TryHackMe – OSI Model – Complete Walkthrough
The OSI Model Room at TryHackMe covers a brief introduction to the OSI network model and all seven layers of the model. There’s also a fun game at the end to help us learn the OSI model.
The OSI model is incredibly important, and covers how data is transmitted and received across networks.
Follow along with this complete walkthrough for additional information, tips and tricks as well as hidden solutions to prevent spoilers (highlight the solution boxes to find the answers).
This room can be found at: https://tryhackme.com/room/osimodelzi
- TryHackMe – OSI Model – Complete Walkthrough
- Walkthrough
- Conclusion
Walkthrough
Task 1: What is the OSI Model?
The OSI model (or Open Systems Interconnection Model) is an absolute fundamental model used in networking. This critical model provides a framework dictating how all networked devices will send, receive and interpret data.
One of the main benefits of the OSI model is that devices can have different functions and designs on a network while communicating with other devices. Data sent across a network that follows the uniformity of the OSI model can be understood by other devices.
The OSI model consists of seven layers which are illustrated in the diagram below. Each layer has a different set of responsibilities and is arranged from Layer 7 to Layer 1.
At every individual layer that data travels through, specific processes take place, and pieces of information are added to this data, which is what we’ll come to discuss in the upcoming tasks within this room. However, for now, we only need to understand that this process is called encapsulation and what the OSI model looks like in the diagram below:
Answer the questions below
Question 1
What does the “OSI” in “OSI Model” stand for?
Walkthrough:
The OSI model is a 7 layer network structure and is contrasted with the TCP/IP model, which has only 4 layers.
The top layer in the TCP/IP model (called application) includes the top three layers of the OSI Model (session, presentation, and application). Traditionally, the physical layer is not included in the TCP/IP model but is often included in 5 layer hybrid models.
The answer to this question can be found at the top of the description above.
Answer:
(Highlight below to find the answer):
Open Systems Interconnection
Question 2
How many layers (in digits) does the OSI model have?
Walkthrough:
The answer can be found above.
Answer:
(Highlight below to find the answer):
7
Question 3
What is the key term for when pieces of information get added to data?
Walkthrough:
In the OSI model, data from one layer is encapsulated and sent to the next layer down. For example, an Ethernet frame operates on the Level 2 – Data Link layer and contains an IP datagram used on Level 3 – Network layer. This IP datagram also contains a TCP segment which is used on Level 4 – Transport layer.
Thus each layer contains all of the higher layers that it ‘supports’. Like a Russian doll, each layer encapsulates all of the upper layers. This structure is broken down when a packet is being read and built back up when a new packet is formed.
Answer:
(Highlight below to find the answer):
Encapsulation
Task 2: Layer 7 – Application
The application layer of the OSI model is the layer that you will be most familiar with. This familiarity is because the application layer is the layer in which protocols and rules are in place to determine how the user should interact with data sent or received.
Everyday applications such as email clients, browsers, or file server browsing software such as FileZilla provide a friendly, Graphical User Interface (GUI) for users to interact with data sent or received. Other protocols include DNS (Domain Name System), which is how website addresses are translated into IP addresses.
Answer the questions below
Question 1
What is the name of this Layer?
Walkthrough:
This Task is focused on the top-most layer of the OSI Model. This is the layer that users interact with directly.
Answer:
(Highlight below to find the answer):
Application
Question 2
What is the technical term that is given to the name of the software that users interact with?
Walkthrough:
Ordinarily, most users are dealing with a GUI, which enhances the user‘s experience with an interactive graphical interface.
Answer:
(Highlight below to find the answer):
Graphical User Interface
Task 3: Layer 6 – Presentation
Layer 6 of the OSI model is the layer in which standardisation starts to take place. Because software developers can develop any software such as an email client differently, the data still needs to be handled in the same way — no matter how the software works.
This layer acts as a translator for data to and from the application layer (layer 7). The receiving computer will also understand data sent to a computer in one format destined for in another format. For example, when you send an email, the other user may have another email client to you, but the contents of the email will still need to display the same.
Security features such as data encryption (like HTTPS when visiting a secure site) occur at this layer.
Question 1
What is the name of this Layer?
Walkthrough:
This is the second layer from the top of the OSI Model, and sits between the session and application layers.
Answer:
(Highlight below to find the answer):
Presentation
Question 2
What is the main purpose that this Layer acts as?
Walkthrough:
This layer acts translates data between the application and session layers.
