Your SlideShare is downloading. ×
0
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Network Protocol Analysis
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Network Protocol Analysis

748

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
748
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
44
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. NETWORK PROTOCOL ANALYSIS<br />
  • 2. AMAK<br /><ul><li>A-> ANKITA (1MS07IS133)
  • 3. M-> MAYANK (1MS07IS047)
  • 4. A-> ANSHUJ (1MS07IS011)
  • 5. K-> KRISH (1MS07IS038)</li></li></ul><li>TABLE OF CONTENTS <br /><ul><li>Introduction to Network Protocol Analysis.
  • 6. IP Packet structure.
  • 7. TCP Segment
  • 8. Difference between different Network Protocol Analyzers.
  • 9. FIDDLER tool demo.</li></li></ul><li>INTRODUCTION<br /><ul><li>What is a protocol??</li></ul> A set of rules used by computers to communicate in a network.<br /><ul><li>What is network protocol Analysis??</li></ul> Process of decoding network protocol headers and trailers.<br />
  • 10. <ul><li>What is a network analyzer?</li></ul> Intercepts and logs traffic passing over a digital network.<br /><ul><li>A protocol analyzer is used to decode the protocols at each layer.
  • 11. What is packet sniffing?</li></ul> Illegal reading packets of data travelling through a network.<br /><ul><li>Packet Sniffing is difficult to detect.</li></li></ul><li>METHODS OF PACKET SNIFFING<br /><ul><li>IP SPOOFING</li></ul> Intercepts traffic in a network by taking on the IP address of another computer.<br /><ul><li>RAW TRANSMIT</li></ul> Abnormal traffic generation such as TCP SYN floods.<br />
  • 12. NETWORK LAYER<br /><ul><li>Data known as Packets.
  • 13. Header has logical address of source and destination.
  • 14. Checking routing table for routing information.</li></li></ul><li>IPv4 <br /><ul><li>Connectionless, unreliable.
  • 15. Can be Paired with TCP to enhance reliability.
  • 16. IP packet = Header + Data
  • 17. Max length= 216-1.</li></li></ul><li>IP PACKET STRUCTURE<br />Header<br />Data<br />
  • 18. <ul><li>VERSION: 4 bit
  • 19. HEADER LENGTH:
  • 20. 4 bits determine total number of 4 byte words in.
  • 21. Length between 20 to 60 Bytes.
  • 22. SERVICES:</li></ul>3 bit 4bit 1bit<br />
  • 23. <ul><li>Precedence bit:
  • 24. Ranges from 000-111.
  • 25. Some datagrams are more important than others.
  • 26. TYPES OF SERVICES(TOS): </li></li></ul><li><ul><li>TOTAL LENGTH:
  • 27. 16 bit.
  • 28. Size of data = total length- header length.
  • 29. IDENTIIFICATION:
  • 30. 16bit.
  • 31. Packet does’nt fit into frame.
  • 32. Assigned by the sender that helps in assembling the fragments.</li></li></ul><li><ul><li>FLAGS:
  • 33. 3 bit.
  • 34. FRAGMENT OFFSET:
  • 35. 13 bit, determines the position of the fragment in the datagram.
  • 36. First fragment has an offset zero.</li></ul>Don’t More<br />Fragment Fragment<br />
  • 37.
  • 38. <ul><li>TIME TO LIVE:
  • 39. 8 bit.
  • 40. Prevents packets from staying in the network after their use has expired.
  • 41. Used to destroy undelivered datagrams.
  • 42. PROTOCOL:
  • 43. 8 bit.
  • 44. Defines the protocol used like TCP and UDP for the data portions.</li></li></ul><li><ul><li>HEADER CHECKSUM:
  • 45. 16 bit.
  • 46. Value of the field is compared with the header checksum.
  • 47. SOURCE & DESTINATION ADDRESS:
  • 48. 32 bit IP address.
  • 49. Remains unchanged when packet travels from source to destination. </li></li></ul><li>TCP SEGMENT STRUCTURE<br /><ul><li>TCP is a core protocol in the TCP/IP suite.
  • 50. Transport layer protocol.
  • 51. Reliable transmission of data between processes.</li></li></ul><li><ul><li>TCP segment contains header and data sections.
  • 52. Header contains various fields which are:-
  • 53. 16-bit source and destination port address.
  • 54. 32-bit sequence number identifies the logical sequence of segment.
  • 55. 32-bit Acknowledgement number holds the sequence number of the next expected segment if ACK flag is set.
  • 56. 4-bit Data Offset indicates the header size.
  • 57. 6-bit reserved for future use.
  • 58. 6-bit flags for control.</li></li></ul><li><ul><li>16-bit window specifies the size of the receive window.
  • 59. 16-bit check sum to detect errors in header and data.
  • 60. 16-bit urgent pointer indicates the offset of last urgent data if URG flag is set.
  • 61. Variable size option field.
  • 62. Padding is a variable size field used to pack 0’s so the data starts from a bit position which is a multiple of 32.</li></li></ul><li>3-WAY HANDSHAKE<br />
  • 63. CONNECTION ESTABLISHMENT IN TCP<br /><ul><li>3-way handshake.
  • 64. Passive opening of port by server to allow service.
  • 65. Client sends SYN(synchronize) request to server.
  • 66. Server acknowledges by sending ACK-SYN.
  • 67. Client again responds with ACK
  • 68. Connection is now established.</li></li></ul><li>

×