Network Security Basics ProtocolsWith OSI Model

 

Introduction

Network protocols are standardized rules that define how data is transmitted and received across networks. Also they ensure communications are reliable between devices, regardless of their hardware or software differences. This blog explores key network protocols, their purposes, functioning and common use cases.

How the data flow in OSI Model ~

• Application Layer create the data
  
• Presentation Layer formatted and encrypted the data.
• Session Layer are established and managed the connections.
• Transport Layer data is divided into segments to ensure reliable delivery.
• Network Layer segments are encapsulated into packets and routed across the network.
• Data Link Layer packets are framed and forwarded to the next device on the network.
• Physical Layer frames are converted into bits and transmitted as electrical or optical signals over the physical medium.

Network Protocol Overview by OSI Layer ~

Layer 7 — Application Layer Protocol

This layer provides services directly to end users or software applications, where you interact with network. Think of it like Opening WhatsApp, Your browser, or email app. As we deciding what to say and whom to send it to. This layer also serves as a window for the application services to access the network and for displaying the received information to the user.

Application layer

Main function of the application layer are Network Virtual Terminal(NVT) that allows a user to log on to a remote host. File Transfer Access and Management (FTAM) allows a user to access files in a remote host, retrieve files in a remote host and mange or control files from a remote computer. Directory Services provides distributed database sources and access for global information about various object and services.

1. HTTP/HTTPS — HyperText Transfer Protocol (Secure)

Purpose:

HTTP and HTTPS are communication protocols for web browsers and servers, with HTTP benig the fundamental, they are backbone of the web. These are the protocols your browser uses to talk to websites. HTTPS is just the secure version of HTTP, keeping your info safe from eavesdroppers.

How it Works:

When you enter a website with your browser, it sends an HTTP (or HTTPS) request to that site’s server. HTTPS uses encryption(SSL/TLS) so no one can read what you’re sending as a login details or bank details, or personal messages.

Typical Use Case:

• browsing website (HTTP/HTTPS)
• Online shopping or banking (HTTPS)
• Submitting forms or using web apps
• Anything that needs a secure connection

2. DNS — Domain Name System

Purpose:

DNS is like phonebook of internet. It helps your computer find website by turning human-friendly names like google.com into machine-friendly IP addresses like 192.168.10.6

How it Works:

When i type a website name into my web browser, my device sends a DNS request(usually via UDP) to a DNS server, asking “What’s the IP address for this site?” The server responds and now my computer knows where to go.

Typical Use Case:

• Resolving domain names for web browsing
• Email routing
• Network resource discovery
• Load balancing and failover (via DNS records)

3. FTP (File Transfer Protocol)

Purpose:

It used to transfer files between client and server over a network. and enables users to upload, download, and manage files on remote server. Think of it like sending packages back and forth.

How it Works:

You use an FTP program (Called a client) to connect to another computer (Called a server). Usually you log in with a username and password. And then once you connected, you can upload files, rename them or even delete them on the server. FTP uses two type of communication: One to send commands(like telling the server what to do). And another is to actually transfer the files. Depending on the setup, the connection works in different ways (called active or passive modes), but you usually don’t have to worry about that.

Typical Use Case:

• Website management: it use FTP to upload their website files so they can be seen online.
• Bulk data transfer: Companies transfer large batches of files between computers within their network.
• Remote backups: people back up their important data to different computer for safekeeping.
• Software distribution: Some softwere makers share their programs by putting them on an FTP server for download.

4. SMTP (Simple Mail Transfer Protocol)

Purpose:

SMTP is a communication protocol used to send and relay email messages between servers over the internet or a network. It allows email clients and servers to send outgoing mails to the correct destination.

How it Works:

When you send an email, your email client (like google or outlook) connects to an SMTP server. AS a client and server connection are establish and it usually connect over TCP port 25 or port 587. Example: client introduces itself to the server and provides the sender’s and recipient’s email addresses through a series of commands like (HELO/EHLO, MAIL FORM, RCPT TO). The content of the email is then sent to the SMTP server, which processes and forwards it. If the recipient’s email address belongs to a different domain, the SMTP server uses DNS to find the recipient’s mail server and relays the message accordingly through a chain mail servers. Once the email reaches the recipient’s mail server, it is stored until the recipient retrieves it via protocols like IMAP or POP3.

