From a security perspective, encryption is important because it provides the ability to keep
information confidential.
Connection Versus Connectionless
At the transport layer are the two protocols known as TCP and UDP; these protocols are
known as connection and connectionless respectively. Connection-oriented protocols operate by
acknowledging or confirming every connection request or transmission, much like getting a return
receipt for a letter. Connectionless protocols are those that do not require an acknowledgement
and in fact do not ask for nor get one. The difference between these two is the overhead that is
involved. Due to connection-oriented protocol’s need for acknowledgements, the overhead is more
and the performance is less, while connectionless is faster due to its lack of this requirement.
NOTE
Examples of these formats
include American Standard
Code for Information
Interchange (ASCII) and
Extended Binary Coded Decimal
Interchange Code (EBCDIC).
30
PART 1
|
Hacker Techniques and Tools
Layer 7: Application Layer
Capping off the OSI reference model is the application layer (Layer 7). The application
layer hosts several application services that are used by applications and other services
running on the system. For example, Web browsers that would be classified as a user-level
application run on a system and access the network by “plugging” into the services at
this layer to use the network. This layer includes network monitoring, management,
file sharing, RPC, and other services used by applications.
The application layer is one that most users are familiar with because it is the home
of e-mail programs, file transfer protocol (FTP), Telnet, Web browsers, office productivity
suites, and many other applications. It is also the home of many malicious programs
such as viruses, worms, Trojan horse programs, and other malevolent applications.
The Role of Encapsulation
In the OSI framework, the concept of
encapsulation
is the process of “packaging” infor-
mation prior to transmitting it from one location to another. When transmitted across the
network, it moves down from the application layer to the physical layer and then through
the physical medium. As the data moves from the application layer down, the information
is packaged and manipulated along the way until it becomes a collection of bits that race
down the wire to the receiving station, where the process is reversed as the data moves
back up the model.
Data
Application
Transport
Internet
Link
UDP
Data
IP Data
UDP
Header
Frame
Header
Frame
Footer
IP
Header
Frame Data
FIGURE 2-3
Encapsulation.
Be sure that when thinking of the name “application layer,” you take care not to think of
software applications. Software applications are those items that a user of a system interacts
with directly, such as e-mail applications and Web browsers. The application layer is the point
at which software applications access network services as needed. Think of the software
applications as a microwave oven in your home and the application layer as the electrical outlet
that the microwave plugs into to get power.
