Learn more about the TCP/IP model
了解更多關於 TCP/IP 模型的資訊
In this reading, you will build on what you have learned about the Transmission Control Protocol/Internet Protocol (TCP/IP) model, consider the differences between the Open Systems Interconnection (OSI) model and TCP/IP model, and learn how they’re related. Then, you’ll review each layer of the TCP/IP model and go over common protocols used in each layer.
在這篇閱讀中,您將在已學習的傳輸控制協定/網際網路協定(TCP/IP)模型基礎上,考慮開放系統互連(OSI)模型與 TCP/IP 模型之間的差異,並了解它們之間的關係。接著,您將回顧 TCP/IP 模型的每一層,並了解每層中常用的協定。
As a security professional, it's important that you understand the TCP/IP model because it describes the functions of various network protocols. The TCP/IP model is based on the TCP/IP protocols suite that includes all network protocols that support the main TCP/IP protocol. To reiterate from previous lessons, a network protocol, also known as an internet protocol, is a set of standards used for routing and addressing data packets as they travel between devices on a network. In this reading, you will learn which network protocols operate on which communication layers of the TCP/IP model. The two most common models available are the TCP/IP and the OSI model. These models are a representative guideline of how hosts communicate across a network. The examples provided in this course will follow the TCP/IP model.
作為一名安全專業人士,了解 TCP/IP 模型是很重要的,因為它描述了各種網路協定的功能。TCP/IP 模型是基於 TCP/IP 協定套件,該套件包含所有支援主要 TCP/IP 協定的網路協定。重申之前的課程內容,網路協定,也稱為網際協定,是一組標準,用於在網路上設備之間傳輸時路由和定址數據包。在這篇閱讀中,您將學習哪些網路協定在 TCP/IP 模型的哪些通信層上運行。最常見的兩個模型是 TCP/IP 和 OSI 模型。這些模型是主機如何在網路上通信的代表性指導方針。本課程中提供的範例將遵循 TCP/IP 模型。
The TCP/IP model TCP/IP 模型
The TCP/IP model is a framework used to visualize how data is organized and transmitted across a network. This model helps network engineers and network security analysts conceptualize processes on the network and communicate where disruptions or security threats occur.
TCP/IP 模型是一個用來視覺化數據如何在網路中組織和傳輸的框架。這個模型幫助網路工程師和網路安全分析師構思網路上的過程,並溝通中斷或安全威脅發生的位置。
The TCP/IP model has four layers: the network access layer, internet layer, transport layer, and application layer. When troubleshooting issues on the network, security professionals can analyze which layers were impacted by an attack based on what processes were involved in an incident.
TCP/IP 模型有四個層:網路存取層、網際網路層、傳輸層和應用層。在網路故障排除時,安全專業人員可以根據事件中涉及的過程來分析攻擊影響了哪些層。
Network access layer 網路存取層
The network access layer, sometimes called the data link layer, deals with the creation of data packets and their transmission across a network. This layer corresponds to the physical hardware involved in network transmission. Hubs, modems, cables, and wiring are all considered part of this layer. The address resolution protocol (ARP) is part of the network access layer. Since MAC addresses are used to identify hosts on the same physical network, ARP is needed to map IP addresses to MAC addresses for local network communication.
網路存取層,有時稱為資料鏈路層,負責資料封包的創建及其在網路上的傳輸。此層對應於網路傳輸中涉及的物理硬體。集線器、調製解調器、電纜和線路都被視為此層的一部分。地址解析協議(ARP)是網路存取層的一部分。由於 MAC 地址用於識別同一物理網路上的主機,因此需要 ARP 將 IP 地址映射到 MAC 地址以進行本地網路通信。
Internet layer 網際網路層
The internet layer, sometimes referred to as the network layer, is responsible for ensuring the delivery to the destination host, which potentially resides on a different network. It ensures IP addresses are attached to data packets to indicate the location of the sender and receiver. The internet layer also determines which protocol is responsible for delivering the data packets and ensures the delivery to the destination host. Here are some of the common protocols that operate at the internet layer:
網際網路層,有時也稱為網路層,負責確保資料能夠傳送到目的地主機,該主機可能位於不同的網路上。它確保 IP 地址附加在資料包上,以指示發送者和接收者的位置。網際網路層還決定哪個協議負責傳送資料包,並確保其送達目的地主機。以下是一些在網際網路層運作的常見協議:
Internet Protocol (IP). IP sends the data packets to the correct destination and relies on the Transmission Control Protocol/User Datagram Protocol (TCP/UDP) to deliver them to the corresponding service. IP packets allow communication between two networks. They are routed from the sending network to the receiving network. TCP in particular retransmits any data that is lost or corrupt.
