OSI Model and Network Protocols Flashcards
Describe Layer 1 (Physical) in the OSI Model
This layer deals with the hardware of networks such as cabling. It defines the mechanical and electrical standards of interface devices and the types of cables used to transmit digital signals (e.g. optical fiber, coaxial cable, wireless, etc.).
Describe Layer 2 (Data Link) of the OSI Model
This layer receives data from the physical layer and compiles it into a transform form called framing or frame. The principal purpose of this layer is to detect transfer errors by adding headers to data packets.
Describe layer 3 (Network) of the OSI Model
This is the most important layer of the OSI model, which performs real time processing and transfers data from nodes to nodes. Routers and switches are the devices used for this layer that connects the notes in the network to transmit and control data flow.
Describe Layer 4 (Transport) of the OSI Model
The transport layer works on two determined communication modes: Connection oriented and connectionless. This layer transmits data from source to destination node. This layer includes TCP, responsible for reliable and correctly ordered packets, congestion control and others.
Describe Layer 5 (Session) of the OSI Model
This layer allows users on different machines to establish active communications sessions between them. It is responsible for establishing, maintaining, synchronizing, terminating sessions between end-user applications. Session Layer, which is the 5th layer in the OSI model, uses the services provided by The transport layer, enables applications to establish and maintain sessions and to synchronize the sessions.
Describe Layer 6 (Presentation) of the OSI Model
Within the service layering semantics of the OSI network architecture, the presentation layer responds to service requests from the application layer and issues service requests to the session layer through a unique presentation service access point (PSAP).
The presentation layer ensures the information that the application layer of one system sends out is readable by the application layer of another system. On the sending system it is responsible for conversion to standard, transmittable formats. On the receiving system it is responsible for the translation, formatting, and delivery of information for processing or display.
Describe Layer 7 (Application) of the OSI Model
This layer provides several ways for manipulating the data (information) which actually enables any type of user to access network with ease. This layer also makes a request to its bottom layer, which is presentation layer for receiving various types of information from it. The application layer is actually an abstraction layer that specifies the shared protocols and interface methods used by hosts in a communication network.
Name common protocols in Layer 1 of the OSI model
Bluetooth, IEEE.802.11, IEEE.802.3, L431 and TIA 449, PON, OTN, DSL
Name common protocols in the Data Link OSI Layer
802.1x, EAPOL, CDP, Spanning Tree Protocol, Token Ring, ARP, CSLIP, HDLC, IEEE.802.3, PPP, X-25, SLIP, ATM, SDLS and PLIP.
Name common protocols in the Network OSI layer
ICMP, IPSec, OSPF, EIGRP, IPV4/6
Name common protocols in the Transport OSI Layer
TCP, UDP, Variations thereof.
Name common protocols in the Session OSI Layer
NETBios, SOCKS, RTCP, PPTP
Name Common Protocols in the Presentation OSI Layer
SSL, HTTP, FTP, AppleTalk Filing Protocol, Telnet, SSH
Name common protocols in the application layer
HTML, Markdown, FTP, SNMP, DNS, NFS, POP - all the good ones.
Describe CDP
CDP is a layer 2 protocol that is used by Cisco and CDP compatible hardware to inform hardware ‘neighbours’ of information that may include: operating system version, hostname, every address (i.e. IP address) from all protocol(s) configured on the port where CDP frame is sent, the port identifier from which the announcement was sent, device type and model, duplex setting, VTP domain, native VLAN, power draw (for Power over Ethernet devices), and other device specific information - it can also include routing information, to save normal routing packets being sent
this information can be queried via SNMP and the CDP ‘show cdp neighbors’ command on Cisco hardware.
CDP sends data out to a ‘multicast’ MAC address - 01:00:0c:cc:cc:cc
yersinia causes DoS
- Simply sending CDP packets with bogus data simulating real Cisco devices. The target device will begin to allocate memory in its CDP table to save the new neighbor information, but without knowing that it is going to have thousands or millions of new friends.
Describe STP
The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. As the name suggests, STP creates a spanning tree that characterizes the relationship of nodes within a network of connected layer-2 bridges, and disables those links that are not part of the spanning tree, leaving a single active path between any two network nodes.
- no authentication
- can manipulate process to cause constant reconfiguration state, leading to a dos
- flood network with BPDU (update packets) leading the network to constantly reconfigure itself
- yersinia
Taking over a root bridge is probably one of the most disruptive attacks. By default, a LAN switch takes any BPDU sent from Yersinia at face value. Keep in mind that STP is trustful, stateless, and does not provide a solid authentication mechanism. The default STP bridge priority is 32768. Once in root attack mode, Yersinia sends a BPDU every 2 sec with the same priority as the current root bridge, but with a slightly numerically lower MAC address, which ensures it a victory in the root-bridge election process
Describe the VLAN 802.1q protocol
A protocol used to segregate networks into smaller logical chunks by ensuring ethernet packets are ‘tagged’ with a 4 byte VLAN ID, it supports up to 4096 VLANS. The VLAN tag is inserted between the source MAC address and the Type/Length fields in the Ethernet frame
Describe 802.1x
allows authentication via credentials of a device accessing the network, prevents wider network access prior to authentication.
Take user credentials provided by the client device to the switch/whatever, and forwards it on to a RADIUS server where authentication can be verified.