January 21st, 2003, 04:10 PM
Awright, i'd been researching quite a bit on this myself, people it's a big topic, but i've tried to detail it in its entirety, just a try in vain. The links are very useful. Do try them.
The entire Net runs on a set of rules. Rules defining a technology are known as protocols. They serve as a guiding factor for the technology to build upon. The Internet runs on the TCP/IP protocol. So to know the working of the Net, we must learn the basics first. So let's start.
What Is TCP/IP?
TCP/IP refers to two network protocols (or methods of data transport) used on the Internet. They are Transmission Control Protocol and Internet Protocol, respectively. These network protocols belong to a larger collection of protocols, or a protocol suite. These are collectively referred to as the TCP/IP suite. Protocols within the TCP/IP suite work together to provide data transport on the Internet. In other words, these protocols provide nearly all services available to today's Net surfer. Some of those services include
Transmission of electronic mail.
Usenet news delivery.
Access to the World Wide Web.
There are two classes of protocol within the TCP/IP suite. Those two classes are
The network-level protocol.
The application-level protocol.
Network-level protocols manage the discrete mechanics of data transfer. These protocols are typically invisible to the user and operate deep beneath the surface of the system. For example, the IP protocol provides packet delivery of the information sent between the user and remote machines. It does this based on a variety of information, most notably the IP address of the two machines. Based on this and other information, IP guarantees that the information will be routed to its intended destination. Throughout this process, IP interacts with other network-level protocols engaged in data transport. Short of using network utilities (perhaps a sniffer or other device that reads IP datagrams), the user will never see IP's work on the system.
Conversely, application-level protocols are visible to the user in some measure. For example, File Transfer Protocol (FTP) is visible to the user. The user requests a connection to another machine to transfer a file, the connection is established, and the transfer begins. During the transfer, a portion of the exchange between the user's machine and the remote machine is visible (primarily error messages and status reports on the transfer itself, for example, how many bytes of the file have been transferred at any given moment). For the moment, this explanation will suffice: TCP/IP refers to a collection of protocols that facilitate communication between machines over the Internet (or other networks running TCP/IP).
How Does TCP/IP Work?
TCP/IP operates through the use of a protocol stack. This stack is the sum total of all protocols necessary to complete a single transfer of data between two machines. (It is also the path that data takes to get out of one machine and into another.) The stack is broken into layers, five of which are of concern here. To grasp this layer concept, examine the figure.
The TCP/IP stack. After data has passed through the process illustrated in figure, it travels to its destination on another machine or network. There, the process is executed in reverse (the data first meets the physical layer and subsequently travels its way up the stack). Throughout this process, a complex system of error checking is employed both on the originating and destination machine. Each layer of the stack can send data to and receive data from its adjoining layer. Each layer is also associated with multiple protocols. At each tier of the stack, these protocols are hard at work, providing the user with various services.
Study of TCP/IP is a vast topic and naturally is impossible to cover in one lecture. So I will cover in depth in parts. Knowledge of TCP/IP is necessary to understand the concept of ports, sniffers, scanners and herein lies the fundamental concepts of Internet security
Glossary of TCP/IP terms :
IP: Internet Protocol. The lowest layer protocol defined in TCP/IP. This is the base layer on which all other protocols mentioned herein are built. IP is often referred to as TCP/IP as well.
UDP: User Datagram Protocol. This is a connectionless protocol built on top of IP. It does not provide any guarantees on the ordering or delivery of messages. This protocol is layered on top of IP. Known as younger brother of TCP
TCP: Transmission Control Protocol. TCP is a connection oriented protocol that guarantees that messages are delivered in the order in which they were sent and that all messages are delivered. If a TCP connection cannot deliver a message it closes the connection and informs the entity that created it. This protocol is layered on top
ICMP: Internet Control Message Protocol. ICMP is used for diagnostics in the network. The Unix program, ping, uses ICMP messages to detect the status of other hosts in the net. ICMP messages can either be queries (in the case of ping) or error reports, such as when a network is unreachable.
RFC: Request For Comment. RFCs are documents that define the protocols used in the IP Internet. Some are only suggestions, some are even jokes, and others are published standards. Several sites in the Internet store RFCs and make them available for anonymous ftp.
SLIP: Serial Line IP. An implementation of IP for use over a serial link (modem). CSLIP is an optimized (compressed) version of SLIP that gives better throughput.
Bandwidth: The amount of data that can be pushed through a link in unit time. Usually measured in bits or bytes per second.
Latency: The amount of time that a message spends in a network going from point A to point B.
Jitter: The effect seen when latency is not a constant. That is, if messages experience a different latencies between two points in a network.
RPC: Remote Procedure Call. RPC is a method of making network access to resource transparent to the application programmer by supplying a "stub" routine that is called in the same way as a regular procedure call. The stub actually performs the call across the network to another computer.
Marshalling: The process of taking arbitrary data (characters, integers, structures) and packing them up for transmission across a network.