Answer:
(Highlight below to find the answer):
Translator
Task 4: Layer 5 – Session
Once data has been correctly translated or formatted from the presentation layer (layer 6), the session layer (layer 5) will begin to create a connection to the other computer that the data is destined for. When a connection is established, a session is created. Whilst this connection is active, so is the session.
The session layer (layer 5) synchronises the two computers to ensure that they are on the same page before data is sent and received. Once these checks are in place, the session layer will begin to divide up the data sent into smaller chunks of data and begin to send these chunks (packets) one at a time. This dividing up is beneficial because if the connection is lost, only the chunks that weren’t yet sent will have to be sent again — not the entire piece of the data (think of it as loading a save file in a video game).
What is worthy of noting is that sessions are unique — meaning that data cannot travel over different sessions, but in fact, only across each session instead.
Question 1
What is the name of this Layer?
Walkthrough:
This layer focuses on the connection between two synchronized computers. You can think of this connection as a kind of conversation; you don’t just launch into the middle of a conversation without saying hello (and establishing a common focus on the conversation) first, and you don’t abruptly leave a conversation without saying goodbye.
The name of this layer is the OSI term for a specific type of conversation between two computers.
Answer:
(Highlight below to find the answer):
Session
Question 2
What is the technical term for when a connection is successfully established?
Walkthrough:
This question is a bit of a trick. Re-read the above description if you have to. The answer is very simple.
Answer:
(Highlight below to find the answer):
Session
Question 3
What is the technical term for “small chunks of data”?
Walkthrough:
Data is sent in these small chunks across a network, or between networks. These chunks are normally made of two parts: Part (1) is a sequence of headers that allow data to be sent from one place to another (i.e. they contain data about the sender and receiver and other critical information). Part (2) is the actual data, which is called the payload.
If you need help in jogging your memory for the correct answer, think about packages. A package contains address information for the sender and receiver as well as the package contents.
Answer:
(Highlight below to find the answer):
Packets
Task 5: Layer 4 – Transport
Layer 4 of the OSI model plays a vital part in transmitting data across a network and can be a little bit difficult to grasp. When data is sent between devices, it follows one of two different protocols that are decided based upon several factors:
- TCP
- UDP
Let’s begin with TCP. The Transmission Control Protocol (TCP). Potentially hinted by the name, this protocol is designed with reliability and guarantee in mind. This protocol reserves a constant connection between the two devices for the amount of time it takes for the data to be sent and received.
Not only this, but TCP incorporates error checking into its design. Error checking is how TCP can guarantee that data sent from the small chunks in the session layer (layer 5) has then been received and reassembled in the same order.
Let’s summarise the advantages and disadvantages of TCP in the table below:
| Advantages of TCP | Disadvantages of TCP |
| Guarantees the accuracy of data. | Requires a reliable connection between the two devices. If one small chunk of data is not received, then the entire chunk of data cannot be used. |
| Capable of synchronising two devices to prevent each other from being flooded with data. | A slow connection can bottleneck another device as the connection will be reserved on the receiving computer the whole time. |
| Performs a lot more processes for reliability. | TCP is significantly slower than UDP because more work has to be done by the devices using this protocol. |
TCP is used for situations such as file sharing, internet browsing or sending an email. This usage is because these services require the data to be accurate and complete (no good having half a file!).
In the diagram below, we can see how a picture of a dog is broken down into small pieces of data (known as packets) from the “webserver”, where the “computer” re-constructs the picture of the dog into the correct order.
Now let’s move onto the User Datagram Protocol (or UDP for short). This protocol is not nearly as advanced as its brother – the TCP protocol. It doesn’t boast the many features offered by TCP, such as error checking and reliability. In fact, any data that gets sent via UDP is sent to the computer whether it gets there or not. There is no synchronisation between the two devices or guarantee; just hope for the best, and fingers crossed.
Whilst this sounds disadvantageous, it does have its merits, which we’ll layout in the table below:
| Advantages of UDP | Disadvantages of UDP |
| UDP is much faster than TCP. | UDP doesn’t care if the data is received. |
| UDP leaves the application layer (user software) to decide if there is any control over how quickly packets are sent. | It is quite flexible to software developers in this sense. |
| UDP does not reserve a continuous connection on a device as TCP does. | This means that unstable connections result in a terrible experience for the user. |
Using the same example as before, we can now see that only Packets #1 and #3 have been received by the “Computer”, meaning that half of the image is missing.