網際網路協議(IP)。IP 將資料包發送到正確的目的地,並依賴於傳輸控制協議/用戶資料報協議(TCP/UDP)將其傳送到相應的服務。IP 包允許兩個網路之間的通信。它們從發送網路路由到接收網路。特別是 TCP 會重新傳送任何丟失或損壞的資料。Internet Control Message Protocol (ICMP). The ICMP shares error information and status updates of data packets. This is useful for detecting and troubleshooting network errors. The ICMP reports information about packets that were dropped or that disappeared in transit, issues with network connectivity, and packets redirected to other routers.
網際網路控制訊息協定(ICMP)。ICMP 分享數據包的錯誤資訊和狀態更新。這對於檢測和排除網路錯誤非常有用。ICMP 報告有關被丟棄或在傳輸中消失的數據包、網路連接問題以及被重定向到其他路由器的數據包的資訊。
Transport layer 傳輸層
The transport layer is responsible for delivering data between two systems or networks and includes protocols to control the flow of traffic across a network. TCP and UDP are the two transport protocols that occur at this layer.
傳輸層負責在兩個系統或網路之間傳送資料,並包含控制網路流量的協議。TCP 和 UDP 是發生在此層的兩個傳輸協議。
Transmission Control Protocol
傳輸控制協議
The Transmission Control Protocol (TCP) is an internet communication protocol that allows two devices to form a connection and stream data. It ensures that data is reliably transmitted to the destination service. TCP contains the port number of the intended destination service, which resides in the TCP header of a TCP/IP packet.
傳輸控制協定(TCP)是一種網際網路通訊協定,允許兩個設備建立連接並進行數據流傳輸。它確保數據能夠可靠地傳送到目的服務。TCP 包含預定目的服務的埠號,該埠號位於 TCP/IP 封包的 TCP 標頭中。
User Datagram Protocol 使用者資料包協定
The User Datagram Protocol (UDP) is a connectionless protocol that does not establish a connection between devices before transmissions. It is used by applications that are not concerned with the reliability of the transmission. Data sent over UDP is not tracked as extensively as data sent using TCP. Because UDP does not establish network connections, it is used mostly for performance sensitive applications that operate in real time, such as video streaming.
使用者資料包協定(UDP)是一種無連接協定,在傳輸之前不會在設備之間建立連接。它被用於不關心傳輸可靠性的應用程式。通過 UDP 發送的數據不像使用 TCP 發送的數據那樣被廣泛追蹤。由於 UDP 不建立網路連接,因此主要用於對性能敏感且需要即時運作的應用程式,例如視頻串流。
Application layer 應用層
The application layer in the TCP/IP model is similar to the application, presentation, and session layers of the OSI model. The application layer is responsible for making network requests or responding to requests. This layer defines which internet services and applications any user can access. Protocols in the application layer determine how the data packets will interact with receiving devices. Some common protocols used on this layer are:
在 TCP/IP 模型中,應用層類似於 OSI 模型中的應用層、表示層和會話層。應用層負責發起網路請求或回應請求。此層定義了任何使用者可以訪問的網際網路服務和應用程式。應用層中的協定決定了數據包如何與接收設備互動。在此層中常用的一些協定包括:
Hypertext transfer protocol (HTTP)
超文字傳輸協定 (HTTP)Simple mail transfer protocol (SMTP)
簡單郵件傳輸協定 (SMTP)Secure shell (SSH) 安全殼層(SSH)
File transfer protocol (FTP)
檔案傳輸協定 (FTP)Domain name system (DNS) 網域名稱系統 (DNS)
Application layer protocols rely on underlying layers to transfer the data across the network.
應用層協定依賴底層來在網路中傳輸數據。
TCP/IP model versus OSI model
TCP/IP 模型與 OSI 模型比較
The OSI visually organizes network protocols into different layers. Network professionals often use this model to communicate with each other about potential sources of problems or security threats when they occur.
OSI 模型將網路協定視覺化地組織成不同的層級。網路專業人士經常使用此模型來相互溝通,討論問題或安全威脅的潛在來源。
The TCP/IP model combines multiple layers of the OSI model. There are many similarities between the two models. Both models define standards for networking and divide the network communication process into different layers. The TCP/IP model is a simplified version of the OSI model.
TCP/IP 模型結合了 OSI 模型的多個層級。這兩個模型之間有許多相似之處。兩者都定義了網路的標準,並將網路通信過程劃分為不同的層級。TCP/IP 模型是 OSI 模型的簡化版本。
Key takeaways 關鍵要點
Both the TCP/IP and OSI models are conceptual models that help network professionals visualize network processes and protocols in regards to data transmission between two or more systems. The TCP/IP model contains four layers, and the OSI model contains seven layers.
TCP/IP 和 OSI 模型都是概念模型,幫助網路專業人員在數據在兩個或多個系統之間傳輸時,視覺化網路過程和協議。TCP/IP 模型包含四層,而 OSI 模型包含七層。