Typical Use Case:

• Sending outgoing emails from an email client or application to an email server.
• Relaying emails between mail servers across the internet.
• Automated email sending for notifications, alerts, or marketing campaigns.
• Website contact forms or applications configured to send emails via an SMTP server.

Layer 6 — Presentation Layer

This layer also called the Translation layer. The data form application layer is extracted here and manipulated as per the required format to transmit over the network. Like if as of interpreter for you data, it make sure that information sent from one computer can actually be understood by another, even if their system are different. And most functions are that converts data between formats, such as ASCII (American Standard code for Information Interchange) to EBCDIC(Extended Binary Coded Decimal Interchange Code).

Presentation layer

As for Encryption and Decryption it scrambles data into ciphertext for security during transmission, and then restores it as plain text for the recipient. This process uses key values for both encrypting and decrypting data. Then it come’s to Compression which can reduces the number of bits, making data transmission faster and more efficient by minimizing file size.

1. TLS(Transport Layer Security)

Purpose:

TLS is a cryptographic protocol used to secure communications over a network, commonly the internet. Its primary goal is to provide privacy and data integrity between two communicating applications.

How it Works:

• TLS operates between the Application and Transport layer but is often associated with Presentation Layer in the OSI model because it handles encryption and decryption.
• When a connection is established, two parties perform a handshake to agree on encryption algorithms and exchange public keys.
• Once the handshake is complete, they use symmetric encryption to encrypt the data transmitted.
• TLS also provides mechanisms for authentication (verification of other party’s identity) and message integrity(ensuring data has not been tampered with).

Typical Use Case:

• Securing web traffic(HTTPS).
• Protecting email communications(SMTP, IMAP, with TLS)
• Securing connections for instant messaging and VoIP.

Layer 5 — Session Layer

It’s main role is to manage and control the communication sessions two devices or applications. think of it as the layer that establishes, maintains and gracefully terminates the conversations or dialogue between computers.

Session layer

It setup and starts a conversation between devices, like a meeting organizer. and keeps the chat running smoothly by managing who speaks and when. Adds checkpoints so, if things get interrupted, it can pick up where it left off. then warps things up cleanly when it’s time to end the conversation. that helps recover the session if something goes wrong, so you don’t lose your progress.

1. NetBIOS(Network Basic Input/Output System)

Purpose:

NetBIOS was developed to provide a standardized interface that frees applications from handling the complexities of the network. It main purpose is to facilitate communication and resource sharing such as files and printers between devices on the same LAN. It provides name resolution, session management, and message distribution services.

How it Works:

• Name Service: Register and resolves human-readable NetBIOS names (up to 15 characters plus a suffix) to network addresses, making it easier to identify devices on the network.
• Session Service: Establishes and maintains reliable, connection-oriented communication sessions between computers using TCP(typically on port 139).
• Datagram Service: Sends connectionless, unreliable messages(datagrams) across the network, useful for broadcasts and status messages.
• As a originally, NetBIOS run over non-routable protocols like NetBIOS but now typically runs over TCP/IP using NetBIOS over TCP/IP(NBT). Also it relies on broadcasts for name registration and resolution within a LAN, which limits its use in larger routed networks.

Typical Use Case:

• Using in windows networks to simplify files and printer sharing within local networks.
• Legacy applications that need session-level communication within a LAN environment.
• Network name resolution before DNS become widespread in small or home networks.

Layer 4 — Transport Layer

Transport Layer, is like the network’s delivery manager. It ensure data travels reliably between application on different devices, breaking large messages into smaller segments and reassembling them at the destination. It also controls the flow of data, check for errors, and uses port numbers to send information to the right app. Protocols like TCP provide reliable delivery, while UDP offers faster, connectionless communication.

Transport Layer

For example, when you send an email or browse a website, the Transport Layer ensure your data arrives intact and in the right order, no matter the network conditions.

1. TCP(Transmission Control protocol)

Purpose:

It used for reliable, ordered, and error-checked delivery of data over networks, particularly the internet. It’s core component of TCP protocol suite and ensure that the data sent between applications arrives correctly and in the proper sequence.

How It Works:

TCP is a connection-oriented protocol. It uses a three-way handshake (SYN, SYN-ACK, ACK) to establish a connection before data is transmitted. It also handles error detection, retransmission of lost packets and proper sequencing to ensure data arrives intact and in order.

