STRATEGY & CREATIVITY

Phasellus iaculis dolor nec urna nullam. Vivamus mattis blandit porttitor nullam.

PORTFOLIO

We pride ourselves on bringing a fresh perspective and effective marketing to each project.

Showing posts with label Introductory Networking. Show all posts

Study About Networking Protocols and Packets with working process

In a computer network, machines can communicate with each other by means of protocols.

This protocols ensures that computers can communicate with different hardware and software for their use. Largely different types of networks have these protocols on the Internet and each has its own purpose.

Do you know what the primary goal of networking is? Let us know about networking packets The primary goal of networking is to exchange information between computer networks, this information is carried by packets.

Packets

Packets are nothing but streams of bits used for data transmission over physical media as electric signals. Such media as a wire in a LAN ( local area network ) or the air in a WiFi network.

These electricals signals are then interpreted as bits ( zeros and ones ) that make up the information. Every packets in every protocol has the following structure.

The header has a protocol specific structure. This ensures that the receiving host can properly interpret the payload and handle the entire communication.

This payload is the actual information so it could be something like part of an email messages what the content of a file during download of any messages.

Example The IP Header

For example, the internet protocol header is atleast 160 bits (20 bytes) long, and it includes information to interpret the content of the IP packets.

Pic Credit Ine

The first four bits identify the Internet protocol (IP) version. Today they can be used to represent IP version 4 or 6.

Pic Credit Ine

The 32 bits starting at position 96 represent the source address.

Also read - Master Local Area Network (LAN) Topologies In Just A Few Hours!

The following tour bytes represent the destination address.

Pic Credit Ine

Using the information in header, the nodes involved in the communication can understand and use IP packets.

Also read - Network Monitoring Tools HelpSystems Intermapper

Protocol layers

There are many protocols out there, each for a specific purpose.

Purpose like -

# Transmitting data.
# identifying computers on a network.
# Exchanging emails, files or performing VoIP calls.
# Establishing a communication between the a server and a client.

Instead of using specific examples, let's focusing on the features that a protocol provides-

# Use the physical media to send packets.
# identify hosts
# Make an application ( email client, FTP, browsers, ....) work.
# transport data between processes ( the server and the client programs ).

Moreover, we can rewrite the list again as:

# Application Layer
# Transport Layer
# Network Layer
# Physical Layer

These layers work on top of one another and every layer has its own protocols.

For example -

A few examples of application layer protocols are the Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Post Office Protocol (POP), Simple Mail Transfer Protocol (SMTP), and Domain Name System (DNS).
The application layer does not need to know how to identify a process on a host, how to reach it and how to use the copper wire to establish a communication.

It's just uses its underlying layers.

The OSI Model

The OSI (Open Systems Interconnection) Model is a standardised model which we use to demonstrate the theory behind computer networking. In practice, it's actually the more compact TCP/IP model that real-world networking is based off; however the OSI model, in many ways, is easier to get an initial understanding from. The OSI Model: An Overview

There are many mnemonics floating around to help you learn the layers of the OSI model -- search around until you find one that you like.

Let's briefly take a look at each of these in turn:

slowly scroll the iframe below

Brought to you by kumaratuljaiswal.in

Also read - The TCP IP Model in Networking

Encapsulation

So let's know how the protocols work with each other. If each protocol has header and payload, then how can the protocol use these lower layers?

The entire upper protocol packet ( header and payload ) is the payload of the lower one, this is called encapsulation.
TCP is the real world implementation of a networking stack and is the protocol stack used on the internet.

The TCP/IP model is, in many ways, very similar to the OSI model. It's a few years older, and serves as the basis for real-world networking. The TCP/IP model consists of four layers: Application, Transport, Internet and Network Interface. Between them, these cover the same range of functions as the seven layers of the OSI Model. The TCP IP Model in Networking

You would be justified in asking why we bother with the OSI model if it's not actually used for anything in the real-world. The answer to that question is quite simply that the OSI model (due to being less condensed and more rigid than the TCP/IP model) tends to be easier for learning the initial theory of networking.

