleshooting is hard when trying to trace which specific cable or node is causing the issue

NIC

Network Interface Card (NIC) is a hardware component without which a computer cannot be connected over a network. It is a circuit board installed in a computer that provides a dedicated network connection to the computer. It is also called network interface controller, network adapter or LAN adapter.

Purposes of NICs

  1. NIC allows both wired and wireless communications.
  2. NIC allows communications between computers connected via local area network (LAN) as well as communications over large-scale network through Internet Protocol (IP).
  3. NIC is both a physical layer and a data link layer device.

PCle

Peripheral Component Interconnect express (PCIe) is based on point-to-point topology, a PCIe bus supports full-duplex communication between points and the system is not limited to the slowest peripheral on the bus in the same way it is with PCI. The PCIe link between devices can use 1-32 lanes.

SATA

Serial AT Attachment (SATA) is a computer bus interface that connects host bus adapters to mass storage devices such as hard disk drives, optical drives, and solid-state drives. Serial ATA succeeded the earlier Parallel ATA (PATA) standard to become the predominant interface for storage devices.

Layer 3 (Network Layer)

The network layer has two main functions. One is breaking up segments into network packets, and reassembling the packets on the receiving end. The other is routing packets by discovering the best path across a physical network. The network layer uses network addresses (typically Internet Protocol addresses) to route packets to a destination node.

IP

An Internet Protocol address (IP address) is a numerical label such as 192.0.2.1 that is connected to a computer network that uses the Internet Protocol for communication. An IP address serves two main functions: network interface identification and location addressing.

Internet Protocol version 4 (IPv4) defines an IP address as a 32-bit (4-byte) number consisting of two parts: one part identifying the domain (network address), and another that identifying the particular machine within the domain (host address).

routing

Routing is the process of selecting a path across one or more networks. The principles of routing can apply to any type of network, from telephone networks to public transportation. In packet-switching networks, such as the Internet, routing selects the paths for Internet Protocol (IP) packets to travel from their origin to their destination. These Internet routing decisions are made by specialized pieces of network hardware called routers.

ICMP

ICMP is a network level protocol. ICMP messages communicate information about network connectivity issues back to the source of the compromised transmission. It sends control messages such as destination network unreachable, source route failed, and source quench. It uses a data packet structure with an 8-byte header and variable-size data section.

ICMP is used by a device, like a router, to communicate with the source of a data packet about transmission issues. For example, if a datagram is not delivered, ICMP might report this back to the host with details to help discern where the transmission went wrong. It's a protocol that believes in direct communication in the workplace.

Layer 4 (Transport Layer)

The transport layer takes data transferred in the session layer and breaks it into “segments” on the transmitting end. It is responsible for reassembling the segments on the receiving end, turning it back into data that can be used by the session layer. The transport layer carries out flow control, sending data at a rate that matches the connection speed of the receiving device, and error control, checking if data was received incorrectly and if not, requesting it again.

Port

Ports are virtual places within an operating system where network connections start and end. They help computers sort the network traffic they receive.

Most Commonly Used Ports

Ports 20 and 21: File Transfer Protocol (FTP). FTP is for transferring files between a client and a server.

Port 22: Secure Shell (SSH). SSH is one of many tunneling protocols that create secure network connections.

Port 25: Historically, Simple Mail Transfer Protocol (SMTP). SMTP is used for email.

Port 53: Domain Name System (DNS). DNS is an essential process for the modern Internet; it matches human-readable domain names to machine-readable IP addresses, enabling users to load websites and applications without memorizing a long list of IP addresses.

Port 80: Hypertext Transfer Protocol (HTTP). HTTP is the protocol that makes the World Wide Web possible.

Port 123: Network Time Protocol (NTP). NTP allows computer clocks to sync with each other, a process that is essential for encryption.

Port 179: Border Gateway Protocol (BGP). BGP is essential for establishing efficient routes between the large networks that make up the Internet (these large networks are called autonomous systems). Autonomous systems use BGP to broadcast which IP addresses they control.

