Protocol_Basics - CyberPatriot

prunelimitΔίκτυα και Επικοινωνίες

23 Οκτ 2013 (πριν από 3 χρόνια και 11 μήνες)

80 εμφανίσεις

Protocol Basics

Outline

Objective

OSI Model

TCP/IP Model

Encapsulation

TCP Header

3
-
way Handshake

IP Addressing


SMTP

FTP

HTTP

DNS

Summary

List of References

Objective

To provide background on the OSI Model, the TCP/IP Model and
several frequently used protocols.

OSI Model

The Open Systems Interconnection Basic Reference Model (
OSI
Reference Model

or
OSI Model or OSI Seven Layer Model
) is a
layered, abstract description for communications and computer
network protocol design

It describes how information from a software application in one
computer moves through a network medium to a software
application in another computer.

It is a conceptual model composed of seven layers, each
specifying particular network functions.


OSI Model

http://www.ictp.trieste.it/~radionet/1998_school/networking_presentation/page6.html

OSI Model

Layer 7
: Application Layer interfaces directly to and
performs common application services for the application
processes, issues requests to the presentation layer and
provides services to user
-
defined application processes,
and not to the end user.

Layer 6
: Presentation Layer transforms the data to
provide a standard interface for the Application layer.

Layer 5
: Session Layer controls the connections/sessions
between computers. It establishes, manages and
terminates the connections between the local and
remote application.

http://en.wikipedia.org/wiki/OSI_Model

OSI Model

Layer 4
: Transport Layer provides transparent transfer of data
between end users, providing reliable data transfer services to
the upper layers. The transport layer controls the reliability of
a given link through flow control,
segmentation/desegmentation, and error control.

Layer 3
: Network Layer provides the means of transferring
variable length data sequences from a source to a destination
via one or more networks while maintaining the quality of
service requested by the Transport layer. This layer performs
network routing functions, and might also perform
fragmentation and reassembly, and report delivery errors.
Routers operate at this layer.

http://en.wikipedia.org/wiki/OSI_Model

OSI Model

Layer 2
: Data Link Layer provides the functional and
procedural means to transfer data between network
entities and to detect and possibly correct errors that
may occur in the Physical layer. The best known example
of this is Ethernet. This is the layer at which the bridges
and switches operate.

Layer 1
: Physical Layer defines all the electrical and
physical specifications for devices such as the layout of
pins, voltages, and cable specifications. Hubs, repeaters,
and network adapters are physical
-
layer devices.

http://en.wikipedia.org/wiki/OSI_Model

TCP/IP Model

TCP/IP Model is a layered abstract description for communications
and computer network protocol design. It has fewer, less rigidly
defined layers than the commonly referenced OSI model, and thus
provides an easier fit for real
-
world protocols.


Layer 4


Process Layer or Application Layer

Layer 3


Host
-
to
-
Host (Transport) Layer

Layer 2


Internet or Internetworking Layer

Layer 1


Network Access Layer


http://en.wikipedia.org/wiki/TCP/IP_model

Encapsulation

http://www.cgisecurity.com/lib/bill/encapsulation.gif

TCP Header

16 Bit Source Port Number

16 Bit Destination Port Number

0




15 16




31

32 Bit Sequence Number

32 Bit Acknowledgement Number

4 Bit Header

Length

16 Bit Window Size

16 Bit TCP Checksum

16 Bit Urgent Pointer

Options (if any)

Data (if any)

6 Bits

Reserved

U

R

G

A

C

K

P

S

H

R

S

T

S

Y

N

F

I

N

20 Bytes

3
-
way Handshake

Most communications is handled using TCP.

TCP is reliable:

Acknowledgements indicate delivery of data.

Checksums are used to detect corrupted data.

Sequence numbers detect missing, or mis
-
sequenced data.

Corrupted data is retransmitted after a timeout.

Mis
-
sequenced data is re
-
sequenced.

Flow control prevents over
-
run of receiver.

TCP uses
congestion control

to share network capacity among
users.

TCP is
connection
-
oriented
.

3
-
way handshake used for connection setup/teardown.

3
-
way Handshake

Connection Setup

(Active)

Client

(Passive)

Server

Syn

Syn + Ack

Ack

Connection Close/Teardown

(Active)

Client

(Passive)

Server

Fin

(Data +) Ack

Fin

Ack

3
-
way Handshake

Client

Server

SYN

SYN | ACK

ACK

1: Send SYN seq=x

2: Send SYN seq=y, ACK x+1

3: Send ACK y+1

IP Addressing

An IP (Internet Protocol) address is a unique address that
electronic devices use in order to identify and communicate with
each other on a computer network. It can be thought of as the
equivalent of a street address or a phone number for a computer
or other network device on the Internet.

Participating network devices

including routers, computers,
time
-
servers, printers, Internet fax machines, and some
telephones

can have their own unique address.

IP Version 4 (IPv4) uses 32
-
bit (4 byte) addresses, which limits the
address space to 4,294,967,296 (232) possible unique addresses.

IPv4 Example: 127.0.0.1

IPv4 address shortage has helped stimulate the push towards
IPv6, which is currently in the early stages of deployment and will
replace IPv4 with IPv6.

http://en.wikipedia.org/wiki/IP_addressing

IP Addressing

IPv6 addresses are 128 bits (16 bytes) wide, which, should suffice
for the foreseeable future. In theory, there would be roughly
3.403
×

1038 unique host interface addresses.

