OSI Model of Networking

The OSI (Open Systems Interconnection) model is a framework that explains how different systems communicate over a network. It was developed by the International Organization for Standardization (ISO) and consists of seven layers, each with specific functions and responsibilities. Each layer handles a different task in network communication and interacts with the layers above and below.

The OSI model is more theoretical than practical. It is a way to conceptualize how data moves across a network. When sending information, the data starts at layer 7 (Application) and moves down to layer 1 (Physical). When receiving information, the data goes from layer 1 to layer 7.

When troubleshooting, it is usually best to start at layer 1 and move upward to layer 7.

The layers are:

1. Physical
2. Data-Link
3. Network
4. Transport
5. Session
6. Presentation
7. Application

A helpful mnemonic from layer 1 to 7:

Please Do Not Teach Students Pointless Acronyms

Layer Breakdown

Layer 1 – Physical
Cables, wires, and physical equipment responsible for data transfer.

Layer 2 – Data-Link
Handles communication between devices on the same network. This is where switches operate. Devices are identified by MAC address.

Layer 3 – Network
Routers operate here. This is where IP addressing lives.

Layer 4 – Transport
Protocols like TCP and UDP live here, along with the 3-way handshake.

Layer 5 – Session
Establishes and maintains connections between devices.

Layer 6 – Presentation
Handles data formatting, encryption, and translation into usable formats like JPG, PNG, MP3, etc.

Layer 7 – Application
The user-facing layer. Protocols like HTTP, SMTP, and interfaces users interact with directly.

Networking Basics

IP Addresses

The following IP ranges are reserved for private use and are not accessible on the public internet:

An IP address identifies devices on a network. Routers use IP addresses to direct traffic, which means they operate at the network layer (Layer 3).

Think of an IP address like a digital house number.

IPv4

• Four octets (32 bits total): 192.168.0.1
• Max value per octet: 255
• Introduced in 1983, largely exhausted in the 2010s
• 4,294,967,296 possible addresses

IPv6

• Eight groups of hexadecimal values
  2001:0db8:0000:0000:0000:8a2e:0370:7334
• Can be shortened:
  • 2001:0db8::8a2e:0370:7334
  • 2001:db8::8a2e:370:7334
• 2^128 possible addresses
• Not directly compatible with IPv4

MAC Addresses (Physical Address)

MAC addresses are unique identifiers assigned to devices with a network interface card (NIC). They operate at the data-link layer (Layer 2).

• Made up of 6 octets
• First 3 octets = manufacturer
• Last 3 octets = device-specific

Devices from the same manufacturer share the same first half of the MAC address but differ in the second half.

TCP vs UDP

Both operate at the transport layer (Layer 4).

TCP (Transmission Control Protocol)

• Connection-oriented
• Ensures data delivery
• Used by HTTP, HTTPS, SSH, FTP
• Most commonly scanned in pentesting

UDP (User Datagram Protocol)

• Connectionless
• No delivery confirmation
• Faster but less reliable
• Used by DNS, DHCP, streaming, VoIP

3-Way Handshake

The 3-way handshake establishes a reliable connection between a client and server before data transfer.

1. SYN – Client initiates connection ("hi")
2. SYN-ACK – Server responds ("hi back")
3. ACK – Connection established

SYN → SYN-ACK → ACK

Common Ports & Protocols

This is a very high-level overview of core networking concepts. Each of these topics can easily be expanded into full-length guides.

Subnetting was intentionally left out because it deserves its own dedicated breakdown.

Hope this helps.