Difference between revisions of "User:Becha/InternetPlumbing"

From Technologia Incognita
Jump to: navigation, search
(Overview)
(Description of OSI layers)
Line 113: Line 113:
 
  (TODO: add ISC reference to Evi's wikipedia page!!)  
 
  (TODO: add ISC reference to Evi's wikipedia page!!)  
  
==Description of OSI layers==
+
==Comparing OSI & TCP / IP layers==
  
Borrowed from: https://en.wikipedia.org/wiki/OSI_model  
+
Original borrowed from: https://en.wikipedia.org/wiki/OSI_model  
 
 
The recommendation X.200 describes seven layers, labeled 1 to 7. Layer 1 is the lowest layer in this model
 
  
 
{| class="wikitable" style="margin: 1em auto 1em auto;"
 
{| class="wikitable" style="margin: 1em auto 1em auto;"
 
|-
 
|-
! colspan="5" | OSI Model
+
| TCP / IP Model
 +
! colspan="4" | OSI Model
 
|-
 
|-
! colspan="2" | Layer
+
| Layer
 +
| OSI Layer
 
! [[Protocol data unit]] (PDU)
 
! [[Protocol data unit]] (PDU)
! style="width:30em;" | Function<ref>{{Cite web | title = The OSI Model's Seven Layers Defined and Functions Explained | work = Microsoft Support | accessdate = 2014-12-28 | url = https://support.microsoft.com/kb/103884}}</ref>
+
! style="width:30em;" | Function
 
! Examples
 
! Examples
 
|-
 
|-
! rowspan="4" | Host<br />layers
+
! rowspan="2" | Application
 
| style="background:#d8ec9b;" | 7.&nbsp;[[Application layer|Application]]
 
| style="background:#d8ec9b;" | 7.&nbsp;[[Application layer|Application]]
 
| style="background:#d8ec9c;" rowspan="3" | [[Data (computing)|Data]]
 
| style="background:#d8ec9c;" rowspan="3" | [[Data (computing)|Data]]
 
| style="background:#d8ec9c;" | <small>High-level [[API]]s, including resource sharing, remote file access, [[directory service]]s and [[virtual terminal]]s</small>
 
| style="background:#d8ec9c;" | <small>High-level [[API]]s, including resource sharing, remote file access, [[directory service]]s and [[virtual terminal]]s</small>
| [[Transport Layer Security|TLS]], [[FTP]], [[HTTP]], [[HTTPS]], [[SMTP]], [[Secure Shell|SSH]], [[Telnet]]
+
| [[Transport Layer Security|TLS]], [[FTP]], [[HTTP]], [[HTTPS]], [[SMTP]], [[Secure Shell|SSH]], [[Telnet]], BGP!
 
|-
 
|-
 
| style="background:#d8ec9b;" | 6.&nbsp;[[Presentation layer|Presentation]]
 
| style="background:#d8ec9b;" | 6.&nbsp;[[Presentation layer|Presentation]]
Line 138: Line 138:
 
| [[CSS]], [[GIF]], [[HTML]], [[XML]], [[JSON]]
 
| [[CSS]], [[GIF]], [[HTML]], [[XML]], [[JSON]]
 
|-
 
|-
 +
! rowspan="2" | Transport
 
| style="background:#d8ec9b;" | 5. [[Session layer|Session]]
 
| style="background:#d8ec9b;" | 5. [[Session layer|Session]]
 
| style="background:#d8ec9b;" | <small>Managing communication [[Session (computer science)|sessions]], i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes</small>
 
| style="background:#d8ec9b;" | <small>Managing communication [[Session (computer science)|sessions]], i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes</small>
Line 147: Line 148:
 
| [[NetBIOS Frames protocol|NBF]], [[Transmission Control Protocol|TCP]], [[User Datagram Protocol|UDP]]
 
| [[NetBIOS Frames protocol|NBF]], [[Transmission Control Protocol|TCP]], [[User Datagram Protocol|UDP]]
 
|-
 
|-
! rowspan="3" | Media<br />layers
+
| Network / <br> Internet
 
| style="background:#eddc9c;" | 3. [[Network layer|Network]]
 
| style="background:#eddc9c;" | 3. [[Network layer|Network]]
 
| style="background:#eddc9c;" | [[Network packet|Packet]]
 
| style="background:#eddc9c;" | [[Network packet|Packet]]
Line 153: Line 154:
 
| [[AppleTalk]], [[Internet Control Message Protocol|ICMP]], [[IPsec]], [[IPv4]], [[IPv6]]
 
