Describe how network security is affected at the TCP/IP levels.
Internet and TCP/IP are often used synonymously. When the Internet's predecessor was first created in the 1960s, operational issues, not security, were the primary goal.
TCP/IP protocol layers
Security mechanisms are being "retrofitted" to work with existing networks and TCP/IP.
An understanding of the the TCP/IP protocol is necessary for network security. The TCP/IP stack contains four layers:
data link and physical
IP: An Internet protocol or IP address is a number that is used to uniquely identify computers connected to the Internet.
(ICMP)Internet Control Message Protocol: A protocol used to communicate errors or other conditions at the IP layer.
(TCP )Transmission Control Protocol/Internet Protocol (TCP/IP): A suite of protocols that turns information into blocks of information called packets. These are then sent across networks such as the Internet.
UDP (User Datagram Protocol): A connectionless protocol at the transport layer of the TCP/IP protocol stack, often used for broadcast-type protocols such as audio or video traffic.
as shown in the diagram below.
In the application layer, a client-side application is used to initiate communication with other hosts. The server-side uses transport layer ports to distinguish requests for various server applications.
Tcp Ip Network Definitions
The International Standards Organization (ISO) created a seven-layer networking model that is used to create a standard for network communications.
The model is called the Open Systems Interconnect (OSI) reference model.
The diagram below shows the correlation between the OSI model and the TCP/IP stack. In order to better understand TCP/IP, compare it to the OSI model.
OSI Model contains 7 layers : Protocols apply to layers 2,3,5, and 7.
(ARP) =Address Resolution Protocol
(IP) = Internet Protocol
(TCP)= Transfer Control Protocol
(FTP) = File Transport Protocol
Physcial = Layer 1
(ARP) Data Link = Layer 2
(IP) Network = Layer 3
Transport = Layer 4
(TCP) Session = Layer 5
Presentation = Layer 6
(FTP) Application = Layer 7
The TPC/IP Model contains 4 layers.
(IP, ICMP) Internet
(ARP) Network Access
To properly program firewall filters, the security administrator must have a deep understanding and knowledge of the IP and TCP/UDP layers of TCP/IP. An understanding of TCP/UDP ports is vital. Experienced hackers understand how to exploit network operations through the TCP/IP protocol stack.