UDP is useful in situations where there are small pieces of data being sent. For example, protocols used for discovering devices (ARP and DHCP that we discussed in Room 2 – Intro to LAN) or larger files such as video streaming (where it is okay if some part of the video is pixelated. Pixels are just lost pieces of data!)
Question 1
What is the name of this Layer?
Walkthrough:
This layer is responsible for transporting data across a network.
Answer:
(Highlight below to find the answer):
Transport
Question 2
What does TCP stand for?
Walkthrough:
TCP is a protocol that controls the transmission of data.
Answer:
(Highlight below to find the answer):
Transmission Control Protocol
Question 3
What does UDP stand for?
Walkthrough:
The UDP acronym is a little tougher; it will become a bit easier when we learn about datagrams later on. It’s usually a good guess that the ‘P’ stands for ‘Protocol’. You can find the answer in the write-up.
Answer:
(Highlight below to find the answer):
User Datagram Protocol
Question 4
What protocol guarantees the accuracy of data?
Walkthrough:
The write-up is largely concerned with two protocols used at the Transport layer: TCP and UDP, and the differences between them.
In general, TCP only works when all data is correctly transmitted whereas UDP doesn’t care if data is missing. This makes TCP slow but reliable and accurate, whereas UDP is fast but unreliable and inaccurate.
Answer:
(Highlight below to find the answer):
TCP
Question 5
What protocol doesn’t care if data is received or not by the other device?
Walkthrough:
This protocol is fast but can have errors.
Answer:
(Highlight below to find the answer):
UDP
Question 6
What protocol would an application such as an email client use?
Walkthrough:
Email requires reliable transmission of data. If an email is missing information, it could result in a completely different message than what the sender intended.
Answer:
(Highlight below to find the answer):
TCP
Question 7
What protocol would an application that downloads files use?
Walkthrough:
Files generally require that all data be transmitted without any errors. Even a few missing bits of information could mean that the file is unreadable or useless.
Answer:
(Highlight below to find the answer):
TCP
Question 8
What protocol would an application that streams video use?
Walkthrough:
Video streaming is a great example of a situation where we don’t require all data; a video that has slightly reduced quality due to lost frames isn’t generally an issue. On the other hand, we need the data transmission to be fast or the video won’t stream well.
Answer:
(Highlight below to find the answer):
UDP
Task 6: Layer 3 – Network
The third layer of the OSI model (network layer) is where the magic of routing & re-assembly of data takes place (from these small chunks to the larger chunk). Firstly, routing simply determines the most optimal path in which these chunks of data should be sent.
Whilst some protocols at this layer determine exactly what is the “optimal” path that data should take to reach a device, we should only know about their existence at this stage of the networking module. Briefly, these protocols include OSPF (Open Shortest Path First) and RIP (Routing Information Protocol). The factors that decide what route is taken is decided by the following:
- What path is the shortest? I.e. has the least amount of devices that the packet needs to travel across.
- What path is the most reliable? I.e. have packets been lost on that path before?
- Which path has the faster physical connection? I.e. is one path using a copper connection (slower) or a fibre (considerably faster)?
At this layer, everything is dealt with via IP addresses such as 192.168.1.100. Devices such as routers capable of delivering packets using IP addresses are known as Layer 3 devices — because they are capable of working at the third layer of the OSI model.
Question 1
What is the name of this Layer?
Walkthrough:
This is the layer primarily responsible for the getting data across computer networks via the Internet Protocol (IP).
Answer:
(Highlight below to find the answer):
Network
Question 2
Will packets take the most optimal route across a network? (Y/N)
Walkthrough:
This question is bit of a freebie in my opinion. Would it make sense for a packet to travel using the fastest/best route possible or to randomly travel across the internet until it finds its’ destination?
Answer:
(Highlight below to find the answer):
Y
Question 3
What does the acronym “OSPF” stand for?
Walkthrough:
The write-up for this task mentions two protocols for determining the optimal route for a packet: Open Shortest Path First, and Routing Information Protocol.
Answer:
(Highlight below to find the answer):
Open Shortest Path First
Question 4
What does the acronym “RIP” stand for?
Walkthrough:
No, it’s not ‘Rest In Peace’. See the last question.
Answer:
(Highlight below to find the answer):
Routing Information Protocol
Question 5
What type of addresses are dealt with at this layer?