For More Details Click on the below iframe slowly slowly -

Brought to you by kumaratuljaiswal.in

Disclaimer

All tutorials are for informational and educational purposes only and have been made using our own routers, servers, websites and other vulnerable free resources. we do not contain any illegal activity. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. Hacking Truth is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used. We do not promote, encourage, support or excite any illegal activity or hacking.

Master Local Area Network (LAN) Topologies In Just A Few Hours!

Local Area Network (LAN) Topologies

Over the years, there has been experimentation and implementation of various network designs. In reference to networking, when we refer to the term "topology", we are actually referring to the design or look of the network at hand. Let's discuss the advantages and disadvantages of these topologies below. Master Local Area Network (LAN) Topologies In Just A Few Hours!

Ring Topology

The ring topology (also known as token topology) boasts some similarities. Devices such as computers are connected directly to each other to form a loop, meaning that there is little cabling required and less dependence on dedicated hardware such as within a star topology.

A ring topology works by sending data across the loop until it reaches the destined device, using other devices along the loop to forward the data. Interestingly, a device will only send received data from another device in this topology if it does not have any to send itself. If the device happens to have data to send, it will send its own data first before sending data from another device.

Master Local Area Network (LAN) Topologies In Just A Few Hours!

Because there is only one direction for data to travel across this topology, it is fairly easy to troubleshoot any faults that arise. However, this is a double-edged sword because it isn't an efficient way of data travelling across a network, as it may have to visit many multiple devices first before reaching the intended device.

Lastly, ring topologies are less prone to bottlenecks, such as within a bus topology, as large amounts of traffic are not travelling across the network at any one time. The design of this topology does, however, mean that a fault such as cut cable, or broken device will result in the entire networking breaking.

This lab will take you through the flaws in different network topologies

In a ring topology, all devices are a connector to two others to create a full circle

Packets of data travel from one device to the next until they have reached their destination

One of the major flaws with a ring topology is that if a device goes down or a cable is broken, then data will no longer be passed

If you hover over the middle of the network cable, you can cut it and see what happens to the packets

If you hover over the middle of the network cable, you can cut it and see what happens to the packets

The packets can now no longer travel around the network, and no devices can talk to each other

Bus Topology

This type of connection relies upon a single connection which is known as a backbone cable. This type of topology is similar to the leaf off of a tree in the sense that devices (leaves) stem from where the branches are on this cable.

Because all data destined for each device travels along the same cable, it is very quickly prone to becoming slow and bottlenecked if devices within the topology are simultaneously requesting data. This bottleneck also results in very difficult troubleshooting because it quickly becomes difficult to identify which device is experiencing issues with data all travelling along the same route.

However, with this said, bus topologies are one of the easier and more cost-efficient topologies to set up because of their expenses, such as cabling or dedicated networking equipment used to connect these devices.

Lastly, another disadvantage of the bus topology is that there is little redundancy in place in case of failures. This disadvantage is because there is a single point of failure along the backbone cable. If this cable were to break, devices can no longer receive or transmit data along the bus.

With a bus topology, all devices are connected to a single cable, often called the backbone.

Data is sent in both left and right directions down the backbone until the packet's destination is reached.

A major flaw in the bus topology is that it can't handle a large amount of data.

On the next step, send as many packets as quickly as you can to try and take down the network

Star Topology

The main premise of a star topology is that devices are individually connected via a central networking device such as a switch or hub. This topology is the most commonly found today because of its reliability and scalability - despite the cost.

Any information sent to a device in this topology is sent via the central device to which it connects. Let's explore some of these advantages and disadvantages of this topology below:

Because more cabling & the purchase of dedicated networking equipment is required for this topology, it is more expensive than any of the other topologies. However, despite the added cost, this does provide some significant advantages. For example, this topology is much more scalable in nature, which means that it is very easy to add more devices as the demand for the network increases.

