Understanding the OSI Model and TCP/IP Layers

When devices communicate over a network, that communication happens in structured layers, each with a specific job. The two main models used to describe this are the OSI Model (7 layers, theoretical/conceptual) and the TCP/IP Model (4 layers, practical/used in real networks). The OSI Model has 7 Layers,they are :

7. Application — Where users interact with network services (HTTP, FTP, DNS, SMTP). This is the layer closest to the end user.

6. Presentation — Handles data formatting, encryption, and compression (e.g. SSL/TLS, JPEG, ASCII).

5. Session — Manages and maintains connections between devices, handling session setup, coordination, and termination.

4. Transport — Ensures reliable (TCP) or fast (UDP) delivery of data, handling segmentation, flow control, and error checking.

3. Network — Handles logical addressing (IP addresses) and routing of data between different networks.

2. Data Link — Manages MAC addressing and node-to-node data transfer within the same network (e.g. switches, Ethernet frames).

1. Physical — The actual hardware: cables, signals, NICs — raw bits transmitted as electrical or optical signals.

The TCP/IP Model has 4 Layers. A simplified, practical model that maps roughly onto OSI:

1.Application — combines OSI's Application, Presentation, and Session layers (HTTP, DNS, SMTP)

2.Transport — same as OSI's Transport layer (TCP/UDP)

3.Internet — equivalent to OSI's Network layer (IP addressing, routing)

4.Network Access — combines OSI's Data Link and Physical layers

Now, Why This Matters for Security Each layer has its own attack surface and tools:

Layer 2 attacks: ARP spoofing, MAC flooding

Layer 3 attacks: IP spoofing

Layer 4 attacks: SYN floods, port scanning

Layer 7 attacks: SQL injection, XSS, phishing