Understanding Packets and Networking Protocols

Sep 18, 2024

TryHackMe Video: Packets and Frames Lecture

Introduction

  • Host: John
  • Topic: Understanding how data is divided and transmitted across networks
  • Focus: Packets and frames, OSI model, TCP/IP model

Task 1: What are Packets and Frames?

  • Packets and Frames

    • Small pieces of data forming a larger message
    • Differ in the OSI model
    • Frames are at Layer 2, Data Link Layer (no IP address info)
    • Packets contain IP address information (Layer 3 and above)

  • Encapsulation

    • Think of an envelope inside another
    • Outer envelope = Packet, Inner envelope = Frame
    • Process of adding headers to data at each OSI layer
    • Encapsulation adds, de-encapsulation removes

Task 2: TCP/IP and the Three-Way Handshake

  • TCP (Transmission Control Protocol)

    • Connection-based protocol
    • Ensures data is received accurately
    • Involves a three-way handshake to establish connections

  • Three-Way Handshake

    1. SYN - Client sends a synchronize packet
    2. SYN ACK - Server acknowledges synchronization
    3. ACK - Client acknowledges receipt, connection established

  • TCP Packet Structure

    • Headers: Source Port, Destination Port, Source IP, Destination IP
    • Sequence and Acknowledgement numbers
    • Checksum: Ensures data integrity
    • Flags: Control how packets are handled

Task 3: Practical Handshake

  • Reassembling TCP handshake
  • Key steps: SYN, SYN ACK, ACK, Data transfer, FIN, FIN ACK, Connection close

Task 4: UDP/IP

  • UDP (User Datagram Protocol)

    • Stateless protocol
    • No handshake, less overhead
    • Lacks data integrity checks of TCP

  • UDP Packet Structure

    • Similar fields to TCP but simpler
    • No sequence or acknowledgement numbers

Task 5: Ports 101

  • Ports

    • Communication endpoints, range 0-65535
    • Standard ports for specific protocols

  • Common Protocols and Ports

    • FTP (21), SSH (22), HTTP (80), HTTPS (443)
    • SMB (445), RDP (3389)

  • Port Usage

    • Standard ports ensure consistent communication
    • Can customize ports but requires explicit addressing

Conclusion

  • Overview of networking protocols and communication methods
  • Encouragement to continue learning with TryHackMe resources

Key Takeaways

  • Packets contain IP information, frames do not
  • TCP uses a three-way handshake for reliable communication
  • UDP is faster, less reliable due to lack of connection state
  • Familiarity with standard ports is crucial in networking
  • Practical lab exercises reinforce theoretical knowledge