Network Protocol Analysis
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,142
On Slideshare
1,