IP Address :
An IP (Internet Protocol)
address is a unique numerical identifier assigned to every device connected to
the internet. It enables communication between different devices over the internet.
An IP address is made up of
a series of numbers separated by dots, such as 192.168.1.1. The IP address is divided
into two parts: the network address and the host address. The network address
identifies the network to which the device belongs, while the host address
identifies the specific device on that network.
IP addresses are used to
route data packets from one device to another over the internet. When a device
wants to communicate with another device, it sends a data packet to the other device's
IP address. Routers on the internet use the IP address to determine the best
path for the data packet to reach its destination.
There are two types of IP addresses:
IPv4 and IPv6. IPv4 addresses are made up of 32 bits and are still the most
widely used, but they are running out as more and more devices connect to the
internet. IPv6 addresses are made up of 128 bits and were introduced to solve
the problem of running out of IPv4 addresses.
MAC Address :
Definition: A MAC address is a unique
identifier assigned to a network interface controller (NIC) for use as a
network address in communications within a network segment.
Purpose: The MAC address is used to identify devices
on a local network, such as a LAN or Wi-Fi network, and is essential for
network communication to occur.
Format: A MAC address is a 48-bit identifier represented
by 12 hexadecimal digits (0-9 and A-F), grouped in pairs separated by colons or
hyphens. For example, a MAC address may look like this: 00:1A:2B:3C:4D:5E.
Uniqueness: Each MAC address is supposed to be
globally unique, meaning no two devices on the planet should have the same MAC address.
This ensures that network communication is properly directed to the intended
device.
Assignment: MAC addresses are assigned by the
manufacturer of the network adapter and are permanently burned into the adapter's
firmware during production. This means that MAC addresses cannot be changed or
modified by users.
Functionality: When a device sends data on a network,
it includes its MAC address as the source address in the packet. When another
device receives the packet, it uses the MAC address to determine if the packet
is intended for it or not. If the packet is not intended for that device, it is
ignored. If it is intended for that device, the data is passed up to the
network layer for further processing.
- MAC address is related to switching
- If you want to know what device is what you can see MAC lookup
in google for the first 3 parts of that MAC address like this:
Screen clipping taken: 2/20/2023 11:12 PM
TCP (Transmission Control
Protocol):
- Connection-oriented:
TCP establishes a connection between the sender and receiver before
transmitting data.
- Reliable
data transfer: TCP ensures that all packets are delivered to the destination
in the correct order and without errors, by using acknowledgments and
retransmissions.
Screen clipping taken: 2/21/2023 12:05 AM
- Flow
control: TCP uses a sliding window mechanism to control the flow of data,
so that the sender does not overwhelm the receiver with too much data.
- Congestion
control: TCP monitors network congestion and adjusts its transmission rate
to prevent network congestion.
- Heavy overhead:
TCP has a relatively high overhead, due to the need for establishing and
maintaining connections, as well as error checking and retransmissions.
- Examples
of applications that use TCP: HTTP, FTP, Telnet, SSH, SMTP, and many
others.
UDP (User Datagram Protocol):
- Connectionless:
UDP does not establish a connection before transmitting data.
- Unreliable
data transfer: UDP does not guarantee that all packets will be delivered to
the destination, or in the correct order. It also does not provide error
checking or retransmissions.
- No
flow control: UDP does not control the flow of data, which means that the
sender can transmit data as fast as it wants, without regard for the receiver's
capacity to receive it.
- No congestion
control: UDP does not monitor network congestion, which means that it can
contribute to network congestion in some cases.
- Light overhead:
UDP has a relatively low overhead, due to the lack of connection
establishment, error checking, and retransmissions.
- Examples
of applications that use UDP: DNS, DHCP, VoIP, online gaming, and many others.
- In
summary, TCP is suitable for applications that require reliable,
error-free data transfer and for which some delay is acceptable, while
UDP is suitable for applications that require low overhead and fast data
transmission, but which can tolerate some data loss or delay.
Three Way Handshake:
The three-way handshake is a method used by
TCP (Transmission Control Protocol) to establish a connection between two
devices.
The first step is the SYN (synchronize)
packet, which is sent by the client to the server. This packet contains a
sequence number that is randomly generated by the client.
Client -> Server: SYN(seq=x)
The server responds with a SYN-ACK (synchronize-acknowledgement)
packet, which contains both an acknowledgment number (acknowledging the
client's sequence number) and a randomly generated sequence number of its own.
Client <- Server: SYN-ACK(seq=y, ack=x+1)
The final step is the ACK (acknowledgment)
packet, which is sent by the client to the server. This packet acknowledges the
server's sequence number.
Client -> Server: ACK(seq=x+1, ack=y+1)
At this point, the connection is established
and data can be transmitted between the two devices.
NOTE:UDP (User Datagram
Protocol) does not use a three-way handshake to establish a connection as it is
a connectionless protocol. Instead, data is simply sent from the client to the
server without any prior communication.
TCP Protocols:
1.
FTP (File Transfer Protocol) - port
20 (data) and port 21 (control) - Used to transfer files between hosts over the
internet. Port 21 is used for control messages, while port 20 is used for
actual data transfer.
2.
SSH (Secure Shell) - port 22 - Used
to provide secure, encrypted remote access to a host or device.
3.
Telnet - port 23 - A protocol used
to establish a remote terminal session with a host or device.
4.
SMTP (Simple Mail Transfer Protocol)
- port 25 - Used to transfer email messages between servers.
5.
HTTP (Hypertext Transfer Protocol)
- port 80 - Used to transfer web pages and other web-based content between
servers and clients.
6.
HTTPS (HTTP over SSL/TLS) - port
443 - Used for secure web communications that encrypt the data being transmitted.
7.
DNS (Domain Name System) - port 53
- Used to translate domain names into IP addresses.
8.
POP3 (Post Office Protocol version
3) - port 110 - Used to retrieve email messages from a server.
9.
IMAP (Internet Message Access Protocol)
- port 143 - Another protocol used to retrieve email messages from a server,
but with more advanced features than POP3.
10.
LDAP (Lightweight Directory Access
Protocol) - port 389 - Used to access and manage information in a directory
service, such as an organizational address book or contact list.
11.
SFTP (Secure File Transfer Protocol)
- port 22 - Used to securely transfer files between hosts over the internet,
similar to FTP but with added security features.
UDP Protocols:
- DNS (Domain Name System) - port 53 - Used
to translate domain names into IP addresses, similar to the TCP DNS
protocol.
- DHCP (Dynamic Host Configuration Protocol)
- port 67 (client) and port 68 (server) - Used to assign IP addresses and
other network configuration settings to devices on a network.
- TFTP (Trivial File Transfer Protocol) -
port 69 - Used for simple, lightweight file transfers over a network.
- SNMP (Simple Network Management Protocol) -
port 161 (agent) and port 162 (manager) - Used to manage and monitor
network devices, such as routers and switches.
- NTP (Network Time Protocol) - port 123 -
Used to synchronize the clocks of devices on a network with a central
time server.