| [[AppleTalk]], [[Internet Control Message Protocol|ICMP]], [[IPsec]], [[IPv4]], [[IPv6]]
 
|-
 
|-
 +
! rowspan="2" | Link <br> layer
 
| style="background:#e9c189;" | 2. [[Data link layer|Data link]]
 
| style="background:#e9c189;" | 2. [[Data link layer|Data link]]
 
| style="background:#e9c189;" | [[Frame (networking)|Frame]]
 
| style="background:#e9c189;" | [[Frame (networking)|Frame]]
Line 164: Line 166:
 
|}
 
|}
 
<!----- {{Clear}} ------->
 
<!----- {{Clear}} ------->
 +
 +
Cross-layer functions:
 +
 +
* ARP is used to translate IPv4 addresses (OSI layer 3) into Ethernet MAC addresses (OSI layer 2).
 +
* Domain Name Service is an Application Layer service which is used to look up the IP address of a given domain name. Once a reply is received from the DNS server, it is then possible to form a Layer 3 connection to the third-party host.
 +
* etc
  
 
[[File:Osi-deployment-layers.png]]
 
[[File:Osi-deployment-layers.png]]
 +
 +
==Owners, Developers, Dangers, Mitigations, Alternatives==
 +
 +
[[File:Osi-deployment-layers.png]]
 +
  
 
{| class="wikitable sortable"
 
{| class="wikitable sortable"
!Layer
+
|-
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
| #
 +
!Layer name
 
!Example
 
!Example
 
!Practically  
 
!Practically  
Line 174: Line 198:
 
!Developed by
 
!Developed by
 
|Vulnerabilities/Dangers
 
|Vulnerabilities/Dangers
!Securing
+
| Securing
 
| Alternatives
 
| Alternatives
 
|-
 
|-
|Physical
+
|10
|HW - end user equipment
+
|
|Computer, tablet, phone... 
+
|
|User
+
|
|Commercial companies: Apple, Siemens, Samsung...
+
|
|Un-ethical manufacturing, security backdoors, pollution caused by e-waste disposal,
+
|
|Hard:
+
|
|Open HW movement; fair-phone; DIY, Repair Cafes, fair-trade...
+
|
 +
|-
 +
|9
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
|8
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|-
 +
! rowspan="3" | Application layer
 +
|7.3 -> skype
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 +
|
 
|-
 
|-
 +
|7.2 -> SMTP / email
 +
|
 
|
 
|
 
|
 
|
Line 194: Line 250:
 
|
 
|
 
|-
 
|-
 +
| 7.1 HTTP
 +
| web, WWW
 +
| web sites! LoLCats!
 +
| individuals, on their own servers! <br> blogs (blogspot?), mainstream media, hosting companies; corporations: Google, Facebook, Amazon... YouTube..
 +
| W3c, IETF
 +
| censorship; silos; walled gardens; commercialization, consumerism;
 +
| httpS, SSL, TLS; activism, digital human rights; associations of users;
 +
| torrent! p2p! alternative social media!
 
|
 
|
 
|
 
|
 +
|-
 +
|6
 +
| Presentation
 +
| HTML, CSS, JSON
 
|
 
|
 
|
 
|
Line 201: Line 269:
 
