Petya Ransomware

Petya Ransomware:

Description:

                It’s not all over with wannacry. A new variant of the petya ransomware was discovered by security researchers which is spreading rapidly by the help of same Windows SMBv1 vulnerability and brings into confusion worldwide by shutting down computers at corporates, power supplies, and banks across Russia, Ukraine, Spain, France, UK, India, and Europe and demanding $300 in bitcoins.

What is Petya?

                Petya has been in existence since 2016. It differs from typical ransomware as it doesn’t just encrypt files, it also overwrites and encrypts the master boot record (MBR).

In this latest attack, the following ransom note is displayed on infected machines, demanding that $300 in bitcoins be paid to recover files:

How it works:

By taking inspiration from wannacry ransomware petya appears to have same SMB work based on the NSA's ETERNALBLUE exploit. Unlike other traditional ransomware, Petya does not encrypt files on a targeted system one by one.

Instead, Petya reboots victim’s computers and encrypts the hard drive's master file table (MFT) and rendering the master boot record (MBR) inoperable, restricting access to the full system by seizing information about file names, sizes, and location on the physical disk.

Petya replaces the computer's MBR with its own malicious code that displays the ransom note and leaves computers unable to boot. Once it is done you will be able to observe a text stating:

"If you see this text, then your files are no longer accessible, because they are encrypted. Perhaps you are busy looking for a way to recover your files, but don't waste your time. Nobody can recover your files without our decryption service."

Targeted file extensions:

.3ds.7z.accdb.ai.asp.aspx.avhd.back.bak.c.cfg.conf.cpp.cs.ctl.dbf.disk.

djvu.doc.docx.dwg.eml.fdb.gz.h.hdd.kdbx.mail.mdb.msg.nrg.ora.ost.ova.ovf

.pdf.php.pmf.ppt.pptx.pst.pvi.py.pyc.rar.rtf.sln.sql.tar.vbox.vbs.vcb

.vdi.vfd.vmc.vmdk.vmsd.vmx.vsdx.vsv.work.xls.xlsx.xvd.zip.

WannaCry Ransomware

WannaCry Ransomware 

Earlier today, a massive ransomware campaign hit computer systems of hundreds of private companies and public organizations across the globe – which is believed to be the most massive ransomware delivery campaign to date.

The Ransomware in question has been identified as a variant of ransomware known as WannaCry (also known as 'Wana Decrypt0r,' 'WannaCryptor' or 'WCRY').

Like other nasty ransomware variants, WannaCry also blocks access to a computer or its files and demands money to unlock it
Once infected with the WannaCry ransomware, victims are asked to pay up to $300 in order to remove the infection from their PCs; otherwise, their PCs render unusable, and their files remain locked.

In separate news, researchers have also discovered a massive malicious email campaign that's spreading the Jaff ransomware at the rate of 5 million emails per hour and hitting computers across the globe.

Ransomware Using NSA's Exploit to Spread Rapidly

What's interesting about this ransomware is that WannaCry attackers are leveraging a Windows exploit harvested from the NSA called EternalBlue, which was dumped by the Shadow Brokers hacking group over a month ago.

Microsoft released a patch for the vulnerability in March (MS17-010), but many users and organizations who did not patch their systems are open to attacks.

The exploit has the capability to penetrate into machines running unpatched version of Windows XP through 2008 R2 by exploiting flaws in Microsoft Windows SMB Server. This is why WannaCry campaign is spreading at an astonishing pace.

Once a single computer in your organization is hit by the WannaCry ransomware, the worm looks for other vulnerable computers and infects them as well.

Infections from All Around the World

In just a few hours, the ransomware targeted over 45,000 computers in 74 countries, including United States, Russia, Germany, Turkey, Italy, Philippines and Vietnam, and that the number was still growing, according to Kaspersky Labs.

According to a report, the ransomware attack has shut down work at 16 hospitals across the UK after doctors got blocked from accessing patient files. Another report says, 85% of computers at the Spanish telecom firm, Telefonica, has get infected with this malware.

Another independent security researcher, MalwareTech, reported that a large number of U.S. organizations (at least 1,600) have been hit by WannaCry, compared to 11,200 in Russia and 6,500 in China.

