Before starting working with Nmap, we need to make sure that you understand the basic networking terms and protocols. If you already know what OSI model is, which protocols are included in the TCP/IP suite or how an IPv4 header looks like, feel free to skip to the next chapter.
We will start with the OSI model.
The Open Systems Interconnection (OSI) model was created by the International Organization for Standardization (ISO), the world’s largest developer of voluntary international standards. It is a layered model that was created to enable different networks to communicate reliably between disparate systems. The OSI model provides a framework for creating and implementing networking standards and devices and describes how network applications on different computers can communicate through the network media.
The OSI model has seven hierarchical layers. Each layer describes a different network function. The layers are:
The layers are usually numbered from the last one, which means that the Physical layer is the first layer. A mnemonic can be used to remember the seven layers: Please Do Not Throw Sausage Pizza Away
Application – Away
Presentation – Pizza
Session – Sausage
Transport – Throw
Network – Not
Data Link – Do
Physical – Please
Here is a description of each layer in the OSI model:
1. Physical – defines how to move bits from one device to another. It deals with the physical characteristics of the transmission medium, describing connectors, pins, cables, connectors, and network interface cards.
2. Data Link – combines packets into bytes and bytes into frames. Each frame has a header and a trailer. A header contains the source and destination MAC address. A trailer contains the Frame Check Sequence field, used for errors detection. The Data Link layer is divided into two sublayers: Logical Link Control – used for flow control and error detection and
Media Access Control – used for hardware addressing and controlling the access method.
3. Network – provides logical addressing used by routers for path determination. Logical addressing is used to identify a host on a network (for example, by its IP address).
4. Transport – provides reliable or unreliable delivery and error recovery and flow control.
5. Session – determines how to establish, control and terminate a session between the two systems.
6. Presentation – defines data formats. Processes such as compression and encryption are handled at this layer
7. Application – provides a user interface and enables network applications to communicate with other network applications.
The following list shows which protocols reside on which layer:
Application – HTTP, Telnet, FTP
Presentation – MIME
Session – SSL, NetBIOS
Transport – TCP, UDP
Network – IP, ICMP
Data Link – PPP, HDLC, Ethernet
Physical – Ethernet