TCP/IP Model

-

TCP/IP stands for Transmission Control Protocol/Internet Protocol and is a standard protocol suite used to facilitate communication between network devices over the internet which consists of two components TCP and IP. TCP/IP is a compact form of OSI model. Unlike the OSI model, which has seven layers, it has four layers.




The data is divided into packets by the TCP/IP Model at the sender's end, and in order to preserve data correctness, the same packets must be reassembled at the recipient's end. The data is divided into four layers by the TCP/IP paradigm, which arranges the data in a sequential fashion at the sender's end and reorders it at the recipient's end.

Network Access Layer:

A combination of Physical layer & Data Link layer defined in OSI model, responsible for the transmission of the data between two devices over network. Ethernet protocol is used by this layer.

Network Layer / Internet Layer:

It is responsible to send the packets from a network to the destination irrespective of the route packets take.

IP protocol, ICMP & ARP are main protocols used by this layer. IP is used for routing data packets between network devices over internet. Each & every device connected over network, have a unique IP address. The data transmitted are allowed to and from specific destinations. IP addresses are represented by two formats namely IPv4 (32-bit) or IPv6 (128-bits). 

Internet Control Message Protocol is referred to as ICMP with responsibility to inform hosts (either source hosts or destination hosts) about network issues and is contained within IP datagrams.

ARP stands for Address Resolution Protocol with responsibility to find the hardware address of a host from a known IP address. ARP has many types like Reverse ARP, Proxy ARP, Gratuitous ARP and Inverse ARP.

Transport Layer:

The transport layer responsibilities are the reliability, flow control, and correction of data which is being sent over the network. The two protocols are used in this layer are User Datagram protocol(UDP) and Transmission control protocol(TCP).

Transmission control protocol (TCP) and user datagram protocol (UDP) differ primarily in that UDP is a connectionless protocol while TCP is connection-based. Although TCP transfers data more slowly, it is more reliable because it detects the error and retransmits the damaged frames. UDP operates faster but is less reliable because it discovers the errors but not specify the error.

TCP ensures reliable data transmission by providing mechanisms for error detection, flow control, and packet sequencing. It establishes connections between devices through a process known as the TCP handshake, which involves three steps: SYN, SYN-ACK, and ACK. TCP breaks data into smaller segments, assigns sequence numbers to each segment, and reassembles them at the receiving end.

Each TCP header has 10 required fields totaling 20 bytes (160 bits) in size. It can optionally include an additional data field up to 40 bytes in size while UDP headers are limited to 8 bytes in size.

TCP is best suitable for apps that require reliability for example web, file transfer, email, and secure shell while UDP is best suitable for apps that require speed for example VPNs, streaming video, VoIP, live broadcasts, and online gaming.

Application Layer:

It is topmost layer of TCP/IP model with responsibilities of end-to-end communication, error-free delivery of data, allows user to interact with application.

Three protocols are used in this layer like HTTP/HTTPS, SSH and NTP.

HTTP stands for Hypertext transfer protocol, communicate between web browsers and servers. HTTPS stands for HTTP-Secure, a combination of HTTP with SSL(Secure Socket Layer). It is secure & used where the browser needs to fill out forms, sign in, authenticate and for bank transactions.

SSH stands for Secure Shell, preferred because of its ability to maintain the encrypted connection. It sets up a secure session over a TCP/IP connection.

NTP stands for Network Time Protocol, used to synchronize the clocks on PC to standard time source & useful in situations like bank transactions. For example a transaction is carried out, PC shows the time at 4:00 PM while the server records it at 4:30 PM & since due to syncing not taking place properly the server can crash.

Comments

Post a Comment

Popular posts from this blog

OWASP Top 10

-
OWASP Top 10 is an awareness document mentioning top 10 most critical risks in web application security which is regularly updated by an international non-profit organization called Open Web Application Security Project, dedicated to web application security. 1. Broken Access Control Broken access control vulnerability allows attackers to read / view sensitive data and carry out actions that they are not authorized to carry out. As an illustration, consider a website allows only admin users to view its admin pages and protected from regular users. If access control is compromised, an unauthorized user can read private data belonging to other users, gain access to admin and carry out actions that they are not intended to. Example of such type of vulnerability is Insecure Direct Object References (IDOR). Consider a user on a website uses following URL to access his / her account: https://xyz.com/user_acct?user_num=123 Using the URL, user retrieving his information from the database in th
Read more

AAA

-
Image
AAA stands for Authentication, Authorization & Accounting. AAA is an information security framework used for controlling access to computer resources, enforcing policies & tracking for auditing usage of resources required for billing of resources.                           AAA used to control which user is allowed to access the network resources by comparing user's login credentials (user id & password) with AAA server's database (Active Directory) stored user credential data called Authentication, authorize that user for performing a pre-defined task as per roles & responsibilities set in the database (enforcing policies) called Authorization and tracking the actions performed while accessing the network called Accounting. Here AAA server acts as an Identity & Access Management Tool. For example, administrator can access a network device by using console normally.  In case of accessing network device remotely, it can happen only by using IP address. But the
Read more