In this blog post we’ll cover:
- What OSI and TCP/IP models are
- Layer-by-layer breakdowns
- Real-world examples for each layer
- Security implications and ethical hacking relevance
- Key differences between OSI and TCP/IP
- Mnemonics to help remember them.
1. What Are OSI and TCP/IP
Models?
The OSI Model: The Open Systems Interconnection (OSI) model is a 7-layer conceptual framework developed by the International Organization for Standardization (ISO). It’s nota protocol — it’s a guideline that describes how network communication should happen, from physical hardware to user applications.
Purpose: To standardize networking so different systems and vendors can work together.
The TCP/IP Model : The Transmission Control Protocol/Internet Protocol (TCP/IP) model is a 4-layer framework developed by the U.S. Department of Defense. Unlike OSI, TCP/IP is practical and protocol-driven, forming the foundation of the modern internet.
Purpose: To enable reliable communication over interconnected networks.
2. The 7 Layers of the OSI
Model (Top to Bottom)
|
Layer No. |
Layer Name |
Main Function |
Common Protocols &
Examples |
|
7 |
Application |
Direct user interaction &
network services |
HTTP, HTTPS, FTP, SMTP |
|
6 |
Presentation |
Data formatting, encryption,
compression |
SSL/TLS, JPEG, MP4 |
|
5 |
Session |
Starts, maintains, and ends
communication sessions |
NetBIOS, RPC |
|
4 |
Transport |
End-to-end delivery, error
checking, segmentation |
TCP, UDP |
|
3 |
Network |
Logical addressing & routing |
IP, ICMP, IPsec |
|
2 |
Data Link |
MAC addressing, error detection |
Ethernet, Wi-Fi |
|
1 |
Physical |
Transmission of raw bits |
Cables, switches, hubs |
Layer-by-Layer Explanation with
Examples
Layer 7 – Application Layer: Where the user interacts with the network. For example, when you browse a website using Chrome, your browser works at the application layer. Security Note: Ethical hackers often target this layer with web-based
attacks like SQL Injection or XSS.
Layer 6 – Presentation Layer: Translates data between the application and network formats. Handles encryption
(SSL/TLS) and compression (JPEG, MP4). Security Note: If encryption isn’t properly implemented here, attackers
can intercept data.
Layer 5 – Session Layer: Maintains connections during communication. For example, a video call relies on
session management to keep the connection stable. Security Note: Session hijacking is a common cyber threat at this layer.
Layer 4 – Transport Layer: Breaks data into segments, ensures reliable delivery with TCP or fast delivery
with UDP. Security Note: Ethical hackers might perform TCP SYN flood attacks at
this layer.
Layer 2 – Data Link Layer: Handles MAC addresses and error detection in frames. Switches operate here. Security Note: VLAN hopping attacks exploit weaknesses here.
Layer 1 – Physical Layer: Includes cables, hubs, and physical media. If a cable is damaged, no data
moves. Security Note: Physical security is the first defense.
|
Layer No. |
Layer Name |
Main Function |
Common Protocols &
Examples |
|
4 |
Application |
User interface & services |
HTTP, FTP, SMTP |
|
3 |
Transport |
Reliable or fast delivery |
TCP, UDP |
|
2 |
Internet |
Logical addressing & routing |
IP, ICMP |
|
1 |
Network Access |
Physical delivery of data |
Ethernet, Wi-Fi |
Layer 4 – Application: Similar to OSI’s application layer, but includes presentation and session tasks
too. Examples: web browsers, email clients.
Layer 3 – Transport: Uses TCP for reliability and UDP for speed. Think online gaming (UDP) vs. file
download (TCP).
Layer 2 – Internet: Handles IP addressing and packet routing. This is where your data finds the
path to its destination.
|
Feature |
OSI Model |
TCP/IP Model |
|
Layers |
7 |
4 |
|
Development |
ISO |
DoD |
|
Function |
Conceptual framework |
Practical protocol suite |
|
Protocol Dependency |
Protocol-independent |
Protocol-specific |
|
Usage |
Teaching & theoretical
analysis |
Real-world networking |
- SOC Analysts use the models to identify
where an attack is happening. For example, a DDoS at the transport layer
vs. malware at the application layer.
- Ethical Hackers design penetration tests
targeting specific layers (e.g., ARP spoofing at the Data Link layer).
- Incident Responders map security incidents
to layers for quicker isolation and remediation.
6. Mnemonics to Remember the OSI Model
From Top (Layer 7) to Bottom
(Layer 1):
"All People Seem To Need
Data Processing"
From Bottom (Layer 1) to Top
(Layer 7):
"Please Do Not Throw
Sausage Pizza Away"
Imagine sending a letter:
- Application Layer: You write the letter.
- Presentation Layer: You write it in a
language the receiver understands.
- Session Layer: You keep the conversation
ongoing.
- Transport Layer: You choose a reliable
courier (TCP) or quick delivery (UDP).
- Network Layer: The courier plans the best
route.
- Data Link Layer: The courier reads the
street and house number (MAC address).
- Physical Layer: The road the courier travels
on.
For TCP/IP, the steps are
fewer because some tasks are combined.
If you’re studying for CEH, CompTIA Security+, or starting your journey in network security, mastering these models will give you the foundation you need to understand how data flows — and how attackers might try to disrupt it.
0 Comments