Screenshots of the WannaCry ransomware with different languages, including English, Spanish, Italian, were also shared online by various users and experts on Twitter.

Bitcoin wallets seemingly associated with WannaCry were reportedly started filling up with cash.

The Spanish computer emergency response organization (CCN-CERT) has even issued an alert that warns users of the "massive attack of ransomware" from WannaCry, saying (translated version):

"The ransomware, a version of WannaCry, infects the machine by encrypting all its files and, using a remote command execution vulnerability through SMB, is distributed to other Windows machines on the same network."

It is unclear how the WannaCry ransomware is infecting systems, but obvious attack vector can be phishing emails or victims visiting a website containing malware.

"Power firm Iberdrola and utility provider Gas Natural were also reported to have suffered from the outbreak.," according to BBC.

How to Protect Yourself from WannaCry

First of all, if you haven't patched your Windows machines and servers against EternalBlue exploit (MS17-010), do it right now.

To safeguard against such ransomware infection, you should always be suspicious of uninvited documents sent an email and should never click on links inside those documents unless verifying the source.

To always have a tight grip on all your important files and documents, keep a good backup routine in place that makes their copies to an external storage device that is not always connected to your PC.

Moreover, make sure that you run an active anti-virus security suite of tools on your system, and most importantly, always browse the Internet safely.



Taken from:
http://thehackernews.com/2017/05/wannacry-ransomware-unlock.html

Basic Networking topics

Footprinting: Footprinting is the most convenient way to gather the system information or data. It helps to give the information about all the system regarding remote accessibility, port activity etc. It helps the intruder to take the complete control over the system. It not only helps the intruder but also to the security provider, it gives information of the loopholes in the system.

Google Hacking: Google Hacking is one of the computer hacking technique which involves with Google search engine and Google applications to find out the configuration and security codes. That configuration gives intruder a chance to employ a scanner, which scans massive amount of information of system.

Scanning: Scanning is nothing but looking all over in order to detect some part. In networking scanning is a process to identify the active host, even it might not be serious threat host scanning takes plays in security basis. Scanner will consider ports, active host, network and many. It helps for monitoring and analysis of a system.

Enumeration: Enumeration is a computing activity which retrieves the services of networked computers. It is used to identify the host or devices in network. It usually runs with the protocol ICMP and SNMP to gather information. For the services it also scans the port and remote hosts, to know the functionality performed by the host. Some scanners also perform the enumeration operation.

System Hacking: It is a process to manipulate the normal behavior of a system by some technical effort. Basically hacking takes place with a skilled programmer which changes the behavior of the system, sometimes total control of the system.

Trojan: Trojan is a malicious software which attracts the user with routine, interesting, appears useful to install. Trojan generally spread by social engineering or by download.

Back Doors: Backdoor is mostly used in security purpose while unauthorized user get access to a computer remotely.

Virus: Virus is a programming code which is a self-replicate, which induce into the another program and effects the executable code. Virus may attack from the email, by downloads or by CD drives. Some viruses show their effect immediately to the system where some goes when had made initiate to move on.

Worms: Worm is also a self-replicating malicious code and penetrates into the operating system. It makes harmful to the system functionality. Worms basically effects through an existed file were virus don’t. Many worms are created just spread over the system not to change over the system credibility.

Sniffers: Sniffers is a program or a device which is used to monitor the data traveling of a system. Sniffers can be used for the functionality management of a legitimate network and also for the stealing of the information. It is very difficult to detect the unauthorized sniffers they are extremely dangerous. Hackers use sniffer as a weapon in this account.

Social Engineering: It is a non-technical method used by the intruders where heavy human interaction takes place. By breaking normal security procedure this is a trick usually plays by the intruder.

Denial of Service: In networking denial of service is to make unavailable to user/users. It is happened due to source attack with thousands of IP addresses. This attack is to make the service suspend for temporarily. DOS attack will be mostly effected highly used websites, banks etc.

Session Hijacking: The Session Hijacking attack consists of the exploitation of the web session control mechanism, which is normally managed for a session token. Because http communication uses many different TCP connections, the web server needs a method to recognize every user’s connections. The most useful method depends on a token that the Web Server sends to the client browser after a successful client authentication. The Session Hijacking attack compromises the session token by stealing or predicting a valid session token to gain unauthorized access to the Web Server.