Port 443: HTTP Secure (HTTPS). HTTPS is the secure and encrypted version of HTTP. All HTTPS web traffic goes to port 443. Network services that use HTTPS for encryption, such as DNS over HTTPS, also connect at this port.

Port 500: Internet Security Association and Key Management Protocol (ISAKMP), which is part of the process of setting up secure IPsec connections.

Port 587: Modern, secure SMTP that uses encryption.

Port 3389: Remote Desktop Protocol (RDP). RDP enables users to remotely connect to their desktop computers from another device.

iptables

iptables is a command line utility for configuring Linux kernel firewall implemented within the Netfilter project. The term iptables is also commonly used to refer to this kernel-level firewall. It can be configured directly with iptables, or by using one of the many console and graphical front-ends. iptables is used for IPv4 and ip6tables is used for IPv6. Both iptables and ip6tables have the same syntax, but some options are specific to either IPv4 or IPv6.

TCP

Transmission Control Protocol (TCP) is connection-oriented, meaning once a connection has been established, data can be transmitted in two directions. TCP has built-in systems to check for errors and to guarantee data will be delivered in the order it was sent, making it the perfect protocol for transferring information like still images, data files, and web pages.

While TCP is instinctively reliable, its feedback mechanisms also result in a larger overhead, translating to greater use of the available badwidth on your network.

UDP

User Datagram Protocol (UDP) is a simpler, connectionless Internet protocol wherein error-checking and recovery services are not required. With UDP, there is no overhead for opening a connection, maintaining a connection, or terminating a connection; data is continuously sent to the recipient, whether or not they receive it.

Although UDP isn’t ideal for sending an email, viewing a webpage, or downloading a file, it is largely preferred for real-time communications like broadcast or multitask network transmission.

Layer 7 (Application Layer)

The application layer is used by end-user software such as web browsers and email clients. It provides protocols that allow software to send and receive information and present meaningful data to users. A few examples of application layer protocols are the Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Post Office Protocol (POP), Simple Mail Transfer Protocol (SMTP), and Domain Name System (DNS).

HTTP

Hypertext Transfer Protocol (HTTP) is an application layer protocol

SSH

SSH is a software package that enables secure system administration and file transfers over insecure networks. It is used in nearly every data center and in every large enterprise. The SSH protocol uses encryption to secure the connection between a client and a server. All user authentication, commands, output, and file transfers are encrypted to protect against attacks in the network.

Telnet

Teletype network (Telnet) is a type of protocol that enables one computer to connect to the local computer. It is used as a standard TCP/IP protocol for virtual terminal service which is provided by ISO. The computer which starts the connection is known as the local computer. The computer which is being connected to i.e. which accepts the connection is known as the remote computer.

During telnet operation, whatever is being performed on the remote computer will be displayed by the local computer. Telnet operates on a client/server principle. The local computer uses a telnet client program and the remote computers use a telnet server program.

HTTPS

Hypertext transfer protocol secure (HTTPS) is the secure version of HTTP, which is the primary protocol used to send data between a web browser and a website. HTTPS is encrypted in order to increase security of data transfer. This is particularly important when users transmit sensitive data, such as by logging into a bank account, email service, or health insurance provider.

Any website, especially those that require login credentials, should use HTTPS. In modern web browsers such as Chrome, websites that do not use HTTPS are marked differently than those that are. Look for a padlock in the URL bar to signify the webpage is secure. Web browsers take HTTPS seriously; Google Chrome and other browsers flag all non-HTTPS websites as not secure.

DHCP

Dynamic Host Configuration Protocol (DHCP) is a network management protocol that automatically assigns IP addresses and other communication parameters to devices connected to a network. For example, a router usually acts as a DHCP server in most home networks. It assigns IP addresses to your devices. Implementing this protocol saves time and prevents human errors.

0개의 댓글