Networks and TCP/IPTransport ProtocolsTCPTCP – Transmission Control ProtocolSlide 5TCP HeaderUDP HeaderPorts – What and Why are They?PortsCommon PortsHandy ToolsPingSlide 13Ping – Windows exampleTrace RouteTrace Route ExamplesSlide 17Hardware SupportHub, Switch, Router, Bridge, Repeater?HubSwitchRouterGatewayBridgeProxy ServerCaching Proxy ServerWeb ProxyAnonymizing Proxy ServerHostile ProxyIntercepting Proxy ServerTransparent and Non-transparent Proxy ServersForce ProxyOpen Proxy ServerSplit Proxy ServerReverse Proxy ServerNATNetworks and TCP/IPPart 2Transport ProtocolsTCP vs. UDPTCPTransmission Control ProtocolMore complicatedEnsures deliveryUDPUser Datagram ProtocolSimpler protocolDelivery not guaranteedOthersDCCPDatagram Congestion Control ProtocolSCTPStream Control Transmission ProtocolTCPTransmission Control ProtocolTCP – Transmission Control ProtocolHow data is transmitted between addressesData broken into packetsNumberedEach packet sent most “practical” way at that momentTrafficFailuresEtc.Reassembled at destinationTCPTCP adds a great deal of functionality to the IP service it is layered over: Streams. TCP data is organized as a stream of bytes, much like a file. The datagram nature of the network is concealed. A mechanism (the Urgent Pointer) exists to let out-of-band data be specially flagged. Reliable delivery. Sequence numbers are used to coordinate which data has been transmitted and received. TCP will arrange for retransmission if it determines that data has been lost. Network adaptation. TCP will dynamically learn the delay characteristics of a network and adjust its operation to maximize throughput without overloading the network. Flow control. TCP manages data buffers, and coordinates traffic so its buffers will never overflow. Fast senders will be stopped periodically to keep up with slower receivers.TCP Header TCP Header Format 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Acknowledgment Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data | |U|A|P|R|S|F| | | Offset| Reserved |R|C|S|S|Y|I| Window | | | |G|K|H|T|N|N| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | Urgent Pointer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | data | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+UDP Header 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data... +-+-+-+-+-+-+-+-+-+-+-+-+-Ports – What and Why are They?Typically:There is only one network access point to the internetMultiple systems and programs want to access the internetHow do programs and systems keep their conversations straight?PortsAn extra fieldAdded to the end of the IP address16 bits  65536 valuesE.g. 192.168.1.2:8080Denotes which applicationNot all transport layers use portsTCP and UPD doICMP does notCommon PortsPort # CommonProtocol Service Port # CommonProtocol Service 7 TCP echo 80 TCP http 9 TCP discard 110 TCP pop3 13 TCP daytime 111 TCP sunrpc 19 TCP chargen 119 TCP nntp 20 TCP ftp-control 123 UDP ntp 21 TCP ftp-data 137 UDP netbios-ns 23 TCP telnet 138 UDP netbios-dgm 25 TCP smtp 139 TCP netbios-ssn 37 UDP time 143 TCP imap 43 TCP whois 161 UDP snmp 53 TCP/UDP dns 162 UDP snmp-trap 67 UDP bootps 179 TCP bgp 68 UDP bootpc 443 TCP https (http/ssl) 69 UDP tftp 520 UDP rip 70 TCP gopher 1080 TCP socks 79 TCP finger 33434 UDP tracerouteHandy ToolsPingAnswers the age old question: Is anybody out there?To use:ping 152.15.95.88Returns if found:Reply from 152.15.95.88: bytes=32 time<1ms TTL=63Confirms addressBytes sentHow long it tookTime To LiveIf not found:Request timed outCaution:Some systems will ping forever until command is terminated with something like a Ctrl-CLinux, Unix, Mac OSSome systems will not echo failed pings until command is terminatedPingMany sites will no longer answer a ping requestUses echo requestWorry it can be used by worms for reconnaissanceCan be used for DDoS attacksPing – Windows exampleExecuted: ping ctc.netNote the address can be an IP address or a DNS nameReplied it was pinging 166.82.1.97Time it took to echo (23-36 ms)TTL (Time To Live) of 122How many hops left before packet expiresRecommended default starting TTL is now 64Can be up to 255 Different systems have different defaultsC:\>ping ctc.netPinging ctc.net [166.82.1.97] with 32 bytes of data:Reply from 166.82.1.97: bytes=32 time=24ms TTL=122Reply from 166.82.1.97: bytes=32 time=23ms TTL=122Reply from 166.82.1.97: bytes=32 time=23ms TTL=122Reply from 166.82.1.97: bytes=32 time=36ms TTL=122Ping statistics for 166.82.1.97: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 23ms, Maximum = 36ms, Average = 26msTrace Route“Pings” and reports the paths takenWindows: tracert [options] target_nameLinux:traceroute [options] hostTrace Route ExamplesC:\>tracert google.comTracing route to google.com