Hacking Web Servers: A web server is program that stores files and makes them accessible via network or internet. A web server requires both hardware and software. Attackers usually target to exploits in the software and gains the authorization and enters into the server.

Password Cracking: Password cracking is the process of recovering data that have been stored in a computer system. By repeating this process, the cryptographic hash can be found by the attacker. There are different techniques for password cracking which is called as password cracking techniques like phishing, brute force attack etc.

SQL Injection: SQL injection is a code injection technique, which involves some malicious SQL statements for execution to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution. SQL injection must exploit a security vulnerability in an application's software.

Vulnerability:

In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw.

Web Application Vulnerabilities: The loopholes obtained in the web applications is nothing but called as Web Application Vulnerabilities. The vulnerability which is not patched by the user or organization, by taking that advantage attacker can change the code in the web application. Sometimes new vulnerabilities can be created by the attacker and attacks the organization.

Phishing: Phishing is an attempt made by the intruder to acquire sensitive data from the user. Basically it goes through communication sites(mails) which helps for an intruder to attract user by interaction. Once user get attracted with the phishing mails he used to accept the malware unknowingly which spread into the system and also breaks credentials of the user authentication.

Hacking E-mail Accounts: It is an illegal way to manipulate the account, Accounts will be hack on by stealing the password. Emails get hack with weak passwords, by key logger activity, social engineering.

Generalization or Specialization?

    

 

Now no one wants to use only half of their brain! How inefficient would that be? Specialization in a particular field is a must have in this era...But only if you want to sell your soul for 40+ years doing the same redundant work. Generalization is required for doing any kind of work at any point of time and is a number one quality of any entrepreneur's success.

            The world today is shifting from demanding a “jack of all trades” to demanding the “master”. The abundance of information in today’s world leads to any person adept at internet search skills is able to provide a general perspective about any topic under the sun. The need is to be able to provide an in-depth idea about the topic. Also, the level of competition in today’s world leaves no scope for error and thereby, comes the demand for specialization. With a team of such specialists, the performance delivered tends to have been scrutinized from the different perspectives, leaving lesser scope for flaws.

The shift to specialization has influenced the growth of new industries and markets. It has also influenced our lifestyle, career choices and decisions. The need of the hour today is to hone the skill that exists nowhere but in yourself and thereby making oneself indispensable.

          I don’t believe that there is a “best approach”. I think that combining generalization and specialization works well for schools and organizations. If I need my car's engine fixed, I go to a mechanic who specializes in my engine. We need specialists for sure. If I want a large robotics project to be successful, I don't go and get the best mechanical engineer I can to oversee the programmers, electrical folks, etc. I get someone with a good general knowledge of all areas needed.

Social networking in our lives

“Social networking is a communication tool but does not generate meaningful connections.” Social networking is a valuable form of communication. It makes it possible for people to be able to quickly and conveniently communicate with large amounts of people simultaneously. It does not, however, generate any real emotion. It is immediate, entertaining and allows me to keep in touch with old friends. That aside, I believe social networking contributes to a disappointing and disingenuous social life. Social networking replaces earnest interaction with pleasantries, leaving one yearning for human connection.

             We also have the communication between people and businesses. Since they have paved a new way for interaction between the two, customers can now tell brands exactly what they want. Businesses can then use that information to tailor their products of more appeal. They used to have to spend a ton of cash for this kind of marketing data. Customers used to have to spend hours on phones getting more and more frustrated when they had a problem or complaint.

Non-profits are seeing the benefits of using social media for their awareness campaigns. Sites like Facebook, Twitter, YouTube and others are a cost effective means of spreading the word and getting support. Not to mention socially shared petitions from sites like Causes.org, reaching hundreds of thousands of people.

There is no doubt that there are many reasons to love social media.

But…….

not all consequences of this technology are good ones. Like the way it has allowed us to hide behind screens and limited our social interaction face to face. You get the feeling of being social without having to go out and socialize. In the same vein, it gives you the feeling of being a friend (or having friends) without having to put in any actual work to build the relationship. Just think of how many people you have on your Facebook friends list. How many of them do you see on a semi-regular basis? At all?

                  I think that the effects of social media have been somewhat balanced, to be honest. There are many good things about it, and many bad things. In the end, if you can keep your own life centered in reality and use social networking as a small part of it, you should be just fine.

