osi and ip network modelssecure.com.sg › courses › ict287 › extra_lab ›...

l Standards Organizationsl Internet Organizationsl OSI Model Overviewl TCP/IP Model Overview

OSI and IP Network Models

Standards Organizations

LAN WAN Internet Cabling OSI model

IEEE ITU IAB EIA/TIA ISO

Active IEEE Standards Groups 2-5

IEEE Standards802.1 High Level Interface Working Group802.3 CSMA/CD (Ethernet) Working Group802.11 Wireless LAN Working Group802.15 WPAN Working Group802.16 Broadband Wireless Access Working Group802.17 Resilient Packet Ring Working Group802.18 Radio Regulatory TAG802.19 Coexistence TAG802.20 Mobile Broadband Wireless Access (MBWA) Working Group802.21 Media Independent Handoff Working Group802.22 Wireless Regional Area Networks

Common WAN Serial Interface Standards 2-6

EIA/TIA-530

EIA/TIA-232or

V.35

EIA/TIA-449 HSSI

Router

Router WAN serial port standards

Electronics Industries Association

Telecommunications Industry Association

High-Speed Serial Interface

UTP Category Standards 2-7

Category Frequencies Supported Typical Use

3 10 MHz Voice, 10BaseT Ethernet

4 20 MHz 16 Mbps Token Ring

5e 100 MHz 100BaseTX and 1000BaseTX Ethernet

6 200 MHz 1000BaseTX Ethernet

7* 600 MHz 10000BaseTX Ethernet

* Fully Shielded Cabling

Internet Organizations 2-8

ICANN

APNIC ARIN RIPE LACNIC AFRINIC

IANA

ISOC

IAB

IESG IRSG

IRTFIETF

OSI Model Overview

7 Application

6 Presentation

5 Session

4 Transport

3 Network

2 Data link

1 Physical

NetworkingOSI seven-layer modelChecking

for errors

Sendingmessages

Address of the server 1s and 0s

The wire

Applications

Without the OSI model,networks would be verydifficult to understandand implement.

With the OSI model, networks can be broken up into manageable pieces.The OSI model provides a common language to explain componentsand their functionality.

Encryption

Chaosnetworking

Mostly software

Mostlyhardware

Layer 1: Physical Layer

CAT5 UTP

Wall jack

Patch panelHub and repeater

Device

NIC

Layer 2: Data Link Layer

Switch look-up tables

Ethernetswitch

G

A B C D E F

Hub Hub

MAC address of NIC

A,B,C D,E,F

G

Server

Layer 3: Network Layer

Subnet 1

Subnet 2

Subnet 3

Layer 3 addressing

Layer 3 addressing

Layer 3 addressing

Router RouterWAN

LAN LAN

Layer 4: Transport Layer

ServerUser

Network

Layer 5: Session Layer

Fileserver

Userdevice

Data

Data Block from byte 47

Okay, start the next data at byte 108.

Network

Layer 6: Presentation Layer

Encrypt data Decrypt data

Network

Layer 7: Application Layer

Webbrowser

FTP

E-mail

TCP/IP Model Overview

OSI (Open Systems Interconnect) Reference Model

7 Application

6 Presentation

5 Session

4 Transport

3 Network

2 Data link

1 Physical

7 Application

6 Presentation

5 Session

4 Transport

3 Network

2 Data link

1 Physical

Network

Provides the transmission of the bit stream across the physical connection

Establishes an interface across layer 1 for layer 3 (node-to-node addressing)

Provides delivery of data between the transport layers (end-to-end addressing)

Segments, reassembles, and multiplexes multiple sessions over a layer 3 interface

Connects the user application directly between end systems

Packaging and presentation of the display format and code conversion for the data

Manages the program generating the data to the network

Host: 1-B Host: 2-A

Packaging a Message Using the OSI Model

Data

Physical link

AH

DataAHPH

SH

TH

NH

DLH DLT

DataAHPH

SH DataAHPH

SH DataAHPHTH

NH SH DataAHPHTH1001010100101010001101

7 Application

6 Presentation

5 Session

4 Transport

3 Network

2 Data link

1 Physical

ServerPC

Sending file

Network

AH

PH

SH

TH

NH

DLH

DLT

Application header

Presentation headerSession headerTransport header

Network headerData link headerData link trailer

Unpackaging a Message Using the OSI Model

Data

Physical link

AH

DataAHPH

SH

TH

NH

DLH DLT

DataAHPH

SH DataAHPH

SH DataAHPHTH

NH SH DataAHPHTH

1001010100101010001101

7 Application

6 Presentation

5 Session

4 Transport

3 Network

2 Data link

1 Physical

Server

File received

Network

1001010100101010001101

Comparison of the OSI Reference Model and TCP/IP Protocol Suite

TCP

IP

UDP

UD

Pap

plic

atio

ns

TCP/IP protocol suite

LAN Protocols(for example,

Ethernet)

