Subtitles of the Movie

Now, during this early part of the course, since we're reviewing fundamentals, we have to talk about the OSI Model. Now, I'm not going to take you through the OSI Model to the extent that you will be learning how it works and learning networking for the first time. I have to assume that you've dealt with the OSI Model before and that you know how some networking technologies work. Having said that, it's worth review just so we can tell you a little bit about how the OSI Model fits into what we're going to be doing in the course. Now, as a quick review, the OSI Model, as we know, is just a model; it's a concept; it's a blueprint that shows how networking should work. Now, different protocols and different technologies can be written to the specifications of the OSI Model, but keep in mind, that's not mandatory. However, I will tell you that most protocols in some form or fashion do follow the OSI Model. They may not follow all seven layers or they may have layers combined or they may only take place at certain layers, but they generally follow the OSI Model. Now, what good is the OSI Model for us? Well, it helps to learn how networking does work and more importantly, it helps us to learn how to troubleshoot general networking problems. If we're having a packet problem or a physical problem, understanding how networking works in terms of the OSI Model can understand how to solve the problem. Now, for a quick recap, again, we're not going to go layer by layer, but we will talk about each one a little bit. We know that the OSI Model has seven layers and each one of these layers, in the OSI Stack, performs a particular function. Now, there is some translation between each layers and there's also some encapsulation. Encapsulation, which we'll talk about in a minute, means that there are headers and sometimes footers that are attached to each protocol or packet or data unit as it travels up and down the OSI Model. Now, each layer has devices and protocols that work pretty much at that layer, although as we'll see in a moment, some protocols and devices can span multiple layers. Now, as far as what the OSI Model looks like, if we look on the left, this is just a quick representation of the OSI Model. We have the seven layers; the physical at the bottom and at that layer data is called bits. Now, right above that, layer two is called the data link layer and it basically deals with MAC addressing and logical link control; physical addressing, whereas the physical layer itself below it deals with media, signaling and transmissions. At the data link layer, data is called frames. Now, moving up to layer three we have the network layer. The network layer primarily concerns itself with addressing and path determination. That's where routing takes place and IP or logical addressing. Now, the data is called packets at that level. Above that, at layer four, we have the transport layer and transport layer basically concerns itself with end-to-end connections and reliability. We have connectionless protocols at that layer and connection-oriented protocols at that layer and data is called segments. Above that at layer five we have the session layer and this basically establishes and tears down and controls sessions, communication sessions between two computers. Now, we don't have a specific name for the data at that layer and as a matter of fact, for the next three layers up, it's called just data. Above that, layer six is the presentation layer. The presentation layer can take data from the application layer and re-encode it to ASCII or EBSIDEC. It also can deal with encryption. It can encrypt data at that layer, although data can be encrypted at other layers as well. Above that is the application layer. Now, a lot of people think that the application layer basically means email and web browsing and so forth. That's not necessarily true. What the application layer concerns itself is the protocols that allow you to talk to the applications. For example, your email program will use SMTP or POP3 or IMAP and those three are protocols that take place at the application layer and the data unit is called data at that layer. Now, for packet analysis, what we're pretty much talking about is a couple of different layers here. We're talking about the transport and the network and sometimes the data link layers. We're talking about those three middle layers right up above the first layer. That's where most of our discussion is going to take place because as we'll see when we start doing packet captures and analyzing them, it's pretty much what we're looking for. We're looking for patterns. We're looking for how the packets and data is constructed. We're looking for what particular items are in them that might cause problems on the network or might be used for attacks. So those three layers we're going to concentrate mostly on, although we probably will touch on each of the OSI seven layers as we go through the course in some form or fashion. Now, to the right is an example of data encapsulation. As data travels down through the OSI Model from layer seven down to layer one, it's encapsulated. In other words, its headers and sometimes footers are added. The data from above, with headers and so forth, comes down to the next layer and another header is put on. Then that becomes, all of that becomes data for the layer right below it so even another header is put on. So whatever comes from above is considered data to the layer below. And a header and sometimes a footer is attached to that. When the communication process is reversed and data goes up the OSI Model to the receiving computer, these headers and footers are stripped off. That's called de-encapsulation, if there is really such a word. You can consider that as part of encapsulation also, but that's the process by which data travels up and down the OSI Model. Now, as I said, we're going to be mainly concerned with the transport, network and data link layers when we talk about packet capturing and analysis. Again, this was not an in-depth presentation on the OSI Model; just a quick review to put you back in the frame of mind and to refresh your memory about how it works. Sometimes this is important for what we're going to be doing during the course. Now, the next diagram we can look at is kind of a diagram that shows how all these protocols might be connected within the OSI Model. We see that protocols can take place above and below within each layer. Some protocols span different layers, such as FTP and Telnet, SMTP sometimes can span the application, presentation and session layers and so forth with other protocols as well. We see at the transport layer we have TCP and UDP primarily. At the network layer we have routing protocols and ICMP and IP and so forth. So there's a wide variety of protocols we're going to be looking at and this is how they fit into the OSI Model. This is a simplistic diagram, but we will be looking at some of these protocols when we do our packet captures and analysis.