For those who can’t, it might be time to turn off the computer for a bit and go for a walk.

FDI in Indian retails- Boon or Bane?

FDI in retail means foreign direct investment in the Indian retail business. It is the intent and objective of the Government of India to attract and promote foreign direct investment in order to supplement domestic capital, technology and skills, for accelerated economic growth. As we are in the category of developing country and to develop properly we need to control the country’s economy very carefully. If the % in FDI in retail sector (multi-brand) is increased, then the investment in India’s retail market will be from foreign investors and the profits are also drained to the investors. And moreover in INDIA, the retail sector mainly depends upon the agricultural sectors and the producer and if FDI is increased then it is going to affect the agricultural sector of the Country very badly and which will affect the country’s economy. And if the % of FDI is increased to 100% in retail (both single and multi-brand) sector then government will lose the control over this sector completely and then it cannot help in controlling this sector with its rule and regulations as the whole retail sector would be privatized. And this privatization can make a very serious effect on the country’s economy.

                One of the most disadvantage of FDI in retail sector is that as we know that the retail sector is one of the major employment provider and permitting FDI in this sector can displace the unorganized sector and leading to loss of livelihood the most favoring example is if wall mart (ABCD) entry in retail sector is allowed then it will kill the millions of local shops and jobs. The global retailers would exercise monopolistic power to raise prices and monopolistic power to reduce the prices received by the supplier. Hence both the consumer and supplier would lose while the profit margin in such retail change would go up. So from the above points i can say that FDI in retail sector is not good for India.

Advantages:

 1. It is mandated in the policy that 50% of any investment over a $100 million would be in the backend infrastructure which would benefit by creating jobs as well as infrastructure for a developing country like India.

    2. Contractual farming would also mean improved and efficient farming practices as well as higher output and better prices.
    3. Foreign players will bring in the necessary investment to upgrade the retail sector infrastructure across the country.

  The emphasis would be on reduction in wastage of food items. This would bring down the food prices which have been a major cause of inflation in the country as well as a source of public dissent against the government.

Disadvantages:

  Will not benefit the farmers since the large foreign players will squeeze them for lower prices in order to earn higher margin.

  The large foreign players work on wafer thin margins since they offer their goods at low prices. In that scenario they would procure their goods at the lowest possible price to get the maximum benefit.

   Manufacturing sector would suffer since the foreign players would source their products from international markets in order to get low prices.

  The policy states that State Governments can take a decision about FDI in retail. But FDI is not a State Policy matter. Hence this is not possible. The central government will take the final call.

Advantages of FDI in Retail in India

Ø  Growth in Economy

Ø  Job Opportunities

Ø  Benefits to consumers

Ø  Lack of Infrastructure

Ø  Cheaper Production facilities

Ø  Availability of new technology

Ø  Long term cash liquidity

Ø  Conducive for the country’s economic growth

Ø  FDI opens up a new avenue for Franchising

Disadvantages of FDI in Retail in India

Ø  Impact on Local Markets (Kirana Shops)

Ø  Limited Employment Generation

Ø  Fear of Lowering Prices

Ø  Negative Impact on Indian Economy

Ø  Negative Impact on Indian Domestic Market

Technology Changing the face of Education

“Technology not only Changes the face of education but also the fate of Education.”  We are living in an era ruled by technological advancement that has eradicated most of the darkness of illiteracy. The traditional way of teaching has a lot of good ways/methods, but also have some flaws. Flaws like, student doesn’t get exposed to all kind of info related to that particular subject.

         We are gaining so much from it but we should not say no to the fact that it is diverting the student of age 15-22yr from studies because this age group student does not have that mature mind to concentrate on one thing positively and which make them think negative and technology is a booster for them. The innovative way of developed technology helping the people to get the solutions of all queries. E- learning courses are increasing skills. Many of the important communications are happening through social network websites. Now a days using Digital boards in Digital classrooms make study very simple, more collaborative and interactive also. In this digital classrooms you can record faculties lecture for further use and broadcast it anywhere in the world simultaneously live. Using these digital classrooms, you can interact teacher personally and questioning and answering privately. In this way you can make your study more detailed. It allows us to have easier access to "answers" but now students can practically cheat their way through school and not actually learn a single thing.

