Time
7 hours 47 minutes
Difficulty
Advanced
CEU/CPE
10

Video Description

This lesson discusses more obscure aspects of networking and focuses specifically on:

  • TCP: Transmission Control Protocol

    • Connection-oriented
    • FTP; HTTP, SSH
    • Uses ports
  • UDP: user datagram protocol

    • Connectionless

      • TFTP
      • Uses ports
    • UDP: User datagram protocol

      • Connectionless
      • TFTP
      • Uses ports
    • ICMP: Internet Control Message Protocol

      • Error messages and controls for IP
      • Does not use ports

Video Transcription

00:04
Hello and welcome back. I hope you enjoy your break. And I hope you stop grabbed a cup of coffee because we're gonna be digging right back into some really
00:12
well known but at the same time, fairly obscure aspects of networking. This first part's going to be pretty straightforward, and it's gonna be something pretty much anybody could tell you if they're familiar with computers, but it's still going to be necessary for forming your actual foundation.
00:25
So let's begin again
00:27
hour discussing TCP, UDP and ICMP.
00:30
Now I see MPs I mentioned before actually only exists
00:34
at the networking layer. It's actually a lower level protocol than t severe UTV. However, it is more commonly used and thought of it. The same layer is TCP nudity,
00:43
So we're gonna go ahead and treat it like it is simply because it'll make it easier to discuss.
00:47
So we're gonna start out with T C P T. C. P is the transmission control protocol.
00:52
TCP is used for
00:54
pretty much everything you've ever done on the Internet,
00:56
his connection oriented as you see right here,
00:59
and it's devoted to
01:02
ensuring that data gets where data is supposed to go in the right order. So it's got lots of checks, lots of values that are designed to ensure that it's getting what it needs when it needs it.
01:11
As a result, TCP can be very, very noisy,
01:15
which can be a problem in pen testing scenario.
01:19
If you're using TCP and something gets lost or data gets muddled up,
01:23
it's going to resend all of that data as well as several checking
01:27
and various other control packets. It's a control protocol, and because of that,
01:34
it can be noticed much more easily
01:37
things that use it. Like I said http, which you know as the Internet
01:42
FTV,
01:42
which you also will probably have used whether you know it or not.
01:46
Essentially, that's how files generally get transferred on the Internet.
01:49
A lot of times when you download something, what you're actually going, whether it's actually doing is going to an FTP Lincoln yanking it down for you
01:56
and S H, which, if you've done any since admin work or if you're prepared for what we're about to be doing a little bit later, you will be using s age quite a bit. It's secure show. It's designed to communicate between computers on a textual level at a command prompt.
02:12
TCP, it should be noted, uses sports
02:15
any of the 65,535
02:19
ports there on your machine.
02:20
It could make yourself there are actually 6000 puppet,
02:23
6500
02:24
C 5536. There we go, but the zero port doesn't count for reasons we don't really need to worry about right now,
02:34
UDP,
02:35
which is the next protocol, is user data Graham Protocol. It is connection lists. It is not connection oriented, It does not have control packets, it doesn't have anything, and it's designed to ensure date arrives at the right time in the right order. What have you?
02:49
It's mainly used for data that weird we can afford to lose.
02:53
Most common example is streaming video,
02:57
but really anything that gets set out to a lot of people at a time. Anything that is multi cast and thrown out to the wind for anyone who wants to hear it is going to be you, tp for simple reason that if one person's connection fails, you don't want 50 people to have to wait for the re establishment and everything to work again.
03:14
Ah, the best example for me of UDP and the most commonly exam used example
03:20
in what we're about to be doing is T ftp, which is trivial file transfer protocol
03:23
that essentially says, Give me this data and I will trust that it's going to arrive correctly. It's not good for large items, and it's not good for actual companies or people who are trying to get lots of data moves correctly.
03:37
But it's pretty good for a hacker who needs things to be quiet.
03:39
You to be much like TCBY uses ports, and every one of the ports on your machine has the option of TCP or UDP, so they're actually twice as many ports is. You would think there are simply because each one can use both
03:52
protocols at the same time. Third protocol in the one that I mentioned doesn't actually exist in the same layers. It's the 1st 2 but operates in much the same way is ICMP.
04:00
ICMP is error messages and controls for I p.
04:03
It is designed for
04:05
when things go wrong, ICMP sends a message back to you that says, Hey, things went wrong in this way, Maybe the user wasn't. Or maybe the destination wasn't what you thought it was. Maybe you got the wrong port. Something to that effect came back. And this isn't working for me.
04:20
ICMP, it should be noted, does not use sports.
04:24
It specifically does not use port seven, which you'll see is the Echo Port. If you Google important ports,
04:29
I see if he does have an echo request, I could reply. But that is not the same thing.
04:32
That's a very important distinction because very often you'll see people try and ping port seven.
04:38
I simply doesn't use specific ports. It just pings a machine. And if the machine is there, it gets a reply,
04:44
hopefully.

Up Next

Post Exploitation Hacking

In this self-paced online training course, you will cover three main topics: Information Gathering, Backdooring and Covering Steps, how to use system specific tools to get general information, listener shells, metasploit and meterpreter scripting.

Instructed By

Instructor Profile Image
Joe Perry
Senior Technical Instructor at FireEye, Inc
Instructor