IT 4 BLONDES

Beautiful women doing geeky stuff

NETWORKING BASICS

01/11/2012 Categories: Network
TCP/IP Networking for Developers - Steve Evans

URL changed to IP address through DNS server
network stack, firewall, web server and the other way around
ip 4 dots if i is not part of your sub-net mask it has to go through a default gateway
DNS turns URL to IP

ipconfig shows basic network info, IP, mask gateway
ipconfig/all gives more info if IP is 169.254.XXX means it cannot connect to DNS server

cmd nslookup enables to query on DNS name to get IP ex. of commands
nslookup www.wp.pl
exit
server (IPaddress) 234.XXX

DNS caching - all records are cached for some time
ipconfig /displayDNS shows all IP adresses

overwrite DNS by using a host file (system32)
you can map there IP to a concreat URL
record type a-record changes IP to URL

set type=NS command to search for a name server
google.com

set type=MX mail exchange

set type=CNAME canonical name or alias

set type=AAAA quada gives ipv 6


TTL - time to live, shows cache time - longer for top level domains

IP routing
cmd window

tracert onet.pl shows all the computers your connection goes through to get to the site you want and the timing

pathping onet.pl will give you more info


subnet mask consists of network XXX.XXX.XXX and node .XXX

0.0.0.0 stands for any IP address
127.anything which is 17.0.0.0 is always a local host
255.255.255.255 broadcast that doesn't cross router

route commend and route print to see netmask, gateway and so


NAT network address translation - that's what your wifi router does

private network ranges:
10.0.0.0/255.0.0.0
172.16.0.0/255.240.0.0
192.168.0.0/255.255.0.0

TCP TRANSMITION CONTROLE PROTOCOLE 

  • if on the way you lost some packages it will request them again
  • for http, mail and so on
 

UDP User Data Protocol

  • doesn't request missing packages because it doesn't check for a confirmation 
  • used for i.e. video call

For this reason, in your cmd window you can check only TCP and not UDP
telnet onet.pl 80 (port number standard for http)

mail servers (SMTP) issues banner message
mail on port 25


cmd
nmap -v does port scanning for us, it's a tool you have to download or you can use netstat (local network): the commend is -a
nmap -v name of computer it shows which ports are open to connect to


ICMP protocol is used by ping cmd


WIRESHARK

packet traffic with wireshark (a free open source tool that allows to capture all the traffic going over the net)

 

FIDDLER

free, http specified capture tool. You - can follow everything what is gong on when you are accessing website in settings you can ask to see https traffic decrypted
gives more detailed info about http you requested than wireshark, which is more general and registers everything you push through in all types of protocols