Outline Objective OSI Model TCP/IP Model Encapsulation TCP Header 3-way Handshake IP Addressing SMTP FTP HTTP DNS Summary List of References
Objective To provide background on the OSI Model, the TCP/IP Model and several frequently used protocols.
OSI Model The Open Systems Interconnection Basic Reference Model (OSI Reference Model or OSI Model or OSI Seven Layer Model) is a layered, abstract description for communications and computer network protocol design It describes how information from a software application in one computer moves through a network medium to a software application in another computer. It is a conceptual model composed of seven layers, each specifying particular network functions.
OSI Model http://www.ictp.trieste.it/~radionet/1998_school/networking_presentation/page6.html
OSI Model Layer 7: Application Layer interfaces directly to and performs common application services for the application processes, issues requests to the presentation layer and provides services to user-defined application processes, and not to the end user. Layer 6: Presentation Layer transforms the data to provide a standard interface for the Application layer. Layer 5: Session Layer controls the connections/sessions between computers. It establishes, manages and terminates the connections between the local and remote application. http://en.wikipedia.org/wiki/OSI_Model
OSI Model Layer 4: Transport Layer provides transparent transfer of data between end users, providing reliable data transfer services to the upper layers. The transport layer controls the reliability of a given link through flow control, segmentation/desegmentation, and error control. Layer 3: Network Layer provides the means of transferring variable length data sequences from a source to a destination via one or more networks while maintaining the quality of service requested by the Transport layer. This layer performs network routing functions, and might also perform fragmentation and reassembly, and report delivery errors. Routers operate at this layer. http://en.wikipedia.org/wiki/OSI_Model
OSI Model Layer 2: Data Link Layer provides the functional and procedural means to transfer data between network entities and to detect and possibly correct errors that may occur in the Physical layer. The best known example of this is Ethernet. This is the layer at which the bridges and switches operate. Layer 1: Physical Layer defines all the electrical and physical specifications for devices such as the layout of pins, voltages, and cable specifications. Hubs, repeaters, and network adapters are physical-layer devices. http://en.wikipedia.org/wiki/OSI_Model
TCP/IP Model TCP/IP Model is a layered abstract description for communications and computer network protocol design. It has fewer, less rigidly defined layers than the commonly referenced OSI model, and thus provides an easier fit for real-world protocols. Layer 4 – Process Layer or Application Layer Layer 3 – Host-to-Host (Transport) Layer Layer 2 – Internet or Internetworking Layer Layer 1 – Network Access Layer http://en.wikipedia.org/wiki/TCP/IP_model
TCP Header 0 15 16 31 16 Bit Source Port Number 16 Bit Destination Port Number 32 Bit Sequence Number 32 Bit Acknowledgement Number 20 Bytes 4 Bit Header Length 6 Bits Reserved U R G A C K PSH R S T S Y N F I N 16 Bit Window Size 16 Bit TCP Checksum 16 Bit Urgent Pointer Options (if any) Data (if any)
3-way Handshake Most communications is handled using TCP. TCP is reliable: Acknowledgements indicate delivery of data. Checksums are used to detect corrupted data. Sequence numbers detect missing, or mis-sequenced data. Corrupted data is retransmitted after a timeout. Mis-sequenced data is re-sequenced. Flow control prevents over-run of receiver. TCP uses congestion control to share network capacity among users. TCP is connection-oriented. 3-way handshake used for connection setup/teardown.
3-way Handshake (Active) Client (Passive) Server Fin (Data +) Ack Fin Ack Connection Close/Teardown (Active) Client (Passive) Server Syn Syn + Ack Ack Connection Setup
3-way Handshake SYN ACK Server SYN | ACK Client 1: Send SYN seq=x 2: Send SYN seq=y, ACK x+1 3: Send ACK y+1
IP Addressing An IP (Internet Protocol) address is a unique address that electronic devices use in order to identify and communicate with each other on a computer network. It can be thought of as the equivalent of a street address or a phone number for a computer or other network device on the Internet. Participating network devices—including routers, computers, time-servers, printers, Internet fax machines, and some telephones—can have their own unique address. IP Version 4 (IPv4) uses 32-bit (4 byte) addresses, which limits the address space to 4,294,967,296 (232) possible unique addresses. IPv4 Example: 127.0.0.1 IPv4 address shortage has helped stimulate the push towards IPv6, which is currently in the early stages of deployment and will replace IPv4 with IPv6. http://en.wikipedia.org/wiki/IP_addressing
IP Addressing IPv6 addresses are 128 bits (16 bytes) wide, which, should suffice for the foreseeable future. In theory, there would be roughly 3.403 × 1038 unique host interface addresses. Based upon this design, there will exist "roughly 5,000 addresses for every square micrometer of the Earth's surface". This enormous magnitude of available IP addresses will be sufficiently large for the indefinite future, even though mobile phones, cars and all types of personal devices are coming to rely on the Internet for everyday purposes. IPv6 Example: 2001:0db8:85a3:08d3:1319:8a2e:0370:7334 http://en.wikipedia.org/wiki/IP_addressing
SMTP Simple Mail Transfer Protocol (SMTP) is a simple, text-based protocol, where one or more recipients of a message are specified and then the message text is transferred. It is a client-server protocol, where the client transmits an email message to the server. An email client knows the outgoing mail SMTP server from its configuration. The server typically determines which SMTP server to connect to by looking up the record for each recipient's domain name, the part of the email address to the right of the at sign (@). The SMTP client initiates a TCP connection to server's port 25. SMTP is a "push" protocol that does not allow one to "pull" messages from a remote server on demand. To do this a mail client must use POP3 or IMAP.