Typical Use Cases:

• Web browsing (HTTP,/HTTPS)
• Email transmission (SMTP)
• File transfer (FTP/SFTP)
• Remote access (SSH)

2. UDP — User Datagram Protocol

Purpose:

UDP is like sending a postcard as a fast, simple, and lightweight method for data transmission, but there’s no guarantee it’ll arrive on time. It’s used when speed matters more than perfect and secure delivery.

How it Works:

UDP is a connectionless protocol that sends data as individual packets without establishing a connection or checking for errors or ordering. It is much faster but less reliable than TCP.

Typical Use Cases:

• Streaming media (audio/video)
• Online gaming
• DNS queries
• Voice over IP (VoIP)

Layer 3 — Network Layer

Network Layer is responsible for enabling communication between devices across diferent networks. It consider factors like traffic, distance, and efficiency to ensure it will timely deliver.

Network layer

Network Layer handles the routing and addressing of data packets. that are assigns logical addresses to identify devices on the network and determine the best path for data transmission.

1. IP(Internet Protocol)

Purpose:

IP provides logical addressing and routing so data can travel between devices on different networks. It defines how data packets are addressed and delivered across interconnected networks.

How it Works:

When data needs to be sent from one devices to another, IP encapsulates the data into packets and assigns a source and destination IP address. Routers along the path examine these addresses and determine the best route for the packets. IP is connectionless, meaning each packet may take a different route and arrives independently. IPv4 and IPv6 are the two widely used IP versions.

Typical Use Case:

• Accessing websites over the internet
• Sending and receiving emails
• Streaming audio or video content
• Online gaming that requires devices-to-devices communication
• Connecting to cloud services and applications

2. ICMP(Internet Control Message Protocol)

Purpose:

ICMP helps network devices diagnose and report network communication errors. It mainly used for sending error messages and operational information, not for exchanging application data.

How it Works:

ICMP messages are embedded in IP packets and sent between network devices(such as routers or hosts). Common ICMP types include “Echo Request” and “Echo Reply” (used by the ping tool to test connectivity), and error notifications like “Destination Unreachable” or “Time Exceeded”. ICMP operates at the Network layer and works behind the scenes to help troubleshoot network issues.

Typical Use Case:

• Testing networks reachability using the ping command
• Diagnosing network latency or packet loss with tools like traceroute
• Reporting unreachable destinations or network errors
• Detecting routing loops in a network
• Monitoring network health and troubleshooting connectivity issues

Layer 2 — Data Link Layer

Data link layer is responsible for node-to-node data transfer, error detection, and managing how data packets are placed on the physical medium. It ensure data packets from the network layer are properly framed, addressed, and error-checked before being sent over the physical medium.

Data Link Layer

1. Ethernet

Purpose:

To control how devices on the same local network communicate and share data frames. It provides addressing through MAC addresses and handles error detection with frame check sequences.

How it Works:

Ethernet frames are constructed with source and destination MAC addresses. Devices use these addresses to send frames to each other on the same local area network(LAN). The protocol manages access to the physical medium(e.g., using CSMA/CD in traditional Ethernet) to avoid collisions.

Typical Use Case:

• Wired LAN communication in homes and offices
• Connecting devices via Ethernet cables(CAT5, CAT6)
• Managing data transmission across switches

2. ARP(Address Resolution Protocol)

Purpose:

To map an IP address to its corresponding MAC address, allowing communication within a local network.

How it Works:

When a device wants to communicate with another device on the local network but only knows its IP address, it broadcasts an ARP request asking “Who has this IP?” The device with its MAC address, enabling data link layer communication.

Typical Use Case:

• Resolving MAC address for IPs in local IPv4 networks
• Enabling device communication within local networks
• Supporting IPv4 network operations on LANs

Layer 1 — Physical Layer

It deals with the actual transmission of raw bits(0s and 1s) over a physical medium. and defines the electrical, optical, or radio signals, connectors, and transmission methods.

Physical layer

1. Ethernet(Physical Signals)

Purpose:

To define the electrical, mechanical and signaling specifications for transmitting raw over physical cables.

How it Works:

Ethernet at the physical layer involves encoding data into electrical or optical signals transmitted via cables or fieber optics. It specifies voltage levels, timing, connectors, and cables types.

Typical Use Case:

• Transmitting raw bits cables or fiber optics
• Connecting physical network devices
• Defining standards for cables and connectors