OSI Model Overview Part 1 of 2

OSI Model Overview Part 1 of 2

OSI Model Overview Part 1 of 2 Table of Contents OSI and TCP/IP Models ................................................................................................................... 2 Why Use the OSI (or TCP/IP) Model? ............................................................................................. 4 OSI Layer Intro ................................................................................................................................ 6 OSI Layer 1 – Physical ...................................................................................................................... 7 OSI Layer 2 – Data-link .................................................................................................................... 9 OSI Layer 3 – Network .................................................................................................................. 14 Notices .......................................................................................................................................... 18 Page 1 of 18 OSI and TCP/IP Models OSI and TCP/IP Models 20 **020 Instructor: Let's get a little more abstract here. Let's talk about some models. The argument I get into with students every time is: "Well that protocol doesn't sit at that layer of the OSI model." "I know it doesn't; because OSI is a model." "Well SSL doesn't fit here." "I know it doesn't; because that's an implementation." And so I need you to step back just a little bit; just kind of let go here and say: This is theory. Now another way to deal with this theory in its implementation is to Page 2 of 18 actually kind of dig in to that protocol data unit and take a look at it. And how you do that-- I think-- the best way to do that is to go through a set of layers-- work through those layers with me here-- and then put it in action. If you're allowed to on your network, download the tool that will actually allow you to capture packets. I like Wireshark. It's a free, open source tool; and it's cross-platform capable. You have to be allowed to download it; and you also have to be able to well collect communications on your network to actually see it in action. If you can't do that and you can only download the tool, you can actually get pre-built packet captures that other people have collected and have put up on the internet. Well what is Wireshark? It is a way to look at all of the communications between hosts, with certain tools in place; and then you can inspect that individual protocol data unit and dig down inside of it and look at the actual protocols in use at what layers. So let's look at our models here. Page 3 of 18 Why Use the OSI (or TCP/IP) Model? Why Use the OSI (or TCP/IP) Model? Permit exchange of information among systems that are “open” or compliant with this standard • Reference framework to enable independent work • Definitions of security terminology • Standard descriptions of security services and mechanisms • Identify where services map to OSI model • Security management “Information may not be given to, accessed by, nor permitted to be inferred by, nor may any resource be used by those not appropriately authorized” - General Authorization Policy – ISO 7498-2 21 **021 So we've got these two different models. They allow us to abstract the communications that are going between two hosts, or maybe to many hosts, and allows us to create protocols that don't have to consider every single possibility of communication from me to you. Let's go back to mainframe days for a second. In mainframe days it was that node can talk to this node based on what rules I've laid out here. And this was a little bit of a brittle communication at that point. What we want is flexibility within our protocols. Page 4 of 18 So what we did is we said: Okay between me and you what we're going to do is we're going to abstract that communication in a bunch of different ways, in a layered fashion, that allows me to say: Well there's an improvement that I can make here without disturbing the unimproved stack on your side. So I can make improvements and optimizations for me; as long as I make sure that you understand and I follow the general rules or protocol; then you will be able to communicate with me on the other side. So a lesser client can communicate to a greater client, in a lot of cases. Now when we look at this information in the OSI and the TCP model, a lot of people get really hung up on the rules, really hung up on the terminology in here. And what I will say to you is just relax and let it wash over you a little bit. So this is a framework that is independent of the network; which is really, really nice. It allows us to define security terminology at different layers. So we can apply more rigor of security at different layers inside the OSI model when it suits the communication from me to say you; and we can add that security as we go along. Page 5 of 18 OSI Layer Intro OSI Layer Intro Defined by ISO 7498 • Also describes security mechanisms and where they fit in the model. Application Presentation Session Transport Network Data-link Physical 22 **022 So let's look at the model. Here's our model: Application, Presentation, Session, Transport, Network, Data-link and Physical layer. Sometimes these are mapped together. Page 6 of 18 OSI Layer 1 – Physical OSI Layer 1 – Physical Application • Transmits logical bits (1’s and Presentation 0’s) over a physical circuit • Electrical and physical Session specifications Transport • Devices – NICs, repeaters, Network concentrators Data-link Physical 23 **023 When we look at Layer 1, we are talking about electronic signals, shapes; and at this point the data is just 1s and 0s, electronic signals. It's on or it's off. Physical connector. What is the shape of the thing that you plug into the wall? Is it RJ45 or is it RJ11? Is it a BNC connector? The physical shape and characteristics of it are described at the Physical layer. One other Physical layer attribute that we might want to talk about is wiring schemes. So when we're talking about an eight cable- an eight connector Ethernet cable, is that Page 7 of 18 EIA/TIA specification? And I won't use the numbers here; but it could be we'll set it up one way or we'll set it up another way. By the way, in that communication between us, if we do it correctly and we wire all of our jacks the same, then we'll have communication. If we wire them to the other standard, we'll actually create what's called a crossover cable between two devices. So let's go back to our introduction to the course; and how could you be evil at this point? What could you do at the Physical layer? Well you could inject noise onto the channel if you wanted to. You could cut the cable. You could- you could listen in and capture that information. And so at the Physical layer we have to put in physical protection mechanisms. Page 8 of 18 OSI Layer 2 – Data-link OSI Layer 2 – Data-link Application • Physical addressing, error Presentation detection and reliable data transfer Session • LLC – link-layer control, Transport governs sequence numbers and acknowledgements Network • MAC – media-access control, Data-link governs data transfer and Physical collision handling • Devices – ATM, switches, bridges • Protocols: PPP, ARP 24 **024 As we go up a layer to the Data-link layer, now what we're doing is we're starting to abstract things. The Data-link layer-- remember, it knows nothing about the Physical layer except for I expect when this signal comes across that it is correct for what we're doing. Now this layer breaks into two sub- layers: the logical link control and the media-access control. When we talk about logical link control, this is sequence numbers and acknowledgements at a Layer 2 level. This is setting up so that we can transmit back and forth between Page 9 of 18 each other. Don't confuse that with the Network or the Transport layer. But we govern the sequence that we've received the bits and we can keep on signaling. More importantly at this layer is our address space; which is covered by the sub-layer media-access control. It governs the data transfers and the collision handling. How does it do that? Well when we talk about a MAC address, it is six pairs of hex that are uniquely tied to a particular node on that network. When we communicate to the rest of the nodes on that network in that what's called broadcast domain, what we will do is we will say; This is my MAC address; I'm looking for you. So I want to communicate directly for you- to you. On this broadcast domain that everybody else hears, you know that I'm only talking to you; and the rest of you should- don't pay any attention to this. That's what it boils down to. What happens if I don't know who you are; and I say: I'm looking for Steve? Everybody has to listen and say: Hum I'm not Steve. But Steve will raise his hand and go: Hi I'm Steve. Ah okay. Let's have a communication here. How do I communicate to everyone? When I broadcast to everyone looking for Steve, what I do is I Page 10 of 18 change the address of who I'm looking for to all f's in all of those hexadecimal representations. And thereby everybody on that piece of broadcast domain will pick up that signal; and they'll look at it and they'll say: This is destined for everybody? Well I'm everybody.

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    18 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us