Week 1 - Intro Flashcards
midterm question
The TCP/IP model? Everything.
Application Layer | Protocol: HTTP, SMTP | Data unit : Messages | Adressing, Device -
Transport Layer | Protocol: TCP, UDP | Data unit: Segment | Adressing : Port #s | Device -
Network Layer | Protocol: IP | Data unit: Datagram | Addressing: IP address | Device: Router
Data Link Layer | Protocol: Ethernet, Wi-fi | Data unit: Frames | Addressing: MAC address | Device: Switch
Physical Layer | Protocol: 1-BaseT, 802.11 | Data Unit: Bits | Addressing - | Device: Hub
What are routers?
They operate at the network layer. They can forward data between two independent networks. To determine data destination, they inspect Ethernet frames and/or IP datagrams. Within themselves they store internal tables which contain information on how to route traffic between different networks.
What are switches?
They operate at data link layer. They are used to connect many different devices. They can inspect the Ethernet frames and by that they find the destination device (MAC) address and forward data (received from the source device) to that device only.
What are Network Interface Cards?
NIC converts data into digital signal and provices a slot for cable or an antenna integrated onto the card. MAC (Media Acces Control) address is built-in to these devices.
What are the types of transmission media?
Guided and unguided. Within the unguided media signals propagate freely through the air (radio, satellite, lasers). Within the guided media signal propagates in solid media (copper, fiber optics).
Copper media: UTP, STP ((un)shielded twisted pair).
What is packet sniffing?
A basic tool for observing the messages exchanged between executing protocol entitites. It caputers (“sniffs”) messages being sent/received from/by your computer, it will also typically store and/or display the contents of the various protocol fields in these caputres messages. A packet sniffer itself is passive. It observes messages being sent and received by applications and protocols running on your computer, but never sends packets itself. It also receives a copy of packets and not the actual packets.
Explain the structure of a packet sniffer.
First, the packet capture library received a copy of every link-layer frame that is sent from or received by your computer over a given interface (Ethernet, WiFi). Messages exchanged by higher layer protocols such as HTTP, FTP, TCP, UDP, DNS or IP all are eventually encapsulated in link-layer frames that are transmitted over physical media such as an Ethernet cable or an 802.11 WiFi radio.
The packet analyzer, which displays the content of all fields within a protocol message. In order to do so, the packet analyzer must “understand” the structure of all messages exchanged by protocols. The pakcet analyzer understands the format of Ethernet frames, and so can indentify the IP datagram withint an Ethernet frame. It also understands the IP datagram format, so that it can extract the TCP segment within the IP datagram. Finally, it understands the TCP segment structure, so it can extract the HTTP message contained in it.