This post is a note of computer network key points and useful tools and is organized according to the TCP/IP model.
Link Layer
ARP
MAC
PPP
CSMA/CD
Misc
CAN Bus
Internet Layer
IP (Internet Protocol)
IP address is a 32 bit number represented by a grouping of 4 octets.
- 192.168.0.1
- In hex: c0 a8 00 01
CIDR
- Classless Inter-Domain Routing.
- Notation for talking about ranges of IP address.
- Rare to see 192.168.0.0 - 192.168.0.255.
- Instead you would see 192.168.0.0/24.
- Equevalant to matching a netmask of 255.255.255.0.
- value after the / is called the prefix length
- 0.0.0.0/8 = Class A
- 0.0.0.0/16 = Class B
- 0.0.0.0/24 = Class C
ICMP
RPC
A Request for Comments (RFC) is a formal document drafted by the Internet Engineering Task Force (IETF) that describes the specifications for a particular technology. When an RFC is ratified, it becomes a formal standards document.
RFCs were first used during the creation of the ARPANET (predecessor of Internet) protocols that came to establish what became today’s Internet. They continue to be issued on an ongoing basis as the technology underlying the Internet evolves.
Transport Layer
TCP
UDP
Application Layer
DNS
DNS resolves the network address to the IP address.
For linux, the local DNS server is in /etc/resolv.conf
DNS is a distributed and decentralized hierarchical database (organized by ICANN)
- root server -> 13 labeled A-M
- some of the root servers have mirrors all the over world
- Top Level Domain server
- com, org, edu
- Authoritative DNS server
- amazon.com, utexas.edu
nslookup xxx.com will show up the IP address of the network address.
whois provides more info about the IP from the whois database
dig similar to nslookup
nmap is a network exploration tool and security / port scanner
-Aaggressive, detect vulnerable,-OOS detection
Zmap is a network tool for scanning the entire Internet (or large samples).