Difference between revisions of "User:Becha/InternetPlumbing/Layers"
(→Owners, Developers, Dangers, Mitigations, Alternatives) |
(→Owners, Developers, Dangers, Mitigations, Alternatives) |
||
| Line 77: | Line 77: | ||
| | | | ||
|- | |- | ||
| − | | | + | | # |
| − | !Layer | + | !Layer name |
!Example | !Example | ||
!Practically | !Practically | ||
| Line 116: | Line 116: | ||
| | | | ||
|- | |- | ||
| − | | | + | ! rowspan="3" | Application layer |
| − | | | + | |7.3 -> skype |
| | | | ||
| | | | ||
| Line 126: | Line 126: | ||
| | | | ||
|- | |- | ||
| − | | | + | |7.2 -> SMTP / email |
| | | | ||
| | | | ||
| Line 136: | Line 136: | ||
| | | | ||
|- | |- | ||
| − | | | + | | 7.1 HTTP |
| | | | ||
| | | | ||
| Line 146: | Line 146: | ||
| | | | ||
|- | |- | ||
| − | | | + | |6 |
| − | | | + | | Presentation |
| − | | | + | | HTML, CSS, JSON |
| | | | ||
| | | | ||
| Line 156: | Line 156: | ||
| | | | ||
|- | |- | ||
| − | || | + | |5 |
| − | | | + | | Session |
| − | | | + | | BGP (not strictly correct) |
| − | | | + | | Routers: Cisco/Juniper (commercial monopolists ;-) |
| − | | | + | | Large ISPs; Tier1 / Tier2 ; IXPs!! gossip: based on trust & peering agreements! |
| − | | | + | | IETF; Open-Source community ; hackers |
| − | | | + | | "route hijacks", government regulation & takeover (killer switch), hierarchies; |
| − | | | + | | technically: BGPsec, IRR, RPKI; <br> politically: influencing governance |
| − | | | + | | p2p protocols, Betman [xx]; MPLS, SDN; Tor?! |
| + | |- | ||
| + | |4 | ||
| + | | Transport | ||
| + | | UDP -> DNS | ||
| + | | www.belastingdiest.nl | ||
| + | | User; Registrar, Registry, ccTLD, gTLD, ICANN, US government! | ||
| + | | DNS OARC, IETF, root-nameserver operators, ICANN, IGF/UN/ITU | ||
| + | | "balkanisation", US hegemony; internationalization; censorship; | ||
| + | | technically: DNSSEC, DANE ; Tor; <br> politically: participating in governance | ||
| + | | Alternative trees; blockchain (namecoin); etc | ||
|- | |- | ||
|3 | |3 | ||
Revision as of 11:41, 3 April 2016
Comparing OSI & TCP / IP layers
Original borrowed from: https://en.wikipedia.org/wiki/OSI_model
| TCP / IP Model | OSI Model | |||
|---|---|---|---|---|
| Layer | OSI Layer | Protocol data unit (PDU) | Function | Examples |
| Application | 7. Application | Data | High-level APIs, including resource sharing, remote file access, directory services and virtual terminals | TLS, FTP, HTTP, HTTPS, SMTP, SSH, Telnet, BGP! |
| 6. Presentation | Translation of data between a networking service and an application; including character encoding, data compression and encryption/decryption | CSS, GIF, HTML, XML, JSON | ||
| Transport | 5. Session | Managing communication sessions, i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes | RPC, SCP, NFS, PAP, | |
| 4. Transport | Segment (TCP) / Datagram (UDP) | Reliable transmission of data segments between points on a network, including segmentation, acknowledgement and multiplexing | NBF, TCP, UDP | |
| Network / Internet |
3. Network | Packet | Structuring and managing a multi-node network, including addressing, routing and traffic control | AppleTalk, ICMP, IPsec, IPv4, IPv6 |
| Link layer |
2. Data link | Frame | Reliable transmission of data frames between two nodes connected by a physical layer | IEEE 802.2, L2TP, LLDP, MAC, PPP, ATM, MPLS |
| 1. Physical | Bit | Transmission and reception of raw bit streams over a physical medium | DOCSIS, DSL, Ethernet physical layer, ISDN, USB | |
Cross-layer functions:
- ARP is used to translate IPv4 addresses (OSI layer 3) into Ethernet MAC addresses (OSI layer 2).
- Domain Name Service is an Application Layer service which is used to look up the IP address of a given domain name. Once a reply is received from the DNS server, it is then possible to form a Layer 3 connection to the third-party host.
- etc
Owners, Developers, Dangers, Mitigations, Alternatives
| # | Layer name | Example | Practically | Owner | Developed by | Vulnerabilities/Dangers | Securing | Alternatives |
|---|---|---|---|---|---|---|---|---|
| 10 | ||||||||
| 9 | ||||||||
| 8 | ||||||||
| Application layer | 7.3 -> skype | |||||||
| 7.2 -> SMTP / email | ||||||||
| 7.1 HTTP | ||||||||
| 6 | Presentation | HTML, CSS, JSON | ||||||
| 5 | Session | BGP (not strictly correct) | Routers: Cisco/Juniper (commercial monopolists ;-) | Large ISPs; Tier1 / Tier2 ; IXPs!! gossip: based on trust & peering agreements! | IETF; Open-Source community ; hackers | "route hijacks", government regulation & takeover (killer switch), hierarchies; | technically: BGPsec, IRR, RPKI; politically: influencing governance |
p2p protocols, Betman [xx]; MPLS, SDN; Tor?! |
| 4 | Transport | UDP -> DNS | www.belastingdiest.nl | User; Registrar, Registry, ccTLD, gTLD, ICANN, US government! | DNS OARC, IETF, root-nameserver operators, ICANN, IGF/UN/ITU | "balkanisation", US hegemony; internationalization; censorship; | technically: DNSSEC, DANE ; Tor; politically: participating in governance |
Alternative trees; blockchain (namecoin); etc |
| 3 | Network | Internet | ifconfig; 10.10.10.10, IPv6 | no-one: IP addresses are "leased"! (PI,PA,LIR,RIR,IANA,IETF) |
RIR PDP, IANA, IETF | hierarchy, run-out, incompatibility, market forces; surveillance | IPSec | Blockchain? |
| 2 | Data-link | Physical connections | Ethernet cables, WiFi, fibers, satellites, under-sea cables | Individuals, communities, ISP, "carriers", corporations, governments, | Hackers, commercial companies, governments | "ownership" models; hierarchy of server-client model; pollution & distraction of Earth; surveillance | commoning; shared infrastructure; development of sustainable technologies (?!), recycling; awareness & activism | Community WiFi, Project Loon, Drones |
| 1 | Physical | HW - end user equipment | Computer, tablet, phone... | User | Commercial companies: Apple, Siemens, Samsung... | Un-ethical manufacturing, security backdoors, pollution caused by e-waste disposal, | Hard: | Open HW movement; fair-phone; DIY, Repair Cafes, fair-trade... |
