Embed Size (px)
Citation preview
Protocol Basics
Outline
ObjectiveOSI ModelTCP/IP ModelEncapsulationTCP Header3-way HandshakeIP Addressing
SMTPFTPHTTPDNS SummaryList of References
Objective
To provide background on the OSI Model, the TCP/IP Model and several frequently used protocols.
OSI Model
The Open Systems Interconnection Basic Reference Model (OSI Reference Model or OSI Model or OSI Seven Layer Model) is a layered, abstract description for communications and computer network protocol designIt describes how information from a software application in one computer moves through a network medium to a software application in another computer. It is a conceptual model composed of seven layers, each specifying particular network functions.
OSI Model
http://www.ictp.trieste.it/~radionet/1998_school/networking_presentation/page6.html
OSI Model
Layer 7: Application Layer interfaces directly to and performs common application services for the application processes, issues requests to the presentation layer and provides services to user-defined application processes, and not to the end user. Layer 6: Presentation Layer transforms the data to provide a standard interface for the Application layer. Layer 5: Session Layer controls the connections/sessions between computers. It establishes, manages and terminates the connections between the local and remote application.
http://en.wikipedia.org/wiki/OSI_Model
OSI Model
Layer 4: Transport Layer provides transparent transfer of data between end users, providing reliable data transfer services to the upper layers. The transport layer controls the reliability of a given link through flow control, segmentation/desegmentation, and error control. Layer 3: Network Layer provides the means of transferring variable length data sequences from a source to a destination via one or more networks while maintaining the quality of service requested by the Transport layer. This layer performs network routing functions, and might also perform fragmentation and reassembly, and report delivery errors. Routers operate at this layer.
http://en.wikipedia.org/wiki/OSI_Model
OSI Model
Layer 2: Data Link Layer provides the functional and procedural means to transfer data between network entities and to detect and possibly correct errors that may occur in the Physical layer. The best known example of this is Ethernet. This is the layer at which the bridges and switches operate. Layer 1: Physical Layer defines all the electrical and physical specifications for devices such as the layout of pins, voltages, and cable specifications. Hubs, repeaters, and network adapters are physical-layer devices.
http://en.wikipedia.org/wiki/OSI_Model
TCP/IP Model
TCP/IP Model is a layered abstract description for communications and computer network protocol design. It has fewer, less rigidly defined layers than the commonly referenced OSI model, and thus provides an easier fit for real-world protocols.
Layer 4 – Process Layer or Application LayerLayer 3 – Host-to-Host (Transport) LayerLayer 2 – Internet or Internetworking LayerLayer 1 – Network Access Layer
http://en.wikipedia.org/wiki/TCP/IP_model
Encapsulation
http://www.cgisecurity.com/lib/bill/encapsulation.gif
TCP Header
16 Bit Source Port Number 16 Bit Destination Port Number
0 15 16 31
32 Bit Sequence Number
32 Bit Acknowledgement Number
4 Bit HeaderLength
16 Bit Window Size
16 Bit TCP Checksum 16 Bit Urgent Pointer
Options (if any)
Data (if any)
6 BitsReserved
URG
ACK
PSH
RST
SYN
FIN
20 Bytes
3-way Handshake
Most communications is handled using TCP.TCP is reliable:
Acknowledgements indicate delivery of data.Checksums are used to detect corrupted data.Sequence numbers detect missing, or mis-sequenced data.Corrupted data is retransmitted after a timeout.Mis-sequenced data is re-sequenced.Flow control prevents over-run of receiver.
TCP uses congestion control to share network capacity among users. TCP is connection-oriented.
3-way handshake used for connection setup/teardown.
3-way Handshake
Connection Setup
(Active)Client
(Passive)Server
Syn
Syn + Ack
Ack
Connection Close/Teardown
(Active)Client
(Passive)Server
Fin
(Data +) Ack
Fin
Ack
3-way Handshake
ClientServer
SYNSYN | ACK
ACK
1: Send SYN seq=x
2: Send SYN seq=y, ACK x+1
3: Send ACK y+1
IP Addressing
An IP (Internet Protocol) address is a unique address that electronic devices use in order to identify and communicate with each other on a computer network. It can be thought of as the equivalent of a street address or a phone number for a computer or other network device on the Internet. Participating network devices—including routers, computers, time-servers, printers, Internet fax machines, and some telephones—can have their own unique address.IP Version 4 (IPv4) uses 32-bit (4 byte) addresses, which limits the address space to 4,294,967,296 (232) possible unique addresses. IPv4 Example: 127.0.0.1IPv4 address shortage has helped stimulate the push towards IPv6, which is currently in the early stages of deployment and will replace IPv4 with IPv6.