Based upon this design, there will exist "roughly 5,000 addresses
for every square micrometer of the Earth's surface". This
enormous magnitude of available IP addresses will be sufficiently
large for the indefinite future, even though mobile phones, cars
and all types of personal devices are coming to rely on the
Internet for everyday purposes.

IPv6 Example: 2001:0db8:85a3:08d3:1319:8a2e:0370:7334

http://en.wikipedia.org/wiki/IP_addressing

SMTP

Simple Mail Transfer Protocol (SMTP) is a simple, text
-
based
protocol, where one or more recipients of a message are
specified and then the message text is transferred.

It is a client
-
server protocol, where the client transmits an email
message to the server. An email client knows the
outgoing mail

SMTP server from its configuration. The server typically
determines which SMTP server to connect to by looking up the
record for each recipient's domain name, the part of the email
address to the right of the
at

sign (@).

The SMTP client initiates a TCP connection to server's port 25.

SMTP is a "push" protocol that does not allow one to "pull"
messages from a remote server on demand. To do this a mail
client must use POP3 or IMAP.

FTP

File Transfer Protocol (FTP) was a commonly used protocol for
exchanging files over any network that supports the TCP/IP
protocol (such as the Internet or an intranet).

FTP employs two computers in an FTP transfer: a server and a
client.

The FTP server, running FTP server software, listens on the
network for connection requests from other computers.

The client computer, running FTP client software, initiates a
connection to the server.

Once connected, the client could manipulate files such as
uploading/downloading files to/from the server, renaming or
deleting files on the server, etc..

HTTP has begun to dominate in these kinds of applications.

http://en.wikipedia.org/wiki/FTP

HTTP

Hypertext Transfer Protocol (HTTP) is a communications protocol
used to transfer or convey information on the World Wide Web.

HTTP is a request/response protocol between clients and servers.
The originating client, such as a web browser is referred to as the
user agent. The destination server, which stores or creates
resources such as HTML files and images, is called the origin server.

An HTTP client initiates a request by establishing a Transmission
Control Protocol (TCP) connection to a particular port on a remote
host (port 80 by default.

An HTTP server listening on that port waits for the client to send a
request message.

Upon receiving the request, the server sends back a status line,
such as "HTTP/1.1 200 OK", and a message of its own, the body of
which is perhaps the requested file, an error message, or some
other information.

http://en.wikipedia.org/wiki/HTTP

HTTP

http://computer.howstuffworks.com/web
-
server1.htm

HTTP

HTTP can be made secure through the use
of encryption

Using HTTPS indicates that HTTP is to be
used, but with a different default TCP port
(443) and an additional
encryption/authentication layer, Secure
Sockets Layer (SSL) or Transport Layer
Security (TLS), between the HTTP and TCP.

http://en.wikipedia.org/wiki/HTTPS

http://www.sportop.com/ClothingPrograms/ordering
-
faqs.cfm

DNS

Domain Name System (DNS) associates information with so
-
called
domain names; most importantly, it serves as the "phone book"
for the Internet: it translates human
-
readable computer
hostnames, e.g.
www.wikipedia.org
, into the IP addresses that
networking equipment needs for delivering information.

For example, if you want to know the internet address of
www.wikipedia.org, DNS can be used to tell you it's
66.230.200.100.

DNS distributes the responsibility for assigning domain names and
mapping them to IP networks by allowing an authoritative server
for each domain to keep track of its own changes, avoiding the
need for a central registrar to be continually consulted and
updated.

Each domain or subdomain has one or more authoritative DNS
servers that publish information about that domain and the name
servers of any domains "beneath" it.

http://en.wikipedia.org/wiki/DNS

DNS

http://www.comptechdoc.org/independent/networking/guide/dns.gif

Summary

This section has tried to provide background on the OSI Model, the
TCP/IP Model and several frequently used protocols.

List of References

http://www.ictp.trieste.it/~radionet/1998_school/networking_presentation/page6.html

http://en.wikipedia.org/wiki/OSI_Model

http://en.wikipedia.org/wiki/TCP/IP_model

http://www.cgisecurity.com/lib/bill/encapsulation.gif

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/centri4/user/scf4ap1.htm

http://www.visi.com/~mjb/Drawings/TCP_Header.pdf

http://en.wikipedia.org/wiki/IP_addressing

http://en.wikipedia.org/wiki/SMTP

http://en.wikipedia.org/wiki/Telnet

http://en.wikipedia.org/wiki/FTP

http://en.wikipedia.org/wiki/HTTP

http://computer.howstuffworks.com/web
-
server1.htm

http://en.wikipedia.org/wiki/HTTPS

http://www.sportop.com/ClothingPrograms/ordering
-
faqs.cfm

http://en.wikipedia.org/wiki/Transport_Layer_Security

http://en.wikipedia.org/wiki/DNS

http://www.comptechdoc.org/independent/networking/guide/dns.gif

http://www.theshulers.com/whitepapers/internet_whitepaper/index.html#http

CyberPatriot wants to thank and acknowledge the CyberWatch program

which developed the original version of these slides and who has graciously

allowed their use for training in this competition.