You are an essential ingredient in our ongoing effort to reduce Security Risk.
Introduction to TCP/IP Model
The TCP/IP model is a network protocol that enables communication over the Internet. Short for Transmission Control Protocol/Internet Protocol, it is the standard protocol and a four-layer model that defines how data is transmitted over a network and how devices communicate.
Developed in the 1970s by the U.S. Department of Defense (DOD) to create a network that could function even if parts of it were damaged or destroyed, the TCP/IP model was first published in 1981 as version 4 and later updated to version 6 in 1995.
Today, the TCP/IP model is the "de facto" standard for communication on the Internet and is used by almost all computers and devices connected to the web. It has been instrumental in the development and growth of the Internet, becoming an essential part of modern communication.
Scenario
User_A wants to send an email to User_B. She opens her email client and composes a message stored on her device.
User_A's device uses the transport layer (layer 4) of the TCP/IP model to send the message.
The router examines the destination IP address of the message and determines that it needs to be sent to User_B's device, which is on a different network.
The router sends the message to the next router in the path to Bob's device. This process continues until the message reaches User_B's device.
When User_B's device receives the message, it uses the TCP/IP model application layer to display the message in User_B's email client.
If any of the packets containing the message are lost or damaged during transmission, the transport layer of the TCP/IP model will detect the error and request that the sender retransmits the lost or damaged packets.
The 4 Layers of TCP/IP Model
We'll describe TCP/IP layers "top-down" from the application layer that directly serves the end user to the Network Access Layer.
The Application Layer
The application layer is the highest layer of the TCP/IP model, a framework that defines how devices communicate over a network. It is the layer closest to the end user and represents the applications that run on the device and use the network to communicate.
The primary function of the application layer is to provide a means for applications to access the network and communicate with other devices. It does this by providing a set of protocols that enable different applications to send and receive data over the network. Some examples of application layer protocols include:
HTTP (Hypertext Transfer Protocol): HTTP is the primary protocol for transferring web pages and other data on the World Wide Web.
SMTP (Simple Mail Transfer Protocol): SMTP is used for sending emails.
DNS (Domain Name System): DNS translates domain names (e.g., www.example.com) into IP addresses.
RDP (Remote Desktop Protocol): This protocol is used to access a desktop computer remotely.
Telnet: Telnet enables one computer to connect to the local computer.
SNMP (Simple Network Management Protocol): SNMP monitors and manages network devices connected over an IP.
FTP (File Transfer Protocol): FTP protocol transfers files between computers.
HTTPS (Hypertext Transfer Protocol Secure): HTTPS is a secure version of HTTP that encrypts communication between a web server and a client.
The application layer also provides interfaces for applications to access the network, such as sockets and APIs (Application Programming Interfaces). It is responsible for translating application data into a format that can be transmitted over the network and for presenting the data to the user meaningfully.
The Transport Layer
The transport layer is the third layer of the TCP/IP model, a framework that defines how devices communicate over a network. It sits above the internet layer and the application layer.
The primary function of the transport layer is to ensure the reliable delivery of data between devices on a network. It is responsible for establishing and maintaining end-to-end communication between devices and providing error-checking and flow control.
The transport layer uses two main protocols to achieve these goals:
TCP (Transmission Control Protocol): TCP is a connection-oriented protocol that provides reliable data delivery. It establishes a connection between devices and ensures that all data is delivered accurately. If any data is lost or corrupted during transmission, TCP will request that the sender retransmit the lost or corrupted data.
UDP (User Datagram Protocol): UDP is a connectionless protocol that does not guarantee data delivery. It is used for real-time applications, such as online gaming and VoIP, where speed is more important than reliability.
The transport layer also provides services such as port numbering, which enables multiple applications on a single device to communicate over the network simultaneously. It also provides multiplexing and demultiplexing, which enables multiple data streams to be transmitted over a single connection.
Overall, the transport layer plays a crucial role in ensuring reliable data delivery between devices on a network and providing services that enable multiple applications to communicate simultaneously.
The Internet Layer
The Internet layer is the second layer of the TCP/IP protocol stack. It is responsible for providing logical addressing and routing services to ensure that data packets are delivered from their source to their destination over a network.
It provides the means for two devices to communicate with each other regardless of their physical location or the type of network they are connected to. Examples of Internet layer protocols include:
Internet Protocol (IP): IP is the primary protocol of the Internet layer and is responsible for providing logical addressing and routing services to ensure that data packets are delivered from their source to their destination over a network.
Internet Control Message Protocol (ICMP): ICMP reports errors and sends diagnostic information in the Internet Protocol (IP). It sends error messages, such as "destination unreachable" or "time exceeded," when a device cannot deliver a data packet to its intended destination.
Internet Group Management Protocol (IGMP): IGMP manages the membership of Internet Protocol (IP) multicast groups. It is used by devices to join and leave multicast groups and by routers to track the membership of multicast groups.
Address Resolution Protocol (ARP): ARP is a protocol that maps an IP address to a physical address, such as a MAC address. It is used to determine the MAC address of a device on a local network when only its IP address is known.
Reverse Address Resolution Protocol (RARP): RARP is a protocol used to map a physical address, such as a MAC address, to an IP address. It is used to determine the IP address of a device on a local network when only its MAC address is known.
Internet Protocol Version 6 (IPv6): IPv6 is the latest version of the Internet Protocol and is designed to address the limitations of the previous version, IPv4. It provides a much larger address space, improved security, and better support for mobile devices and Internet of Things (IoT) applications.
The Network Access Layer
The Network Access layer of the TCP/IP model, also known as the Link layer, is responsible (along with the transport and internet layer) for transmitting data between devices on a local network. It is the bottom layer of the TCP/IP model and sits below the Internet layer.
It transmits data between devices that are physically connected to the same network, and it uses protocols such as Ethernet and Token rings.
The Network Access layer is responsible for adding a header to each data packet containing information such as the destination MAC (Media Access Control) address and the packet's sequence number. The MAC address is a unique numerical identifier assigned to every device connected to the network. Examples of network access layer protocols include:
Token Ring: Token ring (IEEE 802.5) is a communication protocol in a local area network (LAN). All stations are connected in a ring topology and pass one or more tokens for channel acquisition.
PPP(Point-to-Point Protocol): This data link protocol is used to establish a connection between two devices over a serial link, such as a phone line or a leased line. It is commonly used to connect a computer to the internet over a dial-up connection.
Frame Relay: Frame Relay is a Wide Area Network (WAN) protocol used to transmit data over long distances using high-speed digital links.
Register for instructor-led online courses today!
Check out our self-paced courses!
Contact us with your custom pen testing needs at: info@darkrelay.com or WhatsApp.
Comments