Join Lisa Bock for an in-depth discussion in this video Dissecting the OSI model, part of Troubleshooting Your Network with Wireshark.
- View Offline
- The Open Systems Interconnection Model, or OSI, is a model that standardizes each of the functions of data transformation by breaking it down into layers. Well why is the OSI Model important? In order to better understand packet analysis, you must understand the way the data is prepared for transit. The OSI Model is a seven layer representation of how data changes in form as each layer provides services to the next layer, and in particular, how data is encapsulated as it is prepared for transit.
The OSI Model was proposed by the International Organization for Standardization, or ISO. It's a common framework for developers and networking students, for better understanding. Reference models and standards both enable interoperability among layers and communicating devices. Then we can look at the seven layer OSI model. Starting at the top in layer seven, is the Application Layer, where we initiate contact with the network.
Layer six, the Presentation Layer, layer five, the Session Layer, layer four, the Transport Layer, layer three, the Network Layer, layer two the Data Link Layer, and layer one, the Physical Layer. There are two phrases that you can use to remember the first letter of each of the layers. From layer seven to layer one, the phrase is All People Seem To Need Data Processing.
From layer one to layer seven, Please Do Not Throw Sausage Pizza Away. Now that we know the layers, let's take a look at them and how the encapsulation process works together. We'll take a look at the layer itself, the PDU, or Protocol Data Unit, and then we'll look at the header information in the form of what address is used. In the top three layers, the Application, Presentation, and Session layers the Protocal Data Unit is simply Data.
Nothing has changed, it's just in Data format. There is no address, but then it readies itself so that it can communicate to the next layer, the Transport Layer. At the Transport Layer, the Protocol Data Unit is a segment. Now what this layer does is add a Transport Layer Header, which includes the the source and destination Port address. The Port address associates us with an application. For example, Port 80 is associated with HTTP.
The Network Layer, the Protocol Data Unit, is a packet, and the Network Layer Header is in an IP Address, which includes the source and destination IP address of the host, the Data Link Layer. At the Data Link Layer, the Protocol Data Unit is a Frame. At this layer, Source and Destination MAC address is added. In the Physical Layer, the Protocol Data Unit is simply Bits. There is no address, and the Physical Layer is the way the data is transmitted across the media.
- Exploring the Wireshark interface
- Using display and capture filters
- Dissecting the OSI model
- Analyzing TCP, IPv4, and other protocols
- Detecting denial-of-service attacks and password attacks
- Using security tools for ethical hacking