Network Flashcards
How many Layers are in the TCP/IP Model?
5 Layers (Physical, Data Link, Network, Transport and Application)
Physical Layer (1st Layer)
It represents the physical devices that interconnect computers
Data Link Layer (2nd Layer)
Responsible for defining a common way of interpreting these signals so network devices can communicate. Most common protocol here is Ethernet.Moving data within a single link or network.
Network Layer or Internet Layer (3rd Layer)
Allows different networks to communicate with each other through devices known as routers. Moving data within multiple links or networks. Most common protol here is the IP (Internet Protocol)
Transport Layer (4th Layer)
Sorts out which client and server programs are supposed to get that data. Most common protocol TCP (Transmission Control Protocol), another one UDP (User Datagram Protocol). TCP provides mecanisms to ensure data is reliable delivered, while UDP doesn’t validate that.
Application Layer (5th Layer)
Different protocols and they are application specific.
Explain the Layers easily
Physical Layer -> Delivery Truck Data Link -> The roads themselves Network -> The map (route) that tells you the location between Address A and Address B Transport -> Driver that knows how to knock on your door, Is it residential? Is it a business? Application -> Contents of the package itself
What is Ethernet?
Is a data link layer protocol. The Ethernet standards also define a protocol responsible for getting data to nodes on the same network or link.
Internetwork
A collection of networks connected together through routers, the most famous of these being the Internet.
CSMA/CD
Carrier Sense Multiple Access with Collision Detection. Used to determine when the communication channels are clear, and when a device is free to transmit data.
MAC Address
Media Access Controll Address. A globally unique identifier attached to an individual network interface. It’s a 48-bit number normally represented by six groupings of two hexadecimal numbers.
What is a Unicast transmission
1 device sending transmission to one receiving address. If the least significat bit in the first octet of a destination address is set to zero, it means that the enthernet frame is intended for only the destination address.
What is a Multicast transmission
1 device sending transmission to multiple receiving address. If the least significat bit in the first octet of a destination address is set to one, it means that you are dealing with a multicast frame
What is a Broadcast transmision
1 device sending transmission to all devices in a lan. The ethernet broadcast address is FF:FF:FF:FF:FF:FF
What are the 6 TCP control Flags
URG (urgent) ACK (acknowledged) PSH (push) RST (reset) SYN (synchronize) FIN (finish)
TCP control flag URG(urgent)
A value of one here indicates tha the segment is considered urgent and that the urgent pointer field has more data about this. Doesn’t have widespread adoption, isn’t normally seen.
TCP control flag ACK(acknowledged)
A value of one in this field means that the acknowledgement number field should be examined.
TCP control flag PSH(push)
The transmitting device wants the receiving device to push currently buffered data to the application on the receiving end as soon as possible. A buffer is a computer technice when a certain amount of datais held somewhere, before is sent somewhere else. This is used to send large chunks of data more efficiently, by keeping some amounts of data in a buffer, TCP can deliver more meaninful chunks of data to the program waiting for it. In some cases you might be sending a small amount of information that you need the listening program to respond immediately, this is what the push flag does.
TCP control flag RST(reset)
On of the sides in a TCP connection hasn’t been able to properly recover from a series of missing malformed segments. Wait I can’t put over what you mean, let’s start over from scratch.
TCP control flag SYN(synchronize)
It’s used when first establishing a TCP connection and makes sure the receiving end knows the examine the sequence number field
TCP control flag FIN(finish)
When this flag is set to one, it means the transmitting computer doesn’t have any more data to send and the connection can be closed
Handshake
A way for two devices to ensure that they’re speaking the same protocol and will be able to understand each other
DNS
Domain Name System
DHCP
Dynamic Host Configuration Protocol
To troubleshoot communication into a specific port?
You use Netcat nc -zv -w 1 host port
To troubleshoot dns issues?
nslookup host.com
File Transfer Protocol (FTP)
20, 21
Secure Shell (SSH)
22
Telnet
23
Simple Mail Transfer Protocol (SMTP)
25
IPSec
50, 51
Domain Name System (DNS)
53
Dynamic Host Configuration Protocol (DHCP)
67, 68
Trivial File Transfer Protocol (TFTP)
69
HyperText Transfer Protocol (HTTP)
80
Post Office Protocol (POP3)
110
Network News Transport Protocol (NNTP)
119
Network Time Protocol (NTP)
123
NetBIOS
135-139
Internet Message Access Protocol (IMAP4)
143
Simple Network Management Protocol (SNMP)
161, 162
Lightweight Directory Access Protocol
389
HTTP with Secure Sockets Layer (SSL)
443
FTP over SSL/TLS (implicit mode)
989, 990
Remote Desktop Protocol
3389
MicroStrategy
34952
MicroStrategy SSL
39321
MySQL
3306
Oracle DB
1521, 1830
PostgreSQL
5432
SQL Server (MSSQL)
1433, 1434
401 Unauthorized
A 401 message means the server received an unauthenticated request.
404 Not Found
generated when a page the user is looking for cannot be found on the server
500 Internal Server Error
displays when something is wrong with your server
502 Bad Gateway
A bad gateway occurs when one server on the internet receives an invalid response from another server
A Record
Address Mapping record (A Record)—also known as a DNS host record, stores a hostname and its corresponding IPv4 address.
CNAME Record
Canonical Name record (CNAME Record)—can be used to alias a hostname to another hostname. When a DNS client requests a record that contains a CNAME, which points to another hostname, the DNS resolution process is repeated with the new hostname.
MX Record
Mail exchanger record (MX Record)—specifies an SMTP email server for the domain, used to route outgoing emails to an email server.
TXT Record
Text Record (TXT Record)—typically carries machine-readable data such as opportunistic encryption, sender policy framework, DKIM, DMARC, etc.
The three-way handshake
Computer A sends a TCP segment to Computer B with the SYN flag send (set to 1)
Computer B replies back to Computer A with 2 TCP segments with the SYN and ACK flags send (set to 1)
Computer A responds back with a TCP segment with the ACK flag send (set to 1)
Once the hanshake is established, it is said that a TCP connection in this state is operating in full duplex
How does the sending computer in the three-way handshake know which segment to send next?
The first communication sends the SEQ number as 1 in the Computer A and the response contains the ACK number from Computer B, Then Computer A replies back with the ACK Number set to the previous SEQ Number, so on and so forth.
The four-way handshake (closing the connection on one end)
Computer B (the one ready to close the connection) sends a TCP segment to Computer A with the FIN flag send (set to 1)
Computer A replies back to Computer B with a TCP segment with the ACK flag send (set to 1)
Computer A responds again to Computer B with a TCP segment with the FIN flag send (set to 1)
Computer B responds to Computer B with a TCP segment with the ACK flag send (set to 1)
