As I continue my cybersecurity journey I wanted to publish my notes in order to provide helpful write-ups for other learners on the same journey, with the added benefit of explaining the concepts in a beginner friendly way. I intend to break things down bit by bit and provide further clarification for learners.

This module covers the TCP/IP Model. This section helps us learn how to understand how this model looks in practice and provides an introduction to some basic networking tools.

This model is, in many ways, very similar to the OSI model. It's a few years older, and serves as the basis for real-world networking.

The TCP/IP model consists of four layers: Application, Transport, Internet and Network Interface. Between them, these cover the same range of functions as the seven layers of the OSI Model.

Note: Some recent sources split the TCP/IP model into five layers -- breaking the Network Interface layer into Data Link and Physical layers (as with the OSI model). This is accepted and well-known; however, it is not officially defined (unlike the original four layers which are defined in RFC1122). It's up to you which version you use -- both are generally considered valid.

You would be justified in asking why we bother with the OSI model if it's not actually used for anything in the real-world. The answer to that question is quite simply that the OSI model (due to being less condensed and more rigid than the TCP/IP model) tends to be easier for learning the initial theory of networking.

The two models match up something like this:

The processes of encapsulation and de-encapsulation work in exactly the same way with the TCP/IP model as they do with the OSI model.

At each layer of the TCP/IP model a header is added during encapsulation, and removed during de-encapsulation.

Now let's get down to the practical side of things.

A layered model is great as a visual aid -- it shows us the general process of how data can be encapsulated and sent across a network, but how does it actually happen?

When we talk about TCP/IP, it's all well and good to think about a table with four layers in it, but we're actually talking about a suite of protocols -- sets of rules that define how an action is to be carried out.

TCP/IP takes its name from the two most important of these: the Transmission Control Protocol (which we touched upon earlier in the OSI model) that controls the flow of data between two endpoints, and the Internet Protocol, which controls how packets are addressed and sent. There are many more protocols that make up the TCP/IP suite; we will cover some of these in later tasks. For now though, let's talk about TCP.

As mentioned earlier, TCP is a connection-based protocol. In other words, before you send any data via TCP, you must first form a stable connection between the two computers. The process of forming this connection is called the three-way handshake.

When you attempt to make a connection, your computer first sends a special request to the remote server indicating that it wants to initialise a connection.

This request contains something called a SYN (short for synchronise) bit, which essentially makes first contact in starting the connection process.

The server will then respond with a packet containing the SYN bit, as well as another "acknowledgement" bit, called ACK.

Finally, your computer will send a packet that contains the ACK bit by itself, confirming that the connection has been setup successfully. With the three-way handshake successfully completed, data can be reliably transmitted between the two computers.

Any data that is lost or corrupted on transmission is re-sent, thus leading to a connection which appears to be lossless.

(Credit Kieran Smith, Abertay University)

We're not going to go into exactly how this works on a step-to-step level -- not in this room at any rate. It is sufficient to know that the three-way handshake must be carried out before a connection can be established using TCP.

A Bit of History:

It's important to understand exactly why the TCP/IP and OSI models were originally created.

To begin with there was no standardisation -- different manufacturers followed their own methodologies, and consequently systems made by different manufacturers were completely incompatible when it came to networking.

The TCP/IP model was introduced by the American DoD in 1982 to provide a standard -- something for all of the different manufacturers to follow. This sorted out the inconsistency problems.

Later the OSI model was also introduced by the International Organisation for Standardisation (ISO); however, it's mainly used as a more comprehensive guide for learning, as the TCP/IP model is still the standard upon which modern networking is based.

Question & Answer for the TCP/IP Model:

Which model was introduced first, OSI or TCP/IP? TCP/IP

Note: The TCP/IP model was introduced in the 1970s where as the OSI model was introduced in 1983.

Which layer of the TCP/IP model covers the functionality of the Transport layer of the OSI model (Full Name)? Transport

Which layer of the TCP/IP model covers the functionality of the Session layer of the OSI model (Full Name)? Application

The Network Interface layer of the TCP/IP model covers the functionality of two layers in the OSI model. These layers are Data Link, and?.. (Full Name)? Physical

Which layer of the TCP/IP model handles the functionality of the OSI network layer? Internet

What kind of protocol is TCP? Connection based

Note: TCP is connection-oriented because before one application process can begin to send data to another

What is SYN short for? Synchronise

What is the second step of the three way handshake? SYN/ACK

Note: Once the server receives syn ,the server will respond to client request with SYN-ACK signal set. ACK helps you to signify the response of segment that is received and SYN signifies what sequence number it should able to start with the segments.

What is the short name for the "Acknowledgement" segment in the three-way handshake? ACK

If you missed my last post on the OSI Model, you can check it out here.

As always, if you see anything I've missed or have suggestions to add, feel free to drop me a line or let me know in the comments. Happy learning!

-Mary

Sources: TryHackMe The TCP/IP Model