Difference between revisions of "User:Becha/InternetPlumbing/Layers"

From Technologia Incognita
Jump to: navigation, search
(Comparing OSI & TCP / IP layers)
(Owners, Developers, Dangers, Mitigations, Alternatives)
 
(3 intermediate revisions by the same user not shown)
Line 58: Line 58:
 
* Domain Name Service is an Application Layer service which is used to look up the IP address of a given domain name. Once a reply is received from the DNS server, it is then possible to form a Layer 3 connection to the third-party host.
 
* Domain Name Service is an Application Layer service which is used to look up the IP address of a given domain name. Once a reply is received from the DNS server, it is then possible to form a Layer 3 connection to the third-party host.
 
* etc
 
* etc
 +
 +
[[File:Osi-deployment-layers.png]]
 +
 +
==Owners, Developers, Dangers, Mitigations, Alternatives==
 +
 
[[File:Osi-deployment-layers.png]]
 
[[File:Osi-deployment-layers.png]]
 +
  
 
{| class="wikitable sortable"
 
{| class="wikitable sortable"
!Layer
+
|-
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
| #
 +
!Layer name
 
!Example
 
!Example
 
!Practically  
 
!Practically  
Line 67: Line 84:
 
!Developed by
 
!Developed by
 
|Vulnerabilities/Dangers
 
|Vulnerabilities/Dangers
!Securing
+
| Securing
 
| Alternatives
 
| Alternatives
 
|-
 
|-
 +
|10
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
|9
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
|8
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
! rowspan="3" | Application layer
 +
|7.3 -> skype
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
|7.2 -> SMTP / email
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
| 7.1 HTTP
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
|6
 +
| Presentation
 +
| HTML, CSS, JSON
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
|5
 +
| Session
 +
| BGP (actually layer 7...) 
 +
| routing: exchanging AS reachability info via gossip: based on trust & peering agreements! <br> physical routers by routers: Cisco/Juniper (commercial monopolists ;-)
 +
| Large ISPs; Tier1 / Tier2 ; IXPs!!  RIRs give out AS numbers
 +
| "routing-wg" @ RIPE; *NOGs! (nano, nlnog, grnog; peering forums; Euro-IX); IETF; Open-Source community ; hackers
 +
| "route hijacks", government regulation & takeover (killer switch), hierarchies;
 +
| technically: BGPsec, IRR, RPKI; <br> politically: influencing governance
 +
| p2p protocols, Betman [xx]; MPLS, SDN; Tor?!
 +
|-
 +
|4
 +
| Transport
 +
| UDP -> DNS
 +
| www.belastingdiest.nl
 +
| User; Registrar, Registry, ccTLD, gTLD, ICANN, US government!
 +
| DNS OARC, IETF, root-nameserver operators, ICANN, IGF/UN/ITU 
 +
| "balkanisation", US hegemony; internationalization; censorship;
 +
| technically: DNSSEC, DANE ; Tor; <br> politically: participating in governance
 +
| Alternative trees; blockchain (namecoin); etc
 +
|-
 +
|3
 +
| Network
 +
| Internet
 +
| ifconfig; 10.10.10.10, IPv6
 +
| no-one: IP addresses are "leased"! <br> (PI,PA,LIR,RIR,IANA,IETF)
 +
| RIR PDP, IANA, IETF
 +
| hierarchy, run-out, incompatibility, market forces; surveillance
 +
| IPSec
 +
| Blockchain?
 +
|-
 +
|2
 +
| Data-link
 +
| Physical connections
 +
| Ethernet cables, WiFi, fibers, satellites, under-sea cables 
 +
| Individuals, communities, ISP, "carriers", corporations, governments, 
 +
| Hackers, commercial companies, governments
 +
| "ownership" models; hierarchy of server-client model; pollution & distraction of Earth; surveillance
 +
| commoning; shared infrastructure; development of sustainable technologies (?!), recycling; awareness & activism 
 +
|Community WiFi, Project Loon, Drones
 +
|-
 +
|1
 
|Physical
 
|Physical
 
|HW - end user equipment
 
|HW - end user equipment
Line 87: Line 214:
 