 Technology is good servant but bad master. The majority of people are using technology to waste time on apps and social media. The legitimate way of usage will be always helps for the education

       

OWASP Top ten Vulnerability PPT

Temperature Based Fan Speed Control System

Humanity

You will not be rich If you are poor towards humanity

OSI Layer PPT

Indian Constitution

One book is sharing its internal feeling

Lets have a look on it

......................................................

I was not an article,
but I consists of 448 articles

You don't satisfy with me,
I sacrifice for you,
you may modify me
Remember that You can't change me.

You don't promote me,
but you have to be promise on me

even You dont scare of me
I scheduled(12) for your development

You criticize me
I cares for your children

I may not part of your body

But my body is built with 25 parts of you

I am not your superior officer
I am the supreme

2 yrs 11 months 18 days it is not my time period
It is for 'FUTURE OF INDIA'

I am not the rule book
I am the ruler

It's me

My name is "Constitution of India"
and
My father is Ambedkar

OWASP top 10 Vulnerabilities-2016

OWASP Top Ten Proactive Controls 2016

The OWASP Top Ten Proactive Controls 2016 is a list of security concepts that should be
included in every software development project. They are ordered by order of importance, with
control number 1 being the most important.

1. Verify for Security Early and Often
2. Parameterize Queries
3. Encode Data
4. Validate All Inputs
5. Implement Identity and Authentication Controls
6. Implement Appropriate Access Controls
7. Protect Data
8. Implement Logging and Intrusion Detection
9. Leverage Security Frameworks and Libraries
10. Error and Exception Handling

MIRAI Malware

New Windows Trojan Spreads MIRAI Malware to Hack More IoT Devices

MIRAI – possibly the biggest IoT-based malware threat that emerged last year, which caused vast internet outage in October last year by launching massive distributed denial-of-service (DDoS) attacks against the popular DNS provider Dyn.

Now, the infamous malware has updated itself to boost its distribution efforts.

Researchers from Russian cyber-security firm Dr.Web have now uncovered a Windows Trojan designed to built with the sole purpose of helping hackers spread Mirai to even more devices.

Mirai is a malicious software program for Linux-based internet-of-things (IoT) devices which scan for insecure IoT devices, enslaves them into a botnet network, and then used them to launch DDoS attacks, and spreads over Telnet by using factory device credentials.

It all started early October last year when a hacker publicly released the source code of Mirai.

Dubbed Trojan.Mirai.1, the new Trojan targets Windows computers and scans the user's network for compromisable Linux-based connected devices.

Once installed on a Windows computer, the Trojan connects to a command-and-control (C&C) server from which it downloads a configuration file containing a range of IP addresses to attempt authentication over several ports such as 22 (SSH) and 23 (Telnet), 135, 445, 1433, 3306 and 3389.

Successful authentication lets malware runs certain commands specified in the configuration file, depending on the type of compromised system.

In the case of Linux systems accessed via Telnet protocol, the Trojan downloads a binary file on the compromised device, which subsequently downloads and launches Linux.Mirai.

"Trojan.Mirai.1's Scanner can check several TCP ports simultaneously. If the Trojan successfully connects to the attacked node via any of the available protocols, it executes the indicated sequence of commands," claimed the company in an advisory published this week.

Once compromised, the Trojan can spread itself to other Windows devices, helping hackers hijack even more devices.

Besides this, researchers noted that the malware could also identify and compromise database services running on various ports, including MySQL and Microsoft SQL to create a new admin “phpminds” with the password a “phpgodwith,” allowing attackers to steal the database.

At this time it’s not known who created this, but the attack design demonstrates that your IoT devices that are not directly accessible from the internet can also get hacked to join the Mirai botnet army.

OSI

The OSI Model:

Seven Layers of Computer Networks

Introduction:

The Open Systems Interconnection (OSI) model is a reference tool for understanding data communications between any two networked systems. It divides the communications processes into seven layers. Each layer both performs specific functions to support the layers above it and offers services to the layers below it. The three lowest layers focus on passing traffic through the network to an end system. The top four layers come into play in the end system to complete the process. This white paper will provide you with an understanding of each of the seven layers, including their functions
and their relationships to each other. This will provide you with an overview of the network process, which can then act as a framework for understanding the details of computer networking.
Since the discussion of networking often includes talk of “extra layers”, this paper will address these unofficial layers as well.