Unfortunately, the more the network scales, the more maintenance is required to keep the network functional. This increased dependence on maintenance can also make troubleshooting faults much harder. Furthermore, the star topology is still prone to failure - albeit reduced. For example, if the centralised hardware that connects devices fails, these devices will no longer be able to send or receive data. Thankfully, these centralised hardware devices are often robust.

With a star topology, all devices are connected with their own cable to a central switch/hub.

Every packet is sent through this switch, which means if the switch goes down the network will no longer work.

See if you can somehow break the switch.

The network is now down.

What is a Switch?

Switches are dedicated devices within a network that are designed to aggregate multiple other devices such as computers, printers, or any other networking-capable device using ethernet. These various devices plug into a switch's port. Switches are usually found in larger networks such as businesses, schools, or similar-sized networks, where there are many devices to connect to the network. Switches can connect a large number of devices by having ports of 4, 8, 16, 24, 32, and 64 for devices to plug into.

Switches are much more efficient than their lesser counterpart (hubs/repeaters). Switches keep track of what device is connected to which port. This way, when they receive a packet, instead of repeating that packet to every port like a hub would do, it just sends it to the intended target, thus reducing network traffic.

Both Switches and Routers can be connected to one another. The ability to do this increases the redundancy (the reliability) of a network by adding multiple paths for data to take. If one path goes down, another can be used. Whilst this may reduce the overall performance of a network because packets have to take longer to travel, there is no downtime -- a small price to pay considering the alternative.

What is a Router?

It's a router's job to connect networks and pass data between them. It does this by using routing (hence the name router!).

Routing is the label given to the process of data travelling across networks. Routing involves creating a path between networks so that this data can be successfully delivered.

Routing is useful when devices are connected by many paths, such as in the example diagram below.

1) What does LAN stand for?

Ans - Local Area Network

2) What is the verb given to the job that Routers perform?

Ans - Routing

3) What device is used to centrally connect multiple devices on the local network and transmit data to the correct location?

Ans - Switch

4) What topology is cost-efficient to set up?

Ans - Bus Topology

5) What topology is expensive to set up and maintain?

Ans - Star Topology

A Primer on Subnetting

As we've previously discussed throughout the module so far, Networks can be found in all shapes and sizes - ranging from small to large. Subnetting is the term given to splitting up a network into smaller, miniature networks within itself. Think of it as slicing up a cake for your friends. There's only a certain amount of cake to go around, but everybody wants a piece. Subnetting is you deciding who gets what slice & reserving such a slice of this metaphorical cake.

Take a business, for example; You will have different departments such as:

    Accounting
    Finance
    Human Resources

Whilst you know where to send information in real life to the correct department, networks need to know as well. Network administrators use subnetting to categorise and assign specific parts of a network to reflect this.

Subnetting is achieved by splitting up the number of hosts that can fit within the network, represented by a number called a subnet mask. Let's refer back to our diagram from the first room in this module:

As we can recall, an IP address is made up of four sections called octets. The same goes for a subnet mask which is also represented as a number of four bytes (32 bits), ranging from 0 to 255 (0-255).

Subnets use IP addresses in three different ways:

    Identify the network address
    Identify the host address
    Identify the default gateway




Let's split these three up to understand their purposes into the table below:

Type	Purpose	Explanation	Example
Network Address	This address identifies the start of the actual network and is used to identify a network's existence.	For example, a device with the IP address of 192.168.1.100 will be on the network identified by 192.168.1.0	192.168.1.0
Host Address	An IP address here is used to identify a device on the subnet	For example, a device will have the network address of 192.168.1.1	192.168.1.100
Default Gateway	The default gateway address is a special address assigned to a device on the network that is capable of sending information to another network.	Any data that needs to go to a device that isn't on the same network (i.e. isn't on 192.168.1.0) will be sent to this device. These devices can use any host address but usually use either the first or last host address in a network (.1 or .254)	192.168.1.254

Now, in small networks such as at home, you will be on one subnet as there is an unlikely chance that you need more than 254 devices connected at one time.

However, places such as businesses and offices will have much more of these devices (PCs, printers, cameras and sensors), where subnetting takes place.

