OSI Model and Utilizing SHA256 Hashing

The Seven Layers of the OSI Model: Open Systems Interconnections

The OSI Model, or Open Systems Interconnection model, is a conceptual framework used to understand and implement network protocols in seven distinct layers. This model is essential for designing and troubleshooting networks. Here’s a breakdown of each layer with a mnemonic to remember them: "All People Seem To Need Data Processing."

1. Application Layer (Layer 7)

   - The Application layer is one of the two layers that the user interacts with directly. It provides an interface for user applications to communicate with the network. Protocols at this layer include HTTP and SMTP.

2. Presentation Layer (Layer 6)

   - The Presentation layer is responsible for translating data between the application layer and the network. It ensures that the data is in a readable format, handling encryption and decryption to provide the correct visualization.

3. Session Layer (Layer 5)

   - The Session layer manages the communication sessions between computers. It establishes, maintains, and terminates the connections, ensuring the orderly exchange of data.

4. Transport Layer (Layer 4)

   - The Transport layer segments data into packets for transmission and reassembles them at the destination. It also provides error checking and data flow control, ensuring complete and accurate data transfer.

5. Network Layer (Layer 3)

   - The Network layer is responsible for routing data across different networks. It uses logical addressing (such as IP addresses) to determine the best path for data transfer.

6. Data Link Layer (Layer 2)

   - The Data Link layer handles the physical transmission of data and its encapsulation into frames. It provides error detection and correction to ensure reliable data transfer over the physical medium.

7. Physical Layer (Layer 1)

   - The Physical layer encompasses the hardware components of a network, such as Ethernet cables. It deals with the physical connection between devices and the transmission and reception of raw bitstreams.

How to Get a SHA256 Hash

Generating a SHA256 hash is a common task for verifying the integrity of files. Here’s how you can do it using PowerShell:

Command to Generate SHA256 Hash:

"get-filehash -algorithm SHA256 -path <filepath>"

Replace `<filepath>` with the actual path to the file you want to hash.

Example: Retrieving a SHA256 Hash from an Email Attachment

In a recent lab exercise I completed for BTL1, we manually retrieved artifacts from an email. Here’s a step-by-step guide on how we saved a downloaded file from an email to our desktop folder and used PowerShell to retrieve its SHA256 hash.

1. Save the File:

   - Download the file from the email and save it to your desktop or any desired location.

2. Open PowerShell:

   - Open PowerShell by searching for it in the Start menu.

3. Run the Command:

   - Navigate to the folder where the file is saved or provide the full path in the command.

   - Execute the command:

"get-filehash -algorithm SHA256 -path "C:\Users\YourUsername\Desktop\yourfile.ext"

   - This will output the SHA256 hash of the specified file.

Modifying the Algorithm:

- While the default algorithm for `get-filehash` is SHA256, you can change it to another algorithm such as MD5 by appending `-algorithm md5`:

"get-filehash -algorithm md5 -path "C:\Users\YourUsername\Desktop\yourfile.ext"

By following these steps, you can ensure the integrity of your files by comparing the computed hash against the expected value, providing a reliable way to verify that your data has not been altered or corrupted during transmission.