Difference between revisions of "User:Becha/InternetPlumbing/Layers"

From Technologia Incognita
Jump to: navigation, search
(Owners, Developers, Dangers, Mitigations, Alternatives)
(Owners, Developers, Dangers, Mitigations, Alternatives)
Line 77: Line 77:
 
|
 
|
 
|-
 
|-
|
+
| #
!Layer
+
!Layer name
 
!Example
 
!Example
 
!Practically  
 
!Practically  
Line 116: Line 116:
 
|
 
|
 
|-
 
|-
|7
+
! rowspan="3" | Application layer
|
+
|7.3 -> skype
 
|
 
|
 
|
 
|
Line 126: Line 126:
 
|
 
|
 
|-
 
|-
|6
+
|7.2 -> SMTP / email
 
|
 
|
 
|
 
|
Line 136: Line 136:
 
|
 
|
 
|-
 
|-
|5
+
| 7.1 HTTP
 
|
 
|
 
|
 
|
Line 146: Line 146:
 
|
 
|
 
|-
 
|-
|4
+
|6
|
+
| Presentation
|
+
| HTML, CSS, JSON
 
|
 
|
 
|
 
|
Line 156: Line 156:
 
|
 
|
 
|-
 
|-
||8
+
|5
|
+
| Session
|
+
| BGP (not strictly correct)
|
+
| Routers: Cisco/Juniper (commercial monopolists ;-)
|
+
| Large ISPs; Tier1 / Tier2 ; IXPs!! gossip: based on trust & peering agreements!
|
+
| IETF; Open-Source community ; hackers
|
+
| "route hijacks", government regulation & takeover (killer switch), hierarchies;
|
+
| technically: BGPsec, IRR, RPKI; <br> politically: influencing governance
|
+
| p2p protocols, Betman [xx]; MPLS, SDN; Tor?!
 +
|-
 +
|4
 +
| Transport
 +
| UDP -> DNS
 +
| www.belastingdiest.nl
 +
| User; Registrar, Registry, ccTLD, gTLD, ICANN, US government!
 +
| DNS OARC, IETF, root-nameserver operators, ICANN, IGF/UN/ITU 
 +
| "balkanisation", US hegemony; internationalization; censorship;
 +
| technically: DNSSEC, DANE ; Tor; <br> politically: participating in governance
 +
| Alternative trees; blockchain (namecoin); etc
 
|-
 
|-
 
|3
 
|3

Revision as of 10:41, 3 April 2016

Comparing OSI & TCP / IP layers

Original borrowed from: https://en.wikipedia.org/wiki/OSI_model

TCP / IP Model OSI Model
Layer OSI Layer Protocol data unit (PDU) Function Examples
Application 7. Application Data High-level APIs, including resource sharing, remote file access, directory services and virtual terminals TLS, FTP, HTTP, HTTPS, SMTP, SSH, Telnet, BGP!
6. Presentation Translation of data between a networking service and an application; including character encoding, data compression and encryption/decryption CSS, GIF, HTML, XML, JSON
Transport 5. Session Managing communication sessions, i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes RPC, SCP, NFS, PAP,
4. Transport Segment (TCP) / Datagram (UDP) Reliable transmission of data segments between points on a network, including segmentation, acknowledgement and multiplexing NBF, TCP, UDP
Network /
Internet
3. Network Packet Structuring and managing a multi-node network, including addressing, routing and traffic control AppleTalk, ICMP, IPsec, IPv4, IPv6
Link
layer
2. Data link Frame Reliable transmission of data frames between two nodes connected by a physical layer IEEE 802.2, L2TP, LLDP, MAC, PPP, ATM, MPLS
1. Physical Bit Transmission and reception of raw bit streams over a physical medium DOCSIS, DSL, Ethernet physical layer, ISDN, USB

Cross-layer functions:

  • ARP is used to translate IPv4 addresses (OSI layer 3) into Ethernet MAC addresses (OSI layer 2).
  • Domain Name Service is an Application Layer service which is used to look up the IP address of a given domain name. Once a reply is received from the DNS server, it is then possible to form a Layer 3 connection to the third-party host.
  • etc

Osi-deployment-layers.png

Owners, Developers, Dangers, Mitigations, Alternatives

Osi-deployment-layers.png


# Layer name Example Practically Owner Developed by Vulnerabilities/Dangers Securing Alternatives
10
9
8
Application layer 7.3 -> skype
7.2 -> SMTP / email
7.1 HTTP
6 Presentation HTML, CSS, JSON
5 Session BGP (not strictly correct) Routers: Cisco/Juniper (commercial monopolists ;-) Large ISPs; Tier1 / Tier2 ; IXPs!! gossip: based on trust & peering agreements! IETF; Open-Source community ; hackers "route hijacks", government regulation & takeover (killer switch), hierarchies; technically: BGPsec, IRR, RPKI;
politically: influencing governance
p2p protocols, Betman [xx]; MPLS, SDN; Tor?!
4 Transport UDP -> DNS www.belastingdiest.nl User; Registrar, Registry, ccTLD, gTLD, ICANN, US government! DNS OARC, IETF, root-nameserver operators, ICANN, IGF/UN/ITU "balkanisation", US hegemony; internationalization; censorship; technically: DNSSEC, DANE ; Tor;
politically: participating in governance
Alternative trees; blockchain (namecoin); etc
3 Network Internet ifconfig; 10.10.10.10, IPv6 no-one: IP addresses are "leased"!
(PI,PA,LIR,RIR,IANA,IETF)
RIR PDP, IANA, IETF hierarchy, run-out, incompatibility, market forces; surveillance IPSec Blockchain?
2 Data-link Physical connections Ethernet cables, WiFi, fibers, satellites, under-sea cables Individuals, communities, ISP, "carriers", corporations, governments, Hackers, commercial companies, governments "ownership" models; hierarchy of server-client model; pollution & distraction of Earth; surveillance commoning; shared infrastructure; development of sustainable technologies (?!), recycling; awareness & activism Community WiFi, Project Loon, Drones
1 Physical HW - end user equipment Computer, tablet, phone... User Commercial companies: Apple, Siemens, Samsung... Un-ethical manufacturing, security backdoors, pollution caused by e-waste disposal, Hard: Open HW movement; fair-phone; DIY, Repair Cafes, fair-trade...