Subnetting provides a range of benefits, including:

    Efficiency
    Security
    Full control



We'll come on to explore exactly how subnetting provides these benefits at a later date; however, for now, all we need to understand is the security element to it. Let's take the typical café on the street. This cafe will have two networks:

One for employees, cash registers, and other devices for the facility
One for the general public to use as a hotspot

Subnetting allows you to separate these two use cases from each other whilst having the benefits of a connection to larger networks such as the Internet.

1) What is the technical term for dividing a network up into smaller pieces?

Ans - Subnetting

2) How many bits are in a subnet mask?

Ans - 32

3) What is the range of a section (octet) of a subnet mask?

Ans - 0-255

4) What address is used to identify the start of a network?

Ans - Network address

5) What address is used to identify devices within a network?

Ans - Host address

6) What is the name used to identify the device responsible for sending data to another network?

Ans - Default Gateway

Provided by Hacking Truth

The ARP Protocol

Recalling from our previous tasks that devices can have two identifiers: A MAC address and an IP address, the ARP protocol or Address Resolution Protocol for short, is the technology that is responsible for allowing devices to identify themselves on a network.

Simply, the ARP protocol allows a device to associate its MAC address with an IP address on the network. Each device on a network will keep a log of the MAC addresses associated with other devices.

When devices wish to communicate with another, they will send a broadcast to the entire network searching for the specific device. Devices can use the ARP protocol to find the MAC address (and therefore the physical identifier) of a device for communication.

How does ARP Work?

Each device within a network has a ledger to store information on, which is called a cache. In the context of the ARP protocol, this cache stores the identifiers of other devices on the network.

In order to map these two identifiers together (IP address and MAC address), the ARP protocol sends two types of messages:

ARP Request
ARP Reply

When an ARP request is sent, a message is broadcasted to every other device found on a network by the device, asking whether or not the device's MAC address matches the requested IP address. If the device does have the requested IP address, an ARP reply is returned to the initial device to acknowledge this. The initial device will now remember this and store it within its cache (an ARP entry).

This process is illustrated in the diagram below:

1) What does ARP stand for?

Ans - Address resolution protocol

2) What category of ARP Packet asks a device whether or not it has a specific IP address?

Ans - Request

3) What address is used as a physical identifier for a device on a network?

Ans - MAC Address

4) What address is used as a logical identifier for a device on a network?

Ans - IP address

The DHCP Protocol

IP addresses can be assigned either manually, by entering them physically into a device, or automatically and most commonly by using a DHCP (Dynamic Host Configuration Protocol) server. When a device connects to a network, if it has not already been manually assigned an IP address, it sends out a request (DHCP Discover) to see if any DHCP servers are on the network. The DHCP server then replies back with an IP address the device could use (DHCP Offer). The device then sends a reply confirming it wants the offered IP Address (DHCP Request), and then lastly, the DHCP server sends a reply acknowledging this has been completed, and the device can start using the IP Address (DHCP ACK).

1) What type of DHCP packet is used by a device to retrieve an IP address?

Ans - DHCP Discover

2) What type of DHCP packet does a device send once it has been offered an IP address by the DHCP server?

Ans - DHCP Request

3) Finally, what is the last DHCP packet that is sent to a device from a DHCP server?

Ans - DHCP Ack

Provided by Hacking Truth

Disclaimer

All tutorials are for informational and educational purposes only and have been made using our own routers, servers, websites and other vulnerable free resources. we do not contain any illegal activity. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. Hacking Truth is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used. We do not promote, encourage, support or excite any illegal activity or hacking.

