osi and ip network modelssecure.com.sg › courses › ict287 › extra_lab ›...
TRANSCRIPT
l Standards Organizationsl Internet Organizationsl OSI Model Overviewl TCP/IP Model Overview
OSI and IP Network Models
Standards Organizations
LAN WAN Internet Cabling OSI model
IEEE ITU IAB EIA/TIA ISO
Active IEEE Standards Groups 2-5
IEEE Standards802.1 High Level Interface Working Group802.3 CSMA/CD (Ethernet) Working Group802.11 Wireless LAN Working Group802.15 WPAN Working Group802.16 Broadband Wireless Access Working Group802.17 Resilient Packet Ring Working Group802.18 Radio Regulatory TAG802.19 Coexistence TAG802.20 Mobile Broadband Wireless Access (MBWA) Working Group802.21 Media Independent Handoff Working Group802.22 Wireless Regional Area Networks
Common WAN Serial Interface Standards 2-6
EIA/TIA-530
EIA/TIA-232or
V.35
EIA/TIA-449 HSSI
Router
Router WAN serial port standards
Electronics Industries Association
Telecommunications Industry Association
High-Speed Serial Interface
UTP Category Standards 2-7
Category Frequencies Supported Typical Use
3 10 MHz Voice, 10BaseT Ethernet
4 20 MHz 16 Mbps Token Ring
5e 100 MHz 100BaseTX and 1000BaseTX Ethernet
6 200 MHz 1000BaseTX Ethernet
7* 600 MHz 10000BaseTX Ethernet
* Fully Shielded Cabling
Internet Organizations 2-8
ICANN
APNIC ARIN RIPE LACNIC AFRINIC
IANA
ISOC
IAB
IESG IRSG
IRTFIETF
OSI Model Overview
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data link
1 Physical
NetworkingOSI seven-layer modelChecking
for errors
Sendingmessages
Address of the server 1s and 0s
The wire
Applications
Without the OSI model,networks would be verydifficult to understandand implement.
With the OSI model, networks can be broken up into manageable pieces.The OSI model provides a common language to explain componentsand their functionality.
Encryption
Chaosnetworking
Mostly software
Mostlyhardware
Layer 1: Physical Layer
CAT5 UTP
Wall jack
Patch panelHub and repeater
Device
NIC
Layer 2: Data Link Layer
Switch look-up tables
Ethernetswitch
G
A B C D E F
Hub Hub
MAC address of NIC
A,B,C D,E,F
G
Server
Layer 3: Network Layer
Subnet 1
Subnet 2
Subnet 3
Layer 3 addressing
Layer 3 addressing
Layer 3 addressing
Router RouterWAN
LAN LAN
Layer 4: Transport Layer
ServerUser
Network
Layer 5: Session Layer
Fileserver
Userdevice
Data
Data Block from byte 47
Okay, start the next data at byte 108.
Network
Layer 6: Presentation Layer
Encrypt data Decrypt data
Network
Layer 7: Application Layer
Webbrowser
FTP
TCP/IP Model Overview
OSI (Open Systems Interconnect) Reference Model
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data link
1 Physical
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data link
1 Physical
Network
Provides the transmission of the bit stream across the physical connection
Establishes an interface across layer 1 for layer 3 (node-to-node addressing)
Provides delivery of data between the transport layers (end-to-end addressing)
Segments, reassembles, and multiplexes multiple sessions over a layer 3 interface
Connects the user application directly between end systems
Packaging and presentation of the display format and code conversion for the data
Manages the program generating the data to the network
Host: 1-B Host: 2-A
Packaging a Message Using the OSI Model
Data
Physical link
AH
DataAHPH
SH
TH
NH
DLH DLT
DataAHPH
SH DataAHPH
SH DataAHPHTH
NH SH DataAHPHTH1001010100101010001101
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data link
1 Physical
ServerPC
Sending file
Network
AH
PH
SH
TH
NH
DLH
DLT
Application header
Presentation headerSession headerTransport header
Network headerData link headerData link trailer
Unpackaging a Message Using the OSI Model
Data
Physical link
AH
DataAHPH
SH
TH
NH
DLH DLT
DataAHPH
SH DataAHPH
SH DataAHPHTH
NH SH DataAHPHTH
1001010100101010001101
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data link
1 Physical
Server
File received
Network
1001010100101010001101
Comparison of the OSI Reference Model and TCP/IP Protocol Suite
TCP
IP
UDP
UD
Pap
plic
atio
ns
TCP/IP protocol suite
LAN Protocols(for example,
Ethernet)
WAN(Frame Relay,
MPLS, and ATM)
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data link