|
 
|
 
|
 
|
|}
+
|
 
+
|
 +
|-
 +
|5
 +
| Session
 +
| BGP (actually layer 7...) 
 +
| routing: exchanging AS reachability info via gossip: based on trust & peering agreements! <br> physical routers by routers: Cisco/Juniper (commercial monopolists ;-)
 +
| Large ISPs; Tier1 / Tier2 ; IXPs!!  RIRs give out AS numbers
 +
| "routing-wg" @ RIPE; *NOGs! (nano, nlnog, grnog; peering forums; Euro-IX); IETF; Open-Source community ; hackers
 +
| "route hijacks", government regulation & takeover (killer switch), hierarchies;
 +
| technically: BGPsec, IRR, RPKI; <br> politically: influencing governance
 +
| p2p protocols, Betman [xx]; MPLS, SDN; Tor?!
 +
|
 +
|-
 +
|4
 +
| Transport
 +
| UDP -> DNS
 +
| www.belastingdiest.nl
 +
| User; Registrar, Registry, ccTLD, gTLD, ICANN, US government!
 +
| DNS OARC, IETF, root-nameserver operators, ICANN, IGF/UN/ITU 
 +
| "balkanisation", US hegemony; internationalization; censorship;
 +
| technically: DNSSEC, DANE ; Tor; <br> politically: participating in governance
 +
| Alternative trees; blockchain (namecoin); etc
 +
|
 +
|-
 +
|3
 +
| Network
 +
| Internet
 +
| ifconfig; 10.10.10.10, IPv6
 +
| no-one: IP addresses are "leased"! <br> (PI,PA,LIR,RIR,IANA,IETF)
 +
| RIR PDP, IANA, IETF
 +
| hierarchy, run-out, incompatibility, market forces; surveillance
 +
| IPSec
 +
| Blockchain?
 +
|
 +
|-
 +
|2
 +
| Data-link
 +
| Physical connections
 +
| Ethernet cables, WiFi, fibers, satellites, under-sea cables 
 +
| Individuals, communities, ISP, "carriers", corporations, governments, 
 +
| Hackers, commercial companies, governments
 +
| "ownership" models; hierarchy of server-client model; pollution & distraction of Earth; surveillance
 +
| commoning; shared infrastructure; development of sustainable technologies (?!), recycling; awareness & activism 
 +
|Community WiFi, Project Loon, Drones
 +
|
 +
|-
 +
|1
 +
|Physical
 +
|HW - end user equipment
 +
|Computer, tablet, phone... 
 +
|User
 +
|Commercial companies: Apple, Siemens, Samsung...
 +
|Un-ethical manufacturing, security backdoors, pollution caused by e-waste disposal,
 +
|Hard:
 +
|Open HW movement; fair-phone; DIY, Repair Cafes, fair-trade...
 +
|
 +
|-|}
  
 
==Participate, take action, join==
 
==Participate, take action, join==

Revision as of 11:14, 3 April 2016

Hacking-feminism-screenshot.png

Lecture at Hacking Feminism

Internet Plumbing

Internet Plumbing is a word-game with multiple layers of meaning (ha! a recursive pun ;-)

Women role models in computing.jpg

Series of Tubes

Ubiquitous and complicated as plumbing?

  • Internet as a utility
  • just like "plumbing" (water & sewage), there is underlying "technology" to it, so complex, that no-one seems to grasp how all of it works
  • 60% of the population of the planet does NOT have "teh Internets", and 30% does not have plumbing either (http://www.un.org/waterforlifedecade/sanitation.shtml)


Acronyms!

Protocol stack hourglass 1.jpeg
  • TCP/IP
  • IPv4, IPv6: Internet Protocol (IP) addresses
  • NAT: Network Address Translation
  • DNS: Domain Name System
  • ASN: Autonomous System Number
    • used for BGP routing (Border Gateway Protocol)
  • IXP: Internet eXchange Point
  • SMTP
  • HTTP
  • CDN

Basics

750px-Ipv4 address.svg.png

500px-An example of theoretical DNS recursion-nl.svg.png Becha-Autonomous-system.png

https://en.wikipedia.org/wiki/Border_Gateway_Protocol

More-dolls-fig2.jpg Networking-fig3.jpg Email-tmp3163.jpg Best-tmp314.jpg

Many many more resources: books, videos:

Links:

Security, Privacy, Avoiding Censorship

Alternatives

MeshNet: "Hackers and philosophers building an utopia together": http://becha.home.xs4all.nl/hackers-philosophers-utopian-network-dec-2012-becha.pdf

MeshNet#Education

Tier0.png

P2pbgpsec#Technical_view

November 2014: Nature will have the last word, on Future of Technology, RIPE69 https://wiki.techinc.nl/index.php/File:Nature-speaking-on-future_of_the_internet-RIPE69.pdf

UnCivilization: critical thinking about Internet & capitalism: https://lists.puscii.nl/wws/info/uncivilization

Playfull: Internet Simulator: https://github.com/nsec/the-internet

  • Alternative Network Deployments: Taxonomy, characterization, technologies and architectures

https://www.ietf.org/id/draft-irtf-gaia-alternative-network-deployments-04.txt

Overview

Evi nemeth.jpg

Osi-layers-ti-shirt-download.jpeg OSI Model T-shirt enhanced to include an 8th and 9th layer as defined by Evi Nemeth: https://en.wikipedia.org/wiki/Evi_Nemeth // https://www.isc.org/product/isc-9-layer-osi-model-cotton-t-shirt/ 

(TODO: add ISC reference to Evi's wikipedia page!!)