- Hacking Truth by Kumar Atul Jaiswal

The logical follow-up to the ping command is 'traceroute'. The easiest way to understand what traceroute does is to think of your home network. Say, for example, that you have a wireless router. Your phone is connected to it, as is your computer. What happens if you want to send something to your phone from your computer? You can't just send stuff directly to your phone -- not without directly connecting them, so how would the information get across? The request would first be sent to your router which acts as a gateway. The router knows every device that's connected to it, ergo, it knows how to get to your phone. The router then forwards your request on to your phone and facilitates the return connection in the same way. Traceroute can be used to map the path your request takes as it heads to the target machine. Networking tool traceroute

The internet is made up of many, many different servers and end-points, all networked up to each other. This means that, in order to get to the content you actually want, you first need to go through a bunch of other servers. Traceroute allows you to see each of these connections -- it allows you to see every intermediate step between your computer and the resource that you requested. The basic syntax for traceroute on Linux is this: traceroute <destination>

By default, traceroute operates using the same ICMP protocol that ping utilises, however, this can be altered with switches.

You can see that it took 13 hops to get from my router (_gateway) to the Google server at 216.58.205.46

Now it's your turn. As with before, all questions about switches can be answered with the man page for traceroute
(man traceroute).

#1 Use traceroute on tryhackme.com
Can you see the path your request has taken?

#2 What switch would you use to specify an interface when using Traceroute?

Ans :- -i

#3 What switch would you use if you wanted to use TCP requests when tracing the route?

Ans :- -T

#4 [Lateral Thinking] Which layer of the TCP/IP model will traceroute run on by default?

Internet

I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

Network Tool Ping

At this stage, hopefully all of the theory has made sense and you now understand the basic models behind computer networking. For the rest of the room we're going to be taking a look at some of the command line networking tools that we can use in practical applications. Many of these tools do work on other operating systems, but for the sake of simplicity, I'm going to assume that you're running Linux for the rest of this room. The first tool that we're going to look at will be the ping command. Networking Ping command

The ping command is used when we want to test whether a connection to a remote resource is possible. Usually this will be a website on the internet, but it could also be for a computer on your home network if you want to check if it's configured correctly. Ping works using the ICMP protocol, which is one of the slightly less well-known TCP/IP protocols that I mentioned earlier. The ICMP protocol works on the Network layer of the OSI Model, and thus the Internet layer of the TCP/IP model. The basic syntax for ping is ping <target>.

In this example I am using ping to test whether a network connection to Google is possible:

Notice that the ping command actually returned the IP address for the Google server that it connected to, rather than the URL that I requested. This is a handy secondary application for ping, as it can be used to determine the IP address of the server hosting a website. One of the big advantages of ping is that it's pretty much ubiquitous to any network enabled device. All operating systems support it out of the box, and even most embedded devices can use ping!

Have a go at the following questions. Any questions about syntax can be answered using the man page for ping (man ping on Linux).

#1 What command would you use to ping the bbc.co.uk website?

Ans :- ping bbc.co.uk

#2 Ping muirlandoracle.co.uk
What is the IP address?

Ans :- 217.160.0.152

#3 What switch lets you change the interval of sent ping requests?

Ans :- -i

#4 What switch would allow you to restrict requests to IPV4?

Ans :- -4

#5 What switch would give you a more verbose output?

Ans :- -v

I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

We've gone over the basic theory -- now let's put it into practice! In this task we're going to look at some captured network traffic to see the advantages of understanding the OSI and TCP/IP Models. Wireshark Capture Network Traffic

Wireshark is a tool used to capture and analyse packets of data going across a network.

We're going to use Wireshark to get an idea of what these models look like in practice, with real world data.

Download the attached .pcap file (Wireshark capture) and follow along!

Click Here :- PCAP FIle

When you first load the packet into Wireshark you're given a list of captured data in the top window (there are two items in this window just now), and in the bottom two windows you're shown the data contained in each captured packet of data:

Currently we're looking at the first packet, so let's have a look at the data in a little more detail:

There are 5 pieces of information here:

Frame 1 -- this is showing details from the physical layer of the OSI model (Network Interface layer of the TCP/IP model): the size of the packet received in terms of bytes)

Ethernet II -- this is showing details from the Data Link layer of the OSI model (Network Interface layer of the TCP/IP model): the transmission medium (in this case an Ethernet cable), as well as the source and destination MAC addresses of the request.

Internet Protocol Version 4 -- this is showing details from the Network layer of the OSI model (Internet Layer of the TCP/IP model): the source and destination IP addresses of the request.

