The OSI Seven-Layer Model
The OSI protocol was introduced to help standardize networks in a way that allowed multinetwork systems to communicate. before this devices from one vendor couldn’t communicate with another. For example, Microsoft users could not communicate with Mac users. The OSI model is like a reference or guideline to understand what the communication process includes. (Eli The computer guy, 2010) The OSI seven-layer model is a tool used to characterize and standardize the functions of each layer of network communication systems. It shows the division of communication functions used by two or more host on seven specific layers. Below is a list of the seven layers and examples of the protocol for each of the layers.
Layer 7: The application layer: This layer holds the application and software that the user actually interacts with the information on. This layer takes first place in its priority level over the other layers. Some examples of applications included in this layer are Firefox, internet explorer, Safari, Chrome, and Outlook. (CISCO , 2000) .
· Protocols: Examples of protocols for this layer include HTTP (Hyper Text Transfer Protocol). HTTP is used mainly for Web pages and programs. Another example of a protocol is DNS protocols (Global Knowledge , 2006). DNS protocol converts fully qualifies domain names into IP addresses as well as IP addresses to fully qualifies domain names (Global Knowledge , 2006)
Layer 6: The Presentation layer: This is the layer that the operating system is on. The application layer is the layer responsible for sending information down to the presentation layer (CISCO , 2000).
· Protocols: Examples of protocols used for this layer include FTP (File Transfer Protocol). This protocol is responsible for direct host to host file transfers. Another protocol used for this layer is SNMP (Simple Network Management Protocol) (Global Knowledge , 2006). This protocol is responsible for monitoring various parameters on devices like servers and switches (Dummmies , 2015)
Layer 5: Session layer: This is the layer that deals with the communication creating a session with the two computers. So, for example when logs onto a website, the session layer will have to create a session with his/her computer and the one he/she is trying to get info from. This layer is also responsible for email protocols used over the network (CISCO , 2000) .
· Protocols: Examples of the email protocols are SMTP (simple Mail Transfer Protocol) and POP (Post Office Protocol). These protocols are put into use when accessing or sending an email from a third-party email application (Dummmies , 2015).
Layer 4 transport layer: This layer gets to decide how much information gets sent at one time. If you’re dealing with a website, this layer will decide how much info you will communicate with the website (CISCO , 2000).
· Protocols: Examples of protocols used for this layer include TCP (Transfer Control Protocol and UDP (User Datagram Protocol).
Layer 3: The network layer is the layer that routers operate at. So, if one has a router at home the IP address is at the network level (CISCO , 2000). This is the most important layer for reliable network communications.
· Protocols: Examples od protocols used are IP (Internet Protocol) and ARP (Address Resolution Protocol) (Dummmies , 2015).
Layer 2 Data link layer: This is the layer where switches operate. They are uses to connect the devices to network. Mac addresses, ARP, Network interface cards, Ethernet and Token Ring switches and bridges are also found here (CISCO , 2000).
· Protocols: Example of protocols used for this layer include Device Drivers and PPP (Point-to-Point Protocol)
Layer 1 Physical layer: This layer is where all the physical components are located (Eli The computer guy, 2010). Components of the physical layer include: cabling system components, adapters that connect media to physical interfaces, connector design and pin assignments, hub, repeater and patch panel specifications, wireless system components, parallel SCSI (Small Computer System Interface), and network Interface Card (NIC) (Global Knowledge , 2006).
The commands needed to determine the network information on your PC or other devices connected to the network is “ipconfig /all”. This windows IP configuration command, displays your systems network information such as IPv4 address, IPv6 address, MAC address, and Subnet Mask. This will also list your media state if you are sharing this device as a media server, your link-local address and the global address used to communicate with the internet (Randy Weaver, 2014). There are other commands that can be used to determine additional network information, such as “netstat” (Fisher, 2018). The ‘netstat’ command displays a detailed list of Active Connections. The command ‘netstat -r’ will display a detailed list the systems routing tables. This command also displays your global, link-local and multicast (Randy Weaver, 2014). Below are screenshots 1, 2 and 3, which display the results of the executed ‘ipconfig’, ‘netstat’ and ‘netstat -r’ commands respectively.
This is a screenshot of the ‘ipconfig’ command executed. In it is included critical information such as my PC’s MAC address (blue), link-local address (light blue), IPv4 address (red), Subnet mask (yellow) and DNS server (purple).
Screenshot 2, displays the result of the executed ‘netstat’ command. In it is included a list of the current Active Connections on my laptop. It also lists local and foreign addresses and their current state.
