Security Now Episode 51
August 4th, 2006 by Stephen
Steve Gibson’s Security Now podcast majors on the story about the new network stack in Windows Vista. This is an interesting story, and an interesting podcast, but when Gibson describes what is meant by a network stack, be warned that he gets a bit muddled.
According to Gibson, the bottom of the TCP/IP stack is the “electrical link layer”. This is wrong. The bottom layer of the stack is the physical layer, and it is the physical layer that cares about the physical medium – the electrics if you like.
Of course it is not strictly true that one needs an electrical physical medium. There have been some novel media implemented in the past.
What has probably confused Gibson is that TCP/IP is not an exact fit for the OSI 7 layer model. Indeed, in an earlier podcast he wondered as to why we had jumped from IPv4 to IPv6, missing out IPv5. He seems unaware that IPv5 was an abortive attempt to rewrite the protocol to conform to the OSI 7 layer model – abandoned on grounds of the cost and difficulty of roll out
So the physical layer is not handled in the TCP/IP stack, but is hived of to the network interface card which also deals with the media access control (MAC) and other parts of the data link layer. The TCP/IP stack interfaces with the hardware through software drivers at the link layer.
The first layer that is wholly part of the TCP/IP network stack shipping with any of the current popular operating systems is the network layer (layer 3), what Stev Gibson calls the IP layer (not without justification. The network layer is the layer that abstracts out lower layers and deals with delivery of IP datagrams across networks).
Gibson calls layer 4 the “protocol layer”. By this he presumably means the layer that handles multiple transport protocols such as UDP, TCP and others. This layer is more usually called the transport layer, and that name will prevent confusion from the overloading of the term “protocol”.
So all in all, an interesting podcast, but don’t get confused by Gibson’s muddled description of the protocol stack
Oh and later in the podcast, Gibson says that Microsofts claim about Vista being the most secure OS yet is a non sequitur. Vista may be fundamentally flawed, but to be a non sequitur there would surely need to be an argument, whereas all Microsoft provide is a claim. But those big latin names for fallacies make it sound like we know what we are talking about don’t they!
Thansk so much for your critique. I was feeling very confused about network layers, but this helps a bit. Is there any chance to have a more in depth article?
There are many good articles on the Internet, or you could look at one of the excellent text books if you are really interested – e.g. “TCP/IP Protocol Suite” by Forouzan.
Wikipedia has a good introduction to the OSI 7 layer model. Note that TCP/IP does not follow the 7 layer model, and whilst you can fit it into the model, the fit is not perfect. I presume that was what confused Steve Gibson.
I hope to write more on network communications, but I am not sure if there is benefit in simply quoting the texts and web sites already available on the net. I’ll try and write articles about particular issues.
Thanks for your comments.