MBONE: A virtual network that is a Multicast backbone. It is still a research prototype, but it extends through most of the core of the Internet (including North America, Europe, and Australia). It uses IP Multicasting which is defined in RFC-1112. An MBONE FAQ is available via anonymous ftp from: ftp.isi.edu" There are frequent broadcasts of multimedia programs (audio and low bandwidth video) over the MBONE. Though the MBONE is used for mutlicasting, the long haul parts of the MBONE use point-to-point connections through unicast tunnels to connect the various multicast networks worldwide.
TCP/IP Tutorial and Technical Overview 1
Tutorial and Technical Overview 2
A TCP/IP forum
Advanced TCP/IP Stripped
How to configure an advanced TCP/IP
Advanced TCP/IP secrets
Advanced TCP/IP Tips and Practices
Big resource List 1
Big Resource List 2
Err..that's a P.H.D. on TCP/IP
\"I have a 386 Pentium.\"
January 21st, 2003, 10:05 PM
Nice tutorial. Already printed it out.
January 22nd, 2003, 01:22 AM
Didn't I read this in Maximum Security? Oh wait.... http://docs.rinet.ru:8083/LomamVse/ch06/ch06.htm
Speaking of which.. if you haven't read the book, it is available online at http://docs.rinet.ru:8083/LomamVse/index.htm
And I'll be damned if the glossary doesn't look just like http://www.indianest.com/computing/security/003.htm
\"Ignorance is bliss....
but only for your enemy\"
January 22nd, 2003, 02:01 AM
Old information...widely available. Watch your posts, please.
January 22nd, 2003, 03:21 AM
Ususlly when you post a tutorial, you write it yourself man, now its good your learning this, but if your going to post a tutorial you should honestly write it from your own brain.
January 22nd, 2003, 02:10 PM
Too bad, i realize that it skipped my mind, the fact that this might not have been eligible for the tutorials forum, but of course, i didnt know that this was copying haha, real joke guys.
Please anybody point out to me where in the whole of the post have i written that even one word is mine. As posted by souleman, i copied from here and there and where not ?
Dear souleman, i've given links to everywhere. And when i quote text, i hope you know what quote means. It means that it is not original, that im quoting someone. And at the beginning of my post, i have stated that this is a result of some research that i did. Again, i could have shifted it to another forum because i didnt realize that i went wrong at this point.
But i must confess, it's really sad to see the state of AO, it looks more like a stress reliever for people who want to vent out their anger at others with negs.
Once more, it doesnt make a difference to me guys, i have said so many times.
All it takes is another 10 minutes. I wouldnt even want to waste that, because people like you just know how to let down others, and arguably, not appreciate what others do.
Or just, maybe, you dont have your grammar good enough to read what i have written.
It's okay, i tend to forgive most of the times.
Take care everyone, this might be the last post. ( er..from this ID )
Because i like some people here so much that it couldnt occur to me that i'd leave this website, just maybe another ID, another day. errr..that's all.
Edit Edit : wait wait, just want to add some humour to this post.
TCP/IP Unleashed - plagurism. ( didnt even know how to spell it. )
TCP/IP Unleashed - if this TCP/IP research isn't yours you should have posted the source of your info ( wow great, i didnt know links are always original )
TCP/IP Unleashed - One word: Google. ( wow i never knew )
TCP/IP Unleashed - do not rip whole sections of ebook to make a tut, be orginal
( errr...rip ? whoa, which ebook ? i would want to read )
TCP/IP Unleashed - read the FAQ for this forum. NO cut&paste! original stuff only!
( ok sir )
TCP/IP Unleashed - Don't claim tuorials you didn't write ( i'll think about it )
TCP/IP Unleashed - Don't do anything in vain. Like now. You're trying to save your negged ass. In vain. ( hahaa, come on, once more, i like that )
TCP/IP Unleashed - I approve but sorry, i can't give any real AP's yet
( err..that's okay buddy, i dont mind )
lol, the moral of the story is, ive finally learnt something from Negative.
( how to flame )
\"I have a 386 Pentium.\"
January 22nd, 2003, 02:20 PM
Here is the tutorial's forum: http://www.antionline.com/forumdisplay.php?forumid=59
Everyone should look through this forum and see exactly how many of these tutorials were written by the one who posted them... Just an idea- i'm not taking an sides ;-)
yeah, I\'m gonna need that by friday...
January 22nd, 2003, 02:29 PM
Tampabay is right, if he'd take a side, he'd get negged from another side.
You want to see an example ? Alright here :
The post by this guy Anirudh here :
and the post by instronics here :
both have the same content, i'm sure we dont look for language on AO, but this guy has got negs and instronics positives. Sorry instronics, but i got this example quickly in my mind when i looked at the post today. I've got some racial comments also on my AP center, which is really, f*** whatever, there's no point in writing, you can't change people who dont want to.
\"I have a 386 Pentium.\"