WAN(Frame Relay,

MPLS, and ATM)

7 Application

6 Presentation

5 Session

4 Transport

3 Network

2 Data link

1 Physical

FTP, SMTP, Telnet, HTTP

DNS, SNMP, NFS, RPC

Network access(network interface)

Network

Host-to-host

Process or

application

TCP segmentUserdata

TCP headerPort Numbers

FileTransferE-MailRemote LoginWeb

browsing

21252380

IP datagram

Userdata

IP headerIP addresses TCP headerSource and

destinationEthernet frame

Userdata

EthernettrailerIP header TCP headerEthernet

header

Source and destination MAC addresses Error detection

Applicationdata

Packaging a Message with TCP/IP and Ethernet

FTP SMTP Telnet HTTP

Transporting Data between Networks

Router (network 1)

Application data

Physical

TCP or UDP

IP

Ethernet

Physical

Ethernet

Physical

Data link

Physical

TCP or UDP

IP

Ethernet

Physical

Data link

Physical

Ethernet

LANLAN WAN

Network Network

Ethernettrailer

TCPheader

IPheader

Applicationdata

Ethernetheader

ServerPC

Router (network 2)

Application data

Leased circuit from carrier PPP – Point-to-Point Protocol

PPPheader

PPPtrailer

Ethernet trailer

Ethernet header

WireSharkshows the Network Stack

7 Application

6 Presentation

5 Session

4 Transport

3 Network

2 Data link

1 Physical

netcat in a nutshell

l What it isl What it doesl How to use it

What is netcat ?

l Swiss Army Knife of Networkl A versatile network Utility tooll Uses TCP and UDP protocoll Designed as a backend tool

n Can be used directlyn Driven by other programs

Power of netcat

l Can create Outbound or Inbound connections TCP or UDP to or from any ports

l Full DNS forward reverse checking

l Can use any local port

l Can use any locally configured network address

l Port scanning with randomizer

l Option to let other program service establish connections

l Optional telnet responder

How Do I use netcat ?

l General form of usage is n nc [switches] [hostname] [portnumber]

l Simplest Usage would ben nc –v www.secure.com.sg 80n GET http://www.secure.com.sg/index.html HTTP/1.0

n Hostname can be a name or IP Address

Options

l -vn Controls the verbosity level

l -w <seconds>n Sets the network inactivity timeout

l -p <port number>n Binds the connection to specific port number

Options

l -o <file name>n To obtain hexdump file of data sent either way

l -ln Makes netcat wait for inbound connectionsn And once connection is established it transfers the

data

Interesting -l (listener)

Can use to create like a listening netcat serverl On listening end

n C:\tools\nc> nc –l -p 1234 < test.txt

l On client end n C:\tools\nc> nc 127.0.0.1 1234

Options

l -Ln Listen harder

l -rn Randomize port numbers

l -zn Zero – I/O mode [used in scanning]

Options

l -e <program name>n Allows to execute a program (dangerous)

l -dn Allows to run in detached mode without console

windowl -u

n Makes a UDP connection instead of TCP connection

Options

l -s <address>n Local source address

l -i <seconds>n Specifies delay interval for lines sent or ports

scannedl -t

n Answer telnet negotiation

Put the Knife to Use

lUse It GOOD

lUse It BAD

USE IT GOOD

l Port Scanning

n Find what is out there

unc -v -w 5 -r 127.0.0.1 1-1023

USE IT GOOD

l Simple Data Transfer Agentn Immaterial which side is server and which side is

clientn Input at one goes as output to another

l HEX Dump Featuren Can be used to analyze odd network protocols

USE IT GOOD

l Performance Testing

n Generate large amount of useless data on network with server on one end and client on other end we can use it to test network performance.

l Protect your workstations X server

DARK SIDE

l Scanning for vulnerable servicesn Can use files as input to netcat and scan the system

by using –i and –r switchesl Can use –e option to execute programsl SYN-Bombing

n Can disable TCP servers

EXAMPLE

l Listen on port 21 (FTP Port) using netcat with –e switch to execute cmd.exe

l FTP request made from a different machine on the listener machine

RESULT

D:\tools\nc> nc -l -p 21 -e cmd.exe

C:\Documents and Settings\RAJAT>ftp 127.0.0.1

Connected to 127.0.0.1

Microsoft Windows XP [Version 5.1.2600]

(C) Copyright 1985-2001 Microsoft Corp.

Request

Conclusion

l Netcat is a very useful network utility tooll Very light but extremely effectivel Particularly when it can listen and execute

programs when connection requests are made on the specific ports

THANK YOU

Questions ??