Comparing OSI & TCP / IP layers

Original borrowed from: https://en.wikipedia.org/wiki/OSI_model

TCP / IP Model OSI Model
Layer OSI Layer Protocol data unit (PDU) Function Examples
Application 7. Application Data High-level APIs, including resource sharing, remote file access, directory services and virtual terminals TLS, FTP, HTTP, HTTPS, SMTP, SSH, Telnet, BGP!
6. Presentation Translation of data between a networking service and an application; including character encoding, data compression and encryption/decryption CSS, GIF, HTML, XML, JSON
Transport 5. Session Managing communication sessions, i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes RPC, SCP, NFS, PAP,
4. Transport Segment (TCP) / Datagram (UDP) Reliable transmission of data segments between points on a network, including segmentation, acknowledgement and multiplexing NBF, TCP, UDP
Network /
Internet 		3. Network Packet Structuring and managing a multi-node network, including addressing, routing and traffic control AppleTalk, ICMP, IPsec, IPv4, IPv6
Link
layer 		2. Data link Frame Reliable transmission of data frames between two nodes connected by a physical layer IEEE 802.2, L2TP, LLDP, MAC, PPP, ATM, MPLS
1. Physical Bit Transmission and reception of raw bit streams over a physical medium DOCSIS, DSL, Ethernet physical layer, ISDN, USB

Cross-layer functions:

  • ARP is used to translate IPv4 addresses (OSI layer 3) into Ethernet MAC addresses (OSI layer 2).
  • Domain Name Service is an Application Layer service which is used to look up the IP address of a given domain name. Once a reply is received from the DNS server, it is then possible to form a Layer 3 connection to the third-party host.
  • etc

Osi-deployment-layers.png

Owners, Developers, Dangers, Mitigations, Alternatives

Osi-deployment-layers.png


Participate, take action, join

Next: Internet Governance

See this lecture : Internet_Governance_Digital_Culture#Internet_Governance

Internet_Governance_and_hackers

More LINKS

# Layer name Example Practically Owner Developed by Vulnerabilities/Dangers Securing Alternatives
10
9
8
Application layer 7.3 -> skype
7.2 -> SMTP / email
7.1 HTTP web, WWW web sites! LoLCats! individuals, on their own servers!
blogs (blogspot?), mainstream media, hosting companies; corporations: Google, Facebook, Amazon... YouTube.. 		W3c, IETF censorship; silos; walled gardens; commercialization, consumerism; httpS, SSL, TLS; activism, digital human rights; associations of users; torrent! p2p! alternative social media!
6 Presentation HTML, CSS, JSON
5 Session BGP (actually layer 7...) routing: exchanging AS reachability info via gossip: based on trust & peering agreements!
physical routers by routers: Cisco/Juniper (commercial monopolists ;-) 		Large ISPs; Tier1 / Tier2 ; IXPs!! RIRs give out AS numbers "routing-wg" @ RIPE; *NOGs! (nano, nlnog, grnog; peering forums; Euro-IX); IETF; Open-Source community ; hackers "route hijacks", government regulation & takeover (killer switch), hierarchies; technically: BGPsec, IRR, RPKI;
politically: influencing governance 		p2p protocols, Betman [xx]; MPLS, SDN; Tor?!
4 Transport UDP -> DNS www.belastingdiest.nl User; Registrar, Registry, ccTLD, gTLD, ICANN, US government! DNS OARC, IETF, root-nameserver operators, ICANN, IGF/UN/ITU "balkanisation", US hegemony; internationalization; censorship; technically: DNSSEC, DANE ; Tor;
politically: participating in governance 		Alternative trees; blockchain (namecoin); etc
3 Network Internet ifconfig; 10.10.10.10, IPv6 no-one: IP addresses are "leased"!
(PI,PA,LIR,RIR,IANA,IETF) 		RIR PDP, IANA, IETF hierarchy, run-out, incompatibility, market forces; surveillance IPSec Blockchain?
2 Data-link Physical connections Ethernet cables, WiFi, fibers, satellites, under-sea cables Individuals, communities, ISP, "carriers", corporations, governments, Hackers, commercial companies, governments "ownership" models; hierarchy of server-client model; pollution & distraction of Earth; surveillance commoning; shared infrastructure; development of sustainable technologies (?!), recycling; awareness & activism Community WiFi, Project Loon, Drones
1 Physical HW - end user equipment Computer, tablet, phone... User Commercial companies: Apple, Siemens, Samsung... Un-ethical manufacturing, security backdoors, pollution caused by e-waste disposal, Hard: Open HW movement; fair-phone; DIY, Repair Cafes, fair-trade...
Retrieved from "https://wiki.techinc.nl/index.php?title=User:Becha/InternetPlumbing&oldid=17626"