Transmission Control Protocol -- this is showing details from the Transport layer of the OSI and TCP/IP models: in this case it's telling us that the protocol was TCP, along with a few other things that we're not covering here.

Hypertext Transfer Protocol -- this is showing details from the Application layer of the OSI and TCP/IP models: specifically, this is a HTTP GET request, which is requesting a web page from a remote server.

This is not a Wireshark room, so we're not going to go into any more depth than that. The important thing is that you understand how the theory you learnt earlier translated into a real life scenario.

With that in mind, click on the second captured packet (in the top window) and answer the following questions:

#1 What is the protocol specified in the section of the request that's linked to the Application layer of the OSI and TCP/IP Models?

Ans :- Domain name system

#2 Which layer of the OSI model does the section that shows the IP address "172.16.16.77" link to (Name of the layer)?

Ans :- Network

#3 In the section of the request that links to the Transport layer of the OSI and TCP/IP models, which protocol is specified?

Ans :- User Datagram Protocol

#4 Over what medium has this request been made (linked to the Data Link layer of the OSI model)?

Ans :- Etnernet II

#5 Which layer of the OSI model does the section that shows the number of bytes transferred (81) link to?

Ans :- Physical

#6 [Research] Can you figure out what kind of address is shown in the layer linked to the Data Link layer of the OSI model?

Ans :- MAC

I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

We talked about domains in the previous task -- now lets talk about how they work.

Ever wondered how a URL gets converted into an IP address that your computer can understand? The answer is a TCP/IP protocol called DNS (Domain Name System). dig in Networking tools dig in Networking tools

At the most basic level, DNS allows us to ask a special server to give us the IP address of the website we're trying to access. For example, if we made a request to www.google.com, our computer would first send a request to a special DNS server (which your computer already knows how to find). The server would then go looking for the IP address for Google and send it back to us. Our computer could then send the request to the IP of the Google server.

Let's break this down a bit.

You make a request to a website. The first thing that your computer does is check its local cache to see if it's already got an IP address stored for the website; if it does, great. If not, it goes to the next stage of the process.

Assuming the address hasn't already been found, your computer will then send a request to what's known as a recursive DNS server. These will automatically be known to the router on your network. Many Internet Service Providers (ISPs) maintain their own recursive servers, but companies such as Google and OpenDNS also control recursive servers. This is how your computer automatically knows where to send the request for information: details for a recursive DNS server are stored in your router. This server will also maintain a cache of results for popular domains; however, if the website you've requested isn't stored in the cache, the recursive server will pass the request on to a root name server.

There are precisely 13 root name DNS servers in the world. The root name servers essentially keep track of the DNS servers in the next level down, choosing an appropriate one to redirect your request to. These lower level servers are called Top-Level Domain servers.

Top-Level Domain (TLD) servers are split up into extensions. So, for example, if you were searching for tryhackme.com your request would be redirected to a TLD server that handled .com domains. If you were searching for bbc.co.uk your request would be redirected to a TLD server that handles .co.uk domains. As with root name servers, TLD servers keep track of the next level down: Authoritative name servers. When a TLD server receives your request for information, the server passes it down to an appropriate Authoritative name server.

Authoritative name servers are used to store DNS records for domains directly. In other words, every domain in the world will have it's DNS records stored on an Authoritative name server somewhere or another; they are the source of the information. When your request reaches the authoritative name server for the domain you're querying, it will send the relevant information back to you, allowing your computer to connect to the IP address behind the domain you requested.

When you visit a website in your web browser this all happens automatically, but we can also do it manually with a tool called dig . Like ping and traceroute, dig should be installed automatically on Linux systems.

Dig allows us to manually query recursive DNS servers of our choice for information about domains:
dig <domain> @<dns-server-ip>

It is a very useful tool for network troubleshooting.

This is a lot of information. We're currently most interested in the ANSWER section for this room; however, taking the time to learn what the rest of this means is a very good idea. In summary, that information is telling us that we sent it one query and successfully (i.e. No Errors) received one full answer -- which, as expected, contains the IP address for the domain name that we queried.

