Security engineering basing on gracenolan notes. part 1
From the Oscakampala open source cyber security branch.
Table of contents
Networking
what is computer networking?
- Computer networking is the practice of linking computer devices together to facilitate communication and the sharing of resources. This can be done through wired or wireless connections and can be accomplished using various protocols and technologies. Networking enables computers to share data, resources, and access such as printers and scanners. It also allows for remote access and communication, enabling users to access resources on other devices or networks. Common examples of computer networks include local area networks (LANs), wide area networks (WANs), and the internet.
Let's look at the OSI model.
The OSI (Open Systems Interconnection) model is a framework that describes how different protocols and technologies work together to enable communication in a networked environment. The OSI model consists of seven layers, each with a specific function and role in the communication process:
Physical Layer: responsible for transmitting raw data bits over a communication channel.
Data Link Layer: responsible for creating a reliable link between two devices on a network.
Network Layer: responsible for routing data packets across multiple networks.
Transport Layer: responsible for ensuring that data is delivered reliably and in the correct order.
Session Layer: responsible for establishing, maintaining, and terminating communication sessions between devices.
Presentation Layer: responsible for translating and formatting data so that it can be understood by the application layer.
N.B
Application Layer: responsible for providing a user interface and a set of protocols that applications can use to communicate over the network.
Why the OSI model?
The OSI model is useful as a reference model and helps to understand the different components and protocols that are involved in communication between devices in a networked environment.
Let's look at each layer of the OSI model...
Physical; layer 1 (Bits over fiber):
- The physical layer, also known as layer 1 in the OSI model, is the lowest and is responsible for transmitting raw data bits over a physical medium. It defines the electrical, mechanical, and functional characteristics of the interface between the networked device and the transmission medium. It defines the physical connectors, signaling, and voltage levels used to transmit data. In the case of transmitting bits over fiber, the physical layer would define the type of fiber-optic cable and the method of transmitting data over it, such as using infrared or visible light. It also defines the connector types, such as LC, SC, or ST, used to connect the devices to the cable, as well as the speed of data transfer.
Datalink; layer 2 (Error checking and frame synchronisation):
The data link layer, also known as layer 2 in the OSI model, is the second layer and is responsible for creating a reliable link between two devices on a network. It provides error checking and correction to ensure that data is transmitted accurately and also performs frame synchronization.
Error checking is done by using various techniques such as parity bit, cyclic redundancy check (CRC), or checksums, which are added to the data frames to detect errors that may have occurred during transmission. These techniques allow the receiver to detect errors and request the retransmission of the corrupted data.
Frame synchronization is the process of aligning the data frames so that the receiver can properly interpret the received data. This is done by adding special characters called start and stop bits, or by using a special protocol such as a preamble or a frame delimiter.
The data link layer also assigns logical addresses (MAC addresses) to each device on the network, which are used to identify the source and destination of each data frame. This layer also handles the flow control, which ensures that the sender does not overwhelm the receiver with too much data at once.
Overall, the data link layer provides a reliable connection between two devices on a network by detecting and correcting errors, and by properly aligning and sequencing the data frames.
Network; layer 3 (Routing):
The network layer, also known as layer 3 in the OSI model, is responsible for routing data packets across multiple networks. It is responsible for logical addressing, also known as IP addressing, and for determining the best path for data to travel from its source to its destination.
The network layer uses logical addresses, such as IP addresses, to identify devices on a network. It also uses routing protocols, such as OSPF, BGP, and RIP, to determine the best path for data to travel from its source to its destination. Routing protocols use algorithms to calculate the best path based on factors such as distance, bandwidth, and reliability.
The network layer also provides mechanisms for handling the fragmentation and reassembly of packets. Fragmentation occurs when a packet is too large to be transmitted over a particular link, and it needs to be divided into smaller packets before being sent. The network layer takes care of this process and also reassembles the packets at the destination.
The network layer also provides Quality of Service (QoS) mechanisms, which allow certain types of traffic to be given priority over others. This is important for real-time applications such as VoIP and video streaming.
Overall, the network layer provides the necessary functionality for routing data packets across multiple networks, and for ensuring that data is delivered to its destination efficiently and reliably.
Transport; layer 4 (TCP/UDP):
The transport layer, also known as layer 4 in the OSI model, is responsible for ensuring that data is delivered reliably and in the correct order. It provides logical communication between the applications running on different hosts and ensures that data is delivered error-free.
The transport layer uses two main protocols: TCP (Transmission Control Protocol) and UDP (User Datagram Protocol).
TCP is a connection-oriented protocol that establishes a reliable link between two devices before data is transmitted. It uses a three-way handshake to establish a connection and then uses flow control and error-checking mechanisms to ensure that data is transmitted accurately. TCP is used by applications that require a reliable connection, such as web browsing, file transfer, and email.
UDP, on the other hand, is a connectionless protocol that does not establish a connection before data is transmitted. It does not provide error checking or flow control, but it is faster and has less overhead than TCP. UDP is used by applications that do not require a reliable connection, such as streaming media, online gaming, and VoIP.
The transport layer also provides port numbers to identify different applications running on the same host and multiplexing and demultiplexing mechanism to ensure that the data is delivered to the right application.
Overall, the transport layer provides the necessary functionality for ensuring that data is delivered reliably and in the correct order, and for providing logical communication between the applications running on different hosts.
Application; layer 7 (and basically layers 5 & 6) (includes API, HTTP, etc):
The application layer, also known as layer 7 in the OSI model, is the highest in the network stack and is responsible for directly interacting with the application or user. It includes protocols such as HTTP, FTP, and SMTP, and is responsible for providing a user interface for interacting with the network. It also includes application programming interfaces (APIs) which allow different software applications to communicate and share resources.
The application layer is responsible for providing the necessary functionality for the applications to access the network and exchange data. It defines the syntax, semantics, and synchronization of communication and the negotiation of any authentication and privacy scheme.
HTTP, the most widely used protocol on the internet, is used for communication between web browsers and web servers, and it allows for the exchange of hypertext documents. FTP (File Transfer Protocol) is used for transferring files between computers, and SMTP (Simple Mail Transfer Protocol) is used for sending and receiving emails.
In many modern implementations, layers 5 and 6, the session and presentation layers respectively, have been subsumed into the application layer. The session layer, which was responsible for establishing, maintaining, and terminating communication sessions between devices, is now commonly included in the application layer. The presentation layer, which was responsible for translating and formatting data so that it can be understood by the application layer, is also often included in the application layer.
Overall, the application layer provides a user interface for interacting with the network and enables the communication between different software applications and the network.
That's it for today. next, we shall go through firewalls, NAT, DNS, etc...
Follow me on twitter: WarrenMu