Hello and welcome back. I hope you enjoy your break. And I hope you stop grabbed a cup of coffee because we're gonna be digging right back into some really
well known but at the same time, fairly obscure aspects of networking. This first part's going to be pretty straightforward, and it's gonna be something pretty much anybody could tell you if they're familiar with computers, but it's still going to be necessary for forming your actual foundation.
So let's begin again
hour discussing TCP, UDP and ICMP.
Now I see MPs I mentioned before actually only exists
at the networking layer. It's actually a lower level protocol than t severe UTV. However, it is more commonly used and thought of it. The same layer is TCP nudity,
So we're gonna go ahead and treat it like it is simply because it'll make it easier to discuss.
So we're gonna start out with T C P T. C. P is the transmission control protocol.
pretty much everything you've ever done on the Internet,
his connection oriented as you see right here,
ensuring that data gets where data is supposed to go in the right order. So it's got lots of checks, lots of values that are designed to ensure that it's getting what it needs when it needs it.
As a result, TCP can be very, very noisy,
which can be a problem in pen testing scenario.
If you're using TCP and something gets lost or data gets muddled up,
it's going to resend all of that data as well as several checking
and various other control packets. It's a control protocol, and because of that,
it can be noticed much more easily
things that use it. Like I said http, which you know as the Internet
which you also will probably have used whether you know it or not.
Essentially, that's how files generally get transferred on the Internet.
A lot of times when you download something, what you're actually going, whether it's actually doing is going to an FTP Lincoln yanking it down for you
and S H, which, if you've done any since admin work or if you're prepared for what we're about to be doing a little bit later, you will be using s age quite a bit. It's secure show. It's designed to communicate between computers on a textual level at a command prompt.
TCP, it should be noted, uses sports
ports there on your machine.
It could make yourself there are actually 6000 puppet,
C 5536. There we go, but the zero port doesn't count for reasons we don't really need to worry about right now,
which is the next protocol, is user data Graham Protocol. It is connection lists. It is not connection oriented, It does not have control packets, it doesn't have anything, and it's designed to ensure date arrives at the right time in the right order. What have you?
It's mainly used for data that weird we can afford to lose.
Most common example is streaming video,
but really anything that gets set out to a lot of people at a time. Anything that is multi cast and thrown out to the wind for anyone who wants to hear it is going to be you, tp for simple reason that if one person's connection fails, you don't want 50 people to have to wait for the re establishment and everything to work again.
Ah, the best example for me of UDP and the most commonly exam used example
in what we're about to be doing is T ftp, which is trivial file transfer protocol
that essentially says, Give me this data and I will trust that it's going to arrive correctly. It's not good for large items, and it's not good for actual companies or people who are trying to get lots of data moves correctly.
But it's pretty good for a hacker who needs things to be quiet.
You to be much like TCBY uses ports, and every one of the ports on your machine has the option of TCP or UDP, so they're actually twice as many ports is. You would think there are simply because each one can use both
protocols at the same time. Third protocol in the one that I mentioned doesn't actually exist in the same layers. It's the 1st 2 but operates in much the same way is ICMP.
ICMP is error messages and controls for I p.
when things go wrong, ICMP sends a message back to you that says, Hey, things went wrong in this way, Maybe the user wasn't. Or maybe the destination wasn't what you thought it was. Maybe you got the wrong port. Something to that effect came back. And this isn't working for me.
ICMP, it should be noted, does not use sports.
It specifically does not use port seven, which you'll see is the Echo Port. If you Google important ports,
I see if he does have an echo request, I could reply. But that is not the same thing.
That's a very important distinction because very often you'll see people try and ping port seven.
I simply doesn't use specific ports. It just pings a machine. And if the machine is there, it gets a reply,