http://en.wikipedia.org/wiki/IP_addressing
IP Addressing
IPv6 addresses are 128 bits (16 bytes) wide, which, should suffice for the foreseeable future. In theory, there would be roughly 3.403 × 1038 unique host interface addresses. Based upon this design, there will exist "roughly 5,000 addresses for every square micrometer of the Earth's surface". This enormous magnitude of available IP addresses will be sufficiently large for the indefinite future, even though mobile phones, cars and all types of personal devices are coming to rely on the Internet for everyday purposes.IPv6 Example: 2001:0db8:85a3:08d3:1319:8a2e:0370:7334
http://en.wikipedia.org/wiki/IP_addressing
SMTP
Simple Mail Transfer Protocol (SMTP) is a simple, text-based protocol, where one or more recipients of a message are specified and then the message text is transferred. It is a client-server protocol, where the client transmits an email message to the server. An email client knows the outgoing mail SMTP server from its configuration. The server typically determines which SMTP server to connect to by looking up the record for each recipient's domain name, the part of the email address to the right of the at sign (@). The SMTP client initiates a TCP connection to server's port 25. SMTP is a "push" protocol that does not allow one to "pull" messages from a remote server on demand. To do this a mail client must use POP3 or IMAP.
FTP
File Transfer Protocol (FTP) was a commonly used protocol for exchanging files over any network that supports the TCP/IP protocol (such as the Internet or an intranet). FTP employs two computers in an FTP transfer: a server and a client.
The FTP server, running FTP server software, listens on the network for connection requests from other computers. The client computer, running FTP client software, initiates a connection to the server. Once connected, the client could manipulate files such as uploading/downloading files to/from the server, renaming or deleting files on the server, etc..
HTTP has begun to dominate in these kinds of applications.
http://en.wikipedia.org/wiki/FTP
HTTP
Hypertext Transfer Protocol (HTTP) is a communications protocol used to transfer or convey information on the World Wide Web. HTTP is a request/response protocol between clients and servers. The originating client, such as a web browser is referred to as the user agent. The destination server, which stores or creates resources such as HTML files and images, is called the origin server. An HTTP client initiates a request by establishing a Transmission Control Protocol (TCP) connection to a particular port on a remote host (port 80 by default.An HTTP server listening on that port waits for the client to send a request message.Upon receiving the request, the server sends back a status line, such as "HTTP/1.1 200 OK", and a message of its own, the body of which is perhaps the requested file, an error message, or some other information.
http://en.wikipedia.org/wiki/HTTP
HTTP
http://computer.howstuffworks.com/web-server1.htm
HTTP
HTTP can be made secure through the use of encryptionUsing HTTPS indicates that HTTP is to be used, but with a different default TCP port (443) and an additional encryption/authentication layer, Secure Sockets Layer (SSL) or Transport Layer Security (TLS), between the HTTP and TCP.
http://en.wikipedia.org/wiki/HTTPS
http://www.sportop.com/ClothingPrograms/ordering-faqs.cfm
DNS
Domain Name System (DNS) associates information with so-called domain names; most importantly, it serves as the "phone book" for the Internet: it translates human-readable computer hostnames, e.g. www.wikipedia.org, into the IP addresses that networking equipment needs for delivering information. For example, if you want to know the internet address of www.wikipedia.org, DNS can be used to tell you it's 66.230.200.100. DNS distributes the responsibility for assigning domain names and mapping them to IP networks by allowing an authoritative server for each domain to keep track of its own changes, avoiding the need for a central registrar to be continually consulted and updated. Each domain or subdomain has one or more authoritative DNS servers that publish information about that domain and the name servers of any domains "beneath" it.
http://en.wikipedia.org/wiki/DNS
DNS
http://www.comptechdoc.org/independent/networking/guide/dns.gif
Summary
This section has tried to provide background on the OSI Model, the TCP/IP Model and several frequently used protocols.
List of References
http://www.ictp.trieste.it/~radionet/1998_school/networking_presentation/page6.htmlhttp://en.wikipedia.org/wiki/OSI_Modelhttp://en.wikipedia.org/wiki/TCP/IP_modelhttp://www.cgisecurity.com/lib/bill/encapsulation.gifhttp://www.cisco.com/univercd/cc/td/doc/product/iaabu/centri4/user/scf4ap1.htmhttp://www.visi.com/~mjb/Drawings/TCP_Header.pdfhttp://en.wikipedia.org/wiki/IP_addressinghttp://en.wikipedia.org/wiki/SMTPhttp://en.wikipedia.org/wiki/Telnethttp://en.wikipedia.org/wiki/FTPhttp://en.wikipedia.org/wiki/HTTPhttp://computer.howstuffworks.com/web-server1.htmhttp://en.wikipedia.org/wiki/HTTPShttp://www.sportop.com/ClothingPrograms/ordering-faqs.cfmhttp://en.wikipedia.org/wiki/Transport_Layer_Securityhttp://en.wikipedia.org/wiki/DNShttp://www.comptechdoc.org/independent/networking/guide/dns.gifhttp://www.theshulers.com/whitepapers/internet_whitepaper/index.html#http
CyberPatriot wants to thank and acknowledge the CyberWatch programwhich developed the original version of these slides and who has graciously allowed their use for training in this competition.