Although TCP/IP has been used for network communications before the adoption of the OSI model, it supports the same functions and features in a differently layered arrangement.

Layer 1 – The Physical Layer

The physical layer of the OSI model defines connector and interface specifications, as well as the medium
(cable) requirements. Electrical, mechanical, functional, and procedural specifications are provided for sending a bit stream on a computer network.


Components of the physical layer include:

• Cabling system components
• Adapters that connect media to physical interfaces
• Connector design and pin assignments
• Hub, repeater, and patch panel specifications
• Wireless system components
• Parallel SCSI (Small Computer System Interface)
• Network Interface Card (NIC)
In a LAN environment, Category 5e UTP (Unshielded Twisted Pair) cable is generally used for the physical layer for individual device connections. Fiber optic cabling is often used for the physical layer in a vertical or riser backbone link. The IEEE, EIA/TIA, ANSI, and other similar standards bodies developed standards for this layer.

Note: The Physical Layer of the OSI model is only part of a LAN (Local Area Network).


Layer 2 – The Data Link Layer

Layer 2 of the OSI model provides the following functions:

• Allows a device to access the network to send and receive messages
• Offers a physical address so a device’s data can be sent on the network
• Works with a device’s networking software when sending and receiving messages
• Provides error-detection capability
Common networking components that function at layer 2 include:
• Network interface cards
• Ethernet and Token Ring switches
• Bridges
NICs have a layer 2 or MAC address. A switch uses this address to filter and forward traffic, helping relieve congestion and collisions on a network segment.

Bridges and switches function in a similar fashion; however, bridging is normally a software program on a CPU, while switches use Application-Specific Integrated Circuits (ASICs) to perform the task in dedicated hardware, which is much faster.

Layer 3 – The Network Layer

Layer 3, the network layer of the OSI model, provides an end-to-end logical addressing system so that a packet of data can be routed across several layer 2 networks (Ethernet, Token Ring, Frame Relay, etc.).

Initially, software manufacturers, such as Novell, developed proprietary layer 3 addressing. However, the networking industry has evolved to the point that it requires a common layer 3 addressing system. The Internet Protocol (IP) addresses make networks easier to both set up and connect with one another. The Internet uses IP addressing to provide connectivity to millions of networks around the world.
To make it easier to manage the network and control the flow of packets, many organizations separate their network layer addressing into smaller parts known as subnets. Routers use the network or subnet portion of the IP addressing to route traffic between different networks. Each router must be configured specifically for the networks or subnets that will be connected to its interfaces.

Routers communicate with one another using routing protocols, such as Routing Information Protocol (RIP) and Open version of Shortest Path First (OSPF), to learn of other networks that are present and to calculate the best way to reach each network based on a variety of criteria (such as the path with the fewest routers). Routers and other networked systems make these routing decisions at the network layer.
When passing packets between different networks, it may become necessary to adjust their outbound size to one that is compatible with the layer 2 protocol that is being used. The network layer accomplishes this via a process known as fragmentation. A router’s network layer is usually responsible for doing the fragmentation. All reassembly of fragmented packets happens at the network layer of the final destination system.

Two of the additional functions of the network layer are diagnostics and the reporting of logical variations in normal network operation. While the network layer diagnostics may be initiated by any networked system, the system discovering the variation reports it to the original sender of the packet that is found to be outside normal network operation. The variation reporting exception is content validation calculations. If the calculation done by the receiving system does not match the value sent by the originating system, the receiver discards the related packet with no report to the sender. Retransmission is left to a higher layer’s protocol. Some basic security functionality can also be set up by filtering traffic using layer 3 addressing on routers or other similar devices.

Layer 4 – The Transport Layer

Layer 4, the transport layer of the OSI model, offers end-to-end communication between end devices through a network. Depending on the application, the transport layer either offers reliable, connection-oriented or connectionless, best-effort communications.
Some of the functions offered by the transport layer include:
• Application identification
• Client-side entity identification
• Confirmation that the entire message arrived intact
• Segmentation of data for network transport
• Control of data flow to prevent memory overruns
• Establishment and maintenance of both ends of virtual circuits
• Transmission-error detection
• Realignment of segmented data in the correct order on the receiving side
• Multiplexing or sharing of multiple sessions over a single physical link
The most common transport layer protocols are the connection-oriented TCP Transmission Control Protocol (TCP) and the connectionless UDP User Datagram Protocol (UDP).