FTP File Transfer Protocol (FTP) was a commonly used protocol for exchanging files over any network that supports the TCP/IP protocol (such as the Internet or an intranet). FTP employs two computers in an FTP transfer: a server and a client. The FTP server, running FTP server software, listens on the network for connection requests from other computers. The client computer, running FTP client software, initiates a connection to the server. Once connected, the client could manipulate files such as uploading/downloading files to/from the server, renaming or deleting files on the server, etc.. HTTP has begun to dominate in these kinds of applications. http://en.wikipedia.org/wiki/FTP
HTTP Hypertext Transfer Protocol (HTTP) is a communications protocol used to transfer or convey information on the World Wide Web. HTTP is a request/response protocol between clients and servers. The originating client, such as a web browser is referred to as the user agent. The destination server, which stores or creates resources such as HTML files and images, is called the origin server. An HTTP client initiates a request by establishing a Transmission Control Protocol (TCP) connection to a particular port on a remote host (port 80 by default. An HTTP server listening on that port waits for the client to send a request message. Upon receiving the request, the server sends back a status line, such as "HTTP/1.1 200 OK", and a message of its own, the body of which is perhaps the requested file, an error message, or some other information. http://en.wikipedia.org/wiki/HTTP
HTTP HTTP can be made secure through the use of encryption Using HTTPS indicates that HTTP is to be used, but with a different default TCP port (443) and an additional encryption/authentication layer, Secure Sockets Layer (SSL) or Transport Layer Security (TLS), between the HTTP and TCP. http://en.wikipedia.org/wiki/HTTPS http://www.sportop.com/ClothingPrograms/ordering-faqs.cfm
DNS Domain Name System (DNS) associates information with so-called domain names; most importantly, it serves as the "phone book" for the Internet: it translates human-readable computer hostnames, e.g. www.wikipedia.org, into the IP addresses that networking equipment needs for delivering information. For example, if you want to know the internet address of www.wikipedia.org, DNS can be used to tell you it's 22.214.171.124. DNS distributes the responsibility for assigning domain names and mapping them to IP networks by allowing an authoritative server for each domain to keep track of its own changes, avoiding the need for a central registrar to be continually consulted and updated. Each domain or subdomain has one or more authoritative DNS servers that publish information about that domain and the name servers of any domains "beneath" it. http://en.wikipedia.org/wiki/DNS
Summary This section has tried to provide background on the OSI Model, the TCP/IP Model and several frequently used protocols.
List of References http://www.ictp.trieste.it/~radionet/1998_school/networking_presentation/page6.html http://en.wikipedia.org/wiki/OSI_Model http://en.wikipedia.org/wiki/TCP/IP_model http://www.cgisecurity.com/lib/bill/encapsulation.gif http://www.cisco.com/univercd/cc/td/doc/product/iaabu/centri4/user/scf4ap1.htm http://www.visi.com/~mjb/Drawings/TCP_Header.pdf http://en.wikipedia.org/wiki/IP_addressing http://en.wikipedia.org/wiki/SMTP http://en.wikipedia.org/wiki/Telnet http://en.wikipedia.org/wiki/FTP http://en.wikipedia.org/wiki/HTTP http://computer.howstuffworks.com/web-server1.htm http://en.wikipedia.org/wiki/HTTPS http://www.sportop.com/ClothingPrograms/ordering-faqs.cfm http://en.wikipedia.org/wiki/Transport_Layer_Security http://en.wikipedia.org/wiki/DNS http://www.comptechdoc.org/independent/networking/guide/dns.gif http://www.theshulers.com/whitepapers/internet_whitepaper/index.html#http CyberPatriot wants to thank and acknowledge the CyberWatch program which developed the original version of these slides and who has graciously allowed their use for training in this competition.