1 / 13

TCP/IP Packet Analysis and Troubleshooting

TCP/IP Packet Analysis and Troubleshooting. Bipin Jethwani. OSI model  - 7 Layers. TCP/IP model. Most computer operating systems in use today, including all consumer-targeted systems, include a TCP/IP implementation.

ayame
Télécharger la présentation

TCP/IP Packet Analysis and Troubleshooting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TCP/IP Packet Analysis and Troubleshooting Bipin Jethwani

  2. OSI model - 7 Layers

  3. TCP/IP model

  4. Most computer operating systems in use today, including all consumer-targeted systems, include a TCP/IP implementation. A minimally acceptable implementation includes the following protocols, listed from most essential to least essential: IP, ARP, ICMP, UDP, TCP and sometimes IGMP

  5. Encapsulation of application data descending through the layers 

  6. IP Based Protocols

  7. Address Resolution Protocol (ARP) It is a telecommunications protocol used for resolution of network layer addresses into link layer addresses

  8. Internet Control Message Protocol The tracert (traceroute), Pathping, are based on ICMP. The ping utility isimplementedusing the ICMP "Echo request" and "Echo reply" messages. This can be used for DoS attack and hence sometimes blocked. Since it works over IP and IP needs ip addresses, so there could be a DNS query before ping.

  9. Transmission Control Protocol TCP provides reliable, ordered delivery of a stream of octets from a program on one computer to another program on another computer. TCP provides a communication service at an intermediate level between an application program and the Internet Protocol (IP).  TCP is utilized extensively by many of the Internet's most popular applications, including the World Wide Web (WWW), E-mail, File Transfer Protocol, Secure Shell, peer-to-peerfile sharing, TCP is optimized for accurate delivery rather than timely delivery, and therefore overhead.

  10. Ports and Socket Both TCP and UDP use port numbers between 1 and 2^16.  However, these port numbers do not conflict.  If you open a UDP port 2001, that does not effect TCP port 2001.

  11. Starting a Connection 3-Way Handshake • Host 1 sends a SYN packet with sequence number 'x'. • Host 2 replies it with ACK=x+1, SYN y.  • This means Host 2 accept x as Host1 starting point • and expects next sequence to be x+1, • and wants itself to start at y. • Host 1 replies back with ACK=y+1. • This means host 1 accepts y as host 2.

  12. WireShark Wireshark is a network protocol analyzer for Unix and Windows. Attaches to computers Network Interfaces Cards It is freely available as open source, and is released under the GNU General Public License version 2. 

More Related