Another interesting piece of information that dig gives us is the TTL (Time To Live) of the queried DNS record. As mentioned previously, when your computer queries a domain name, it stores the results in its local cache. The TTL of the record tells your computer when to stop considering the record as being valid -- i.e. when it should request the data again, rather than relying on the cached copy.

The TTL can be found in the second column of the answer section:

It's important to remember that TTL (in the context of DNS caching) is measured in seconds, so the record in the example will expire in two minutes and thirty-seven seconds.

Have a go at some questions about DNS and dig.

#1 What is DNS short for?

Ans :- Domain name system

#2 What is the first type of DNS server your computer would query when you search for a domain?

Ans :- Recursive

#3 What type of DNS server contains records specific to domain extensions (i.e. .com, .co.uk, etc)? Use the long version of the name.

Ans :- Top-level Domain

#4 Where is the very first place your computer would look to find the IP address of a domain?

Ans :- Local Cache

#5 [Research] Google runs two public DNS servers. One of them can be queried with the IP 8.8.8.8, what is the IP address of the other one?

Ans :- 8.8.4.4

#6 If a DNS query has a TTL of 24 hours, what number would the dig query show?

Ans :- 86400

I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

Domain Names -- the unsung saviours of the internet.

Can you imagine how it would feel to remember the IP address of every website you want to visit? Horrible thought.

Fortunately, we've got domains.

We'll talk a little bit more about how this works in the next task, but for now suffice to know that a domain translates into an IP address so that we don't need to remember it (e.g. you can type tryhackme.com, rather than the TryHackMe IP address). Domains are leased out by companies called Domain Registrars. If you want a domain, you go and register with a registrar, then lease the domain for a certain length of time.

Enter Whois.

Whois essentially allows you to query who a domain name is registered to. In Europe personal details are redacted; however, elsewhere you can potentially get a great deal of information from a whois search.

There is a web version of the whois tool if you're particularly adverse to the command line. Either way, let's get started!

(Note: You may need to install whois before using it. On Debian based systems this can be done with sudo apt update && sudo apt-get install whois)

Whois lookups are very easy to perform. Just use whois <domain> to get a list of available information about the domain registration:

This is comparatively a very small amount of information as can often be found. Notice that we've got the domain name, the company that registered the domain, the last renewal, and when it's next due, and a bunch of information about nameservers (which we'll look at in the next task). Networking in whois lookup

#1 Perform a whois search on facebook.com

Ans :-

#2 What is the registrant postal code for facebook.com?

Ans :- 94025

#3 When was the facebook.com domain first registered?

Ans :- 29/03/1997

#4 Perform a whois search on microsoft.com

Ans :- no answer needed

#5 Which city is the registrant based in?

Ans :- Redmond

#6 [OSINT] What is the name of the golf course that is near the registrant address for microsoft.com?

Ans :- Bellevue Golf Course

#7 What is the registered Tech Email for microsoft.com?

Ans :- msnhst@microsoft.com

I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

The TCP IP Model

The TCP/IP model is, in many ways, very similar to the OSI model. It's a few years older, and serves as the basis for real-world networking. The TCP/IP model consists of four layers: Application, Transport, Internet and Network Interface. Between them, these cover the same range of functions as the seven layers of the OSI Model. The TCP IP Model in Networking

You would be justified in asking why we bother with the OSI model if it's not actually used for anything in the real-world. The answer to that question is quite simply that the OSI model (due to being less condensed and more rigid than the TCP/IP model) tends to be easier for learning the initial theory of networking.

The two models match up something like this:

The processes of encapsulation and de-encapsulation work in exactly the same way with the TCP/IP model as they do with the OSI model. At each layer of the TCP/IP model a header is added during encapsulation, and removed during de-encapsulation.

Now let's get down to the practical side of things.

A layered model is great as a visual aid -- it shows us the general process of how data can be encapsulated and sent across a network, but how does it actually happen?