Walkthrough:
The Network layer relies heavily on the Internet Protocol (IP). What is the name for addresses that are used by the Internet Protocol?
Answer:
(Highlight below to find the answer):
IP Addresses
Task 7: Layer 2 – Data Link
The data link layer focuses on the physical addressing of the transmission. It receives a packet from the network layer (including the IP address for the remote computer) and adds in the physical MAC (Media Access Control) address of the receiving endpoint. Inside every network-enabled computer is a Network Interface Card (NIC) which comes with a unique MAC address to identify it.
MAC addresses are set by the manufacturer and literally burnt into the card; they can’t be changed — although they can be spoofed. When information is sent across a network, it’s actually the physical address that is used to identify where exactly to send the information.
Additionally, it’s also the job of the data link layer to present the data in a format suitable for transmission.
Question 1
What is the name of this Layer?
Walkthrough:
This layer provides the link for data that is transmitted on a network. Importantly, this layer uses the Ethernet protocol – this is mentioned in the first Task but is omitted in this Task‘s write-up.
Answer:
(Highlight below to find the answer):
Data Link
Question 2
What is the name of the piece of hardware that all networked devices come with?
Walkthrough:
This piece of hardware is referred to as a NIC. It is a card that interfaces between the device and a network.
Answer:
(Highlight below to find the answer):
Network Interface Card
Task 8: Layer 1 – Physical
This layer is one of the easiest layers to grasp. Put simply, this layer references the physical components of the hardware used in networking and is the lowest layer that you will find. Devices use electrical signals to transfer data between each other in a binary numbering system (1’s and 0’s).
For example, ethernet cables connecting devices, such as in the diagram below:
Question 1
What is the name of this Layer?
Walkthrough:
This layer has the name that is probably the easiest to remember other than the application layer. But it’s very well named, as it’s responsible for physically transmitting data across a network.
Answer:
(Highlight below to find the answer):
Physical
Question 2
What is the name of the numbering system that is both 0’s and 1’s?
Walkthrough:
This numbering system is also called base-2 because it uses only two numbers to count.
Answer:
(Highlight below to find the answer):
Binary
Question 3
What is the name of the cables that are used to connect devices?
Walkthrough:
There are actually several different types of these cables like CAT-5, CAT 5e, CAT 6 or even CAT 8. But there’s a general term to describe this whole family of cables.
Hint: These cables transmit information using the protocol from the data link layer.
Answer:
(Highlight below to find the answer):
Ethernet Cables
Task 9: Practical – OSI Game
Can you escape the OSI dungeon? Climb the levels in the correct order to escape the dungeon and reveal the flag! (Can you beat our staff high score of 19 seconds?)
Click the “View Site” button on the right to start.
Question 1
Escape the dungeon to retrieve the flag. What is the flag?
Walkthrough:
As mentioned, click the green “View Site” button to open the page containing the OSI game.
After clicking ‘Play’, you’ll be taken to a screen with a character on the bottom of a dungeon:
You’ll need to navigate the character through each level by choosing the correct layer, in the right order. Move the character using the left and right keys and pressing spacebar to enter through a doorway.
If you accidentally enter the wrong doorway, you will lose the game and will need to start over.
The correct order is:
Physical, Data Link, Network, Transport, Session, Presentation, and Application.
If you do this correctly, you will be given the flag for this question.
Answer:
(Highlight below to find the answer):
THM{OSI_DUNGEON_ESCAPED}
Task 10: Continue Your Learning: Packets and Frames
Continue your learning by joining the “Packets and Frames” room.
Question 1
Join the “Packets and Frames” room.
Walkthrough:
Follow the link to the “Packets and Frames” room and join it.
Answer:
(Highlight below to find the answer):
No answer needed
Conclusion
This lesson is basically a whirlwind tour of the OSI model.
The OSI model is super important, as it helps us to understand and think about computer networks and the internet.
Another super helpful model is the TCP/IP model, which has (traditionally) four or (modern/hybrid) five layers. The TCP/IP model is often taught first because it’s a bit simpler and can easily be expanded to the OSI model. Seven layers can be harder to remember and think about than five.
You should also consider that even though the OSI model is helpful, it really isn’t the framework for the internet, which uses the TCP/IP model. The important thing to remember is that TCP/IP models generally include the functionality of OSI models. The main difference is that TCP/IP incorporates the session, presentation, and application layers of the OSI model into a single application layer.
As we learn more, we’ll continually encounter networks and models, as well as the details of how the levels work.