Screenshot 3, three displays the executed ‘netstat -r’ command. This command displays the IPv4 and IPv6 routing tables and gateways.
IPv4 and IPv6
IPv4, is the Internet Protocol Version 4 that handles most of the traffic over the internet and was one of the first main protocols for internetworking standards in the internet (Randy Weaver, 2014). Unfortunately, IPv4, the amount of IP addresses available with IPv4 has begun to reach its limit. IPv4 uses a 32-bit address that only allows for 232 possible IP addresses (Randy Weaver, 2014) . Because of this flaw and other limitations, the development of a new and better version of the Internet Protocol developed, IPv6 (Hagen, 2010).
Both IPv4 and IPv6 use private addressing. When
Two similarities between IPv4 and IPv6.
1.) Both IPv4 and IPv6 use private addressing. Private addressing came about when designers realized that IPv4’s number of available addresses would soon be at its maximum. The Regional Internet Registry allocated a number of IP address ranges that are designated private. This means that any LAN can assign IP addresses for each individual device on the network without having to register the IP address with the RIR. This keeps the number of IP addresses needing to be used down. The downfall of this was that a private IP address cannot communicate through public internet without a medium such as a router equipped with NAT or a proxy server. IPv6 uses private addressing as well and for the same reason. There are a few differences in how IPv6 uses the private addresses, but none the less it still uses them for the same reason IPv4 does.
2.) Both IPv4 and IPv6 use multicast. Multicast is used for group communication. It sends information that is addressed to more than one host destination simultaneously. Instead of having to send the same information individually to each destination host, a network device, such as a router, makes a copy of the information being sent and routs it to the correct group destination hosts simultaneously.
A main difference between IPv4 and IPv6 is, with IPv4, addresses are created with 32-bits of data, while IPv6 calls for 128-bit IP addresses (Randy Weaver, 2014). It is because of this difference that IPv6 is gaining support since it will allow 79,228,162,514,264,337,593,543,950,336 times more possibilities than IPv4. So, although IPv4 and IPv6 both have a maximum, IPv6 allows for the allocation of more IP addresses and therefor will not be faced with the issue of availability that IPv4 had (Randy Weaver, 2014).
Another way in which IPv4 and IPv6 differ, is that most IPv4 devices that are installed must be configured before they begin communicating on a network. Meaning that, IP addresses and routes must be assigned before communication can happen. With IPv6 configuration is optional. IPv6 can be used with any ethernet adapter and can be run over the loopback interface. Using IPv6 stateless autoconfiguration, IPv6 interfaces are self-configuring and can communicate with other IPv6 systems via an IPv6 router automatically (IBM Knowlede Center, 2015). Some configuration may be needed for specific functions.
The DNSSEC (DNS Security Extensions) was created to eliminate some of vulnerabilities that were being exploited with DNS. Some of these exploitations resulted in a loss of confidentiality, Web site impersonation, email hijacking, DNS cache poisoning and theft of information (Randy Weaver, 2014). DNSEC aims to minimize these vulnerabilities with authentication. Authenticating DNS data will help ensure the integrity of the DNS data and authenticate the denial of existence of DNS data (Randy Weaver, 2014).
DNSSEC uses encryption to provide secure data transfer on the DNS protocol. DNSSEC used digital signatures that are created and stored as an PRSIG record. It than uses a security-aware resolver to find a qualified domain name and convert it to an IP address. The same process can also be used to find the reverse, find an IP address and covert it into a fully qualified domain name. The resolver can access the public key associated with the PRSIG record using the DNSKEY record, where the public key is stored. This system is similar to the typical asymmetric encryption that must have at least one root key. DNSSEC must use at least one DNSSEC trust anchor, a top-level digital certificate in the PKI chain (Randy Weaver, 2014).
Even, with DNSSEC networks are not completely secure. Some larger ISP’s, Comcast, like have begun implementing DNSSEC and migrating customers to DNSSEC resolvers (Randy Weaver, 2014). DNSSEC does have weaknesses, one being that it does not provide data confidentiality. DNSSEC also be attacked, be an attacker following the NSEC resource record chain. Also, since DNSSEC is more complicated than DNS the probability of error is significantly higher. There are some organizations who have begun trying different encryption algorithms for DNS standard protocol for transmissions that do not need to be secure (Randy Weaver, 2014). DNSSEC has begun an attempt to increase their overall efficiency, in a hope that more organizations will implement it.