When we talk about TCP/IP, it's all well and good to think about a table with four layers in it, but we're actually talking about a suite of protocols -- sets of rules that define how an action is to be carried out. TCP/IP takes its name from the two most important of these: the Transmission Control Protocol (which we touched upon earlier in the OSI model) that controls the flow of data between two endpoints, and the Internet Protocol, which controls how packets are addressed and sent. There are many more protocols that make up the TCP/IP suite; we will cover some of these in later tasks. For now though, let's talk about TCP.

As mentioned earlier, TCP is a connection-based protocol. In other words, before you send any data via TCP, you must first form a stable connection between the two computers. The process of forming this connection is called the three-way handshake.

When you attempt to make a connection, your computer first sends a special request to the remote server indicating that it wants to initialise a connection. This request contains something called a SYN (short for synchronise) bit, which essentially makes first contact in starting the connection process. The server will then respond with a packet containing the SYN bit, as well as another "acknowledgement" bit, called ACK. Finally, your computer will send a packet that contains the ACK bit by itself, confirming that the connection has been setup successfully. With the three-way handshake successfully completed, data can be reliably transmitted between the two computers. Any data that is lost or corrupted on transmission is re-sent, thus leading to a connection which appears to be lossless.

(Credit Kieran Smith, Abertay University, TryHackMe)

We're not going to go into exactly how this works on a step-to-step level -- not in this room at any rate. It is sufficient to know that the three-way handshake must be carried out before a connection can be established using TCP.

History:

It's important to understand exactly why the TCP/IP and OSI models were originally created. To begin with there was no standardisation -- different manufacturers followed their own methodologies, and consequently systems made by different manufacturers were completely incompatible when it came to networking. The TCP/IP model was introduced by the American DoD in 1982 to provide a standard -- something for all of the different manufacturers to follow. This sorted out the inconsistency problems. Later the OSI model was also introduced by the International Organisation for Standardisation (ISO); however, it's mainly used as a more comprehensive guide for learning, as the TCP/IP model is still the standard upon which modern networking is based.

#1 Which model was introduced first, OSI or TCP/IP?

ans :- TCP/IP

#2 Which layer of the TCP/IP model covers the functionality of the Transport layer of the OSI model (Full Name)?

ANs :- transport

#3 Which layer of the TCP/IP model covers the functionality of the Session layer of the OSI model (Full Name)?

Ans :- Application

#4 The Network Interface layer of the TCP/IP model covers the functionality of two layers in the OSI model. These layers are Data Link, and?.. (Full Name)?

Ans :- Physical

#5 Which layer of the TCP/IP model handles the functionality of the OSI network layer?

Ans :- Internet

#6 What kind of protocol is TCP?

Ans :- Connection-based

#7 What is SYN short for?

Ans:- Synchronise

#8 What is the second step of the three way handshake?

Ans :- SYN/ACK

#9 What is the short name for the "Acknowledgement" segment in the three-way handshake?

Ans :- ACK

I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

WHAT WE DO

We've been developing corporate tailored services for clients for 30 years.

ABOUT US

OUR TEAM

Kumar Atul Jaiswal

Kumar Atul Jaiswal

Kumar Atul Jaiswal

OUR SKILLS

Marketing

Websites

PR

ACHIEVEMENTS

STRATEGY & CREATIVITY

PORTFOLIO

Packets

Example The IP Header

Protocol layers

The OSI Model

Encapsulation

Disclaimer

Master Local Area Network (LAN) Topologies In Just A Few Hours!

Local Area Network (LAN) Topologies

Ring Topology

Bus Topology

Star Topology

What is a Switch?

What is a Router?

A Primer on Subnetting

The ARP Protocol

How does ARP Work?

The DHCP Protocol

Disclaimer

Network Tool Ping

There are 5 pieces of information here:

The TCP IP Model

History:

Ads

Youtube

Linkedln

Popular Posts

Like Us

Labels

Let's Talk About

Tweet

Connection

WHAT WE DO

ANALYTICS

CONSULTING

DESIGN

DEVELOPMENT

MARKETING

SEO

CONTACT US

Hacking Truth.in