|
 
|
 
|-
 
|-
|
 
|
 
|
 
|
 
|
 
|
 
|
 
 
|}
 
|}

Latest revision as of 10:45, 3 April 2016

Comparing OSI & TCP / IP layers

Original borrowed from: https://en.wikipedia.org/wiki/OSI_model

TCP / IP Model OSI Model
Layer OSI Layer Protocol data unit (PDU) Function Examples
Application 7. Application Data High-level APIs, including resource sharing, remote file access, directory services and virtual terminals TLS, FTP, HTTP, HTTPS, SMTP, SSH, Telnet, BGP!
6. Presentation Translation of data between a networking service and an application; including character encoding, data compression and encryption/decryption CSS, GIF, HTML, XML, JSON
Transport 5. Session Managing communication sessions, i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes RPC, SCP, NFS, PAP,
4. Transport Segment (TCP) / Datagram (UDP) Reliable transmission of data segments between points on a network, including segmentation, acknowledgement and multiplexing NBF, TCP, UDP
Network /
Internet 		3. Network Packet Structuring and managing a multi-node network, including addressing, routing and traffic control AppleTalk, ICMP, IPsec, IPv4, IPv6
Link
layer 		2. Data link Frame Reliable transmission of data frames between two nodes connected by a physical layer IEEE 802.2, L2TP, LLDP, MAC, PPP, ATM, MPLS
1. Physical Bit Transmission and reception of raw bit streams over a physical medium DOCSIS, DSL, Ethernet physical layer, ISDN, USB

Cross-layer functions:

  • ARP is used to translate IPv4 addresses (OSI layer 3) into Ethernet MAC addresses (OSI layer 2).
  • Domain Name Service is an Application Layer service which is used to look up the IP address of a given domain name. Once a reply is received from the DNS server, it is then possible to form a Layer 3 connection to the third-party host.
  • etc

Osi-deployment-layers.png

Owners, Developers, Dangers, Mitigations, Alternatives

Osi-deployment-layers.png


# Layer name Example Practically Owner Developed by Vulnerabilities/Dangers Securing Alternatives
10
9
8
Application layer 7.3 -> skype
7.2 -> SMTP / email
7.1 HTTP
6 Presentation HTML, CSS, JSON
5 Session BGP (actually layer 7...) routing: exchanging AS reachability info via gossip: based on trust & peering agreements!
physical routers by routers: Cisco/Juniper (commercial monopolists ;-) 		Large ISPs; Tier1 / Tier2 ; IXPs!! RIRs give out AS numbers "routing-wg" @ RIPE; *NOGs! (nano, nlnog, grnog; peering forums; Euro-IX); IETF; Open-Source community ; hackers "route hijacks", government regulation & takeover (killer switch), hierarchies; technically: BGPsec, IRR, RPKI;
politically: influencing governance 		p2p protocols, Betman [xx]; MPLS, SDN; Tor?!
4 Transport UDP -> DNS www.belastingdiest.nl User; Registrar, Registry, ccTLD, gTLD, ICANN, US government! DNS OARC, IETF, root-nameserver operators, ICANN, IGF/UN/ITU "balkanisation", US hegemony; internationalization; censorship; technically: DNSSEC, DANE ; Tor;
politically: participating in governance 		Alternative trees; blockchain (namecoin); etc
3 Network Internet ifconfig; 10.10.10.10, IPv6 no-one: IP addresses are "leased"!
(PI,PA,LIR,RIR,IANA,IETF) 		RIR PDP, IANA, IETF hierarchy, run-out, incompatibility, market forces; surveillance IPSec Blockchain?
2 Data-link Physical connections Ethernet cables, WiFi, fibers, satellites, under-sea cables Individuals, communities, ISP, "carriers", corporations, governments, Hackers, commercial companies, governments "ownership" models; hierarchy of server-client model; pollution & distraction of Earth; surveillance commoning; shared infrastructure; development of sustainable technologies (?!), recycling; awareness & activism Community WiFi, Project Loon, Drones
1 Physical HW - end user equipment Computer, tablet, phone... User Commercial companies: Apple, Siemens, Samsung... Un-ethical manufacturing, security backdoors, pollution caused by e-waste disposal, Hard: Open HW movement; fair-phone; DIY, Repair Cafes, fair-trade...
Retrieved from "https://wiki.techinc.nl/index.php?title=User:Becha/InternetPlumbing/Layers&oldid=17625"