Layer 5 – The Session Layer

Layer 5, the session layer, provides various services, including tracking the number of bytes that each end of the session has acknowledged receiving from the other end of the session. This session layer allows applications functioning on devices to establish, manage, and terminate a dialog through a network. Session layer functionality includes:
• Virtual connection between application entities
• Synchronization of data flow
• Creation of dialog units
• Connection parameter negotiations
• Partitioning of services into functional groups
• Acknowledgements of data received during a session
• Retransmission of data if it is not received by a device

Layer 6 – The Presentation Layer


Layer 6, the presentation layer, is responsible for how an application formats the data to be sent out onto the network. The presentation layer basically allows an application to read (or understand) the message.
Examples of presentation layer functionality include:
• Encryption and decryption of a message for security
• Compression and expansion of a message so that it travels efficiently
• Graphics formatting
• Content translation
• System-specific translation

Layer 7 – The Application Layer

Layer 7, the application layer, provides an interface for the end user operating a device connected to a network. This layer is what the user sees, in terms of loading an application (such as Web browser or e-mail); that
is, this application layer is the data the user views while using these applications.
Examples of application layer functionality include:
• Support for file transfers
• Ability to print on a network
• Electronic mail
• Electronic messaging
• Browsing the World Wide Web

Layers 8, 9, and 10

Whether a designed to be a humorous extension or a secret technician code, layers 8, 9, and 10 are not officially part of the OSI model. They refer to the non-technical aspects of computer networking that often interfere with the smooth design and operation of the network.

Layer 8 is usually considered the “office politics” layer. In most organizations, there is at least one group who is favored, at least temporarily, by management and receives “special” treatment. When it comes to networking, this may mean that this group always has the latest and/or fastest equipment and highest speed network links.

Layer 9 is generally referred to as the “blinders” layer. This layer applies to organizational managers who have already decided, usually with little or no current information, to dictate a previously successful network plan. They may say things such as:
“It worked in my last company, so we will use it here.”
“Everybody says this is the right solution.”
“I read in an airline magazine that this was the best way to do it so that is what we will do.”
What these managers seem to forget is that they are paying a highly qualified staff to provide them with useful information. These managers bypass planning in order to make a quick decision.

Layer 10, the “user” layer, is in every organization. But users are much more than a layer. While they are one of the reasons the network exists, users can also be a big part of the need for troubleshooting. This is especially true when the users have computers at home and have decided to “help” the network administrator or manager by making changes to the network without consulting the network staff. Equally challenging is the user who “didn’t do anything” when the network segment in his/her immediate vicinity suddenly stopped working. In these cases, the layer 10 identification coincides with layer 10 troubles (and the “ID10T” label some technicians have used).

TCP/IP Model Overview

The OSI model describes computer networking in seven layers. While there have been implementations of networking protocol that use those seven layers, most networks today use TCP/IP. But, networking professionals continue to describe networking functions in relation to the OSI layer that performs those tasks.

The TCP/IP model uses four layers to perform the functions of the seven-layer OSI model.
The network access layer is functionally equal to a combination of OSI physical and data link layers (1 and 2). The Internet layer performs the same functions as the OSI network layer (3).
Things get a bit more complicated at the host-to-host layer of the TCP/IP model. If the host-to-host protocol is TCP, the matching functionality is found in the OSI transport and session layers (4 and 5). Using UDP equates to the functions of only the transport layer of the OSI model.
The TCP/IP process layer, when used with TCP, provides the functions of the OSI model’s presentation and application layers (6 and 7). When the TCP/IP transport layer protocol is UDP, the process layer’s functions are equivalent to OSI session, presentation, and application layers (5, 6, and 7).

Equipment at the Layers

Some of the layers use equipment to support the identified functions. Hub related activity is “Layer One”.
The naming of some devices designates the functional layer such as “Layer Two Switch” or “Layer Three
Switch”. Router functions focus on “Layer Three”. User workstations and servers are often identified with
“Layer Seven”.