1 Physical
FTP, SMTP, Telnet, HTTP
DNS, SNMP, NFS, RPC
Network access(network interface)
Network
Host-to-host
Process or
application
TCP segmentUserdata
TCP headerPort Numbers
FileTransferE-MailRemote LoginWeb
browsing
21252380
IP datagram
Userdata
IP headerIP addresses TCP headerSource and
destinationEthernet frame
Userdata
EthernettrailerIP header TCP headerEthernet
header
Source and destination MAC addresses Error detection
Applicationdata
Packaging a Message with TCP/IP and Ethernet
FTP SMTP Telnet HTTP
Transporting Data between Networks
Router (network 1)
Application data
Physical
TCP or UDP
IP
Ethernet
Physical
Ethernet
Physical
Data link
Physical
TCP or UDP
IP
Ethernet
Physical
Data link
Physical
Ethernet
LANLAN WAN
Network Network
Ethernettrailer
TCPheader
IPheader
Applicationdata
Ethernetheader
ServerPC
Router (network 2)
Application data
Leased circuit from carrier PPP – Point-to-Point Protocol
PPPheader
PPPtrailer
Ethernet trailer
Ethernet header
WireSharkshows the Network Stack
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data link
1 Physical
netcat in a nutshell
l What it isl What it doesl How to use it
What is netcat ?
l Swiss Army Knife of Networkl A versatile network Utility tooll Uses TCP and UDP protocoll Designed as a backend tool
n Can be used directlyn Driven by other programs
Power of netcat
l Can create Outbound or Inbound connections TCP or UDP to or from any ports
l Full DNS forward reverse checking
l Can use any local port
l Can use any locally configured network address
l Port scanning with randomizer
l Option to let other program service establish connections
l Optional telnet responder
How Do I use netcat ?
l General form of usage is n nc [switches] [hostname] [portnumber]
l Simplest Usage would ben nc –v www.secure.com.sg 80n GET http://www.secure.com.sg/index.html HTTP/1.0
n Hostname can be a name or IP Address
Options
l -vn Controls the verbosity level
l -w <seconds>n Sets the network inactivity timeout
l -p <port number>n Binds the connection to specific port number
Options
l -o <file name>n To obtain hexdump file of data sent either way
l -ln Makes netcat wait for inbound connectionsn And once connection is established it transfers the
data
Interesting -l (listener)
Can use to create like a listening netcat serverl On listening end
n C:\tools\nc> nc –l -p 1234 < test.txt
l On client end n C:\tools\nc> nc 127.0.0.1 1234
Options
l -Ln Listen harder
l -rn Randomize port numbers
l -zn Zero – I/O mode [used in scanning]
Options
l -e <program name>n Allows to execute a program (dangerous)
l -dn Allows to run in detached mode without console
windowl -u
n Makes a UDP connection instead of TCP connection
Options
l -s <address>n Local source address
l -i <seconds>n Specifies delay interval for lines sent or ports
scannedl -t
n Answer telnet negotiation
Put the Knife to Use
lUse It GOOD
lUse It BAD
USE IT GOOD
l Port Scanning
n Find what is out there
unc -v -w 5 -r 127.0.0.1 1-1023
USE IT GOOD
l Simple Data Transfer Agentn Immaterial which side is server and which side is
clientn Input at one goes as output to another
l HEX Dump Featuren Can be used to analyze odd network protocols
USE IT GOOD
l Performance Testing
n Generate large amount of useless data on network with server on one end and client on other end we can use it to test network performance.
l Protect your workstations X server
DARK SIDE
l Scanning for vulnerable servicesn Can use files as input to netcat and scan the system
by using –i and –r switchesl Can use –e option to execute programsl SYN-Bombing
n Can disable TCP servers
EXAMPLE
l Listen on port 21 (FTP Port) using netcat with –e switch to execute cmd.exe
l FTP request made from a different machine on the listener machine
RESULT
D:\tools\nc> nc -l -p 21 -e cmd.exe
C:\Documents and Settings\RAJAT>ftp 127.0.0.1
Connected to 127.0.0.1
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
Request
Conclusion
l Netcat is a very useful network utility tooll Very light but extremely effectivel Particularly when it can listen and execute
programs when connection requests are made on the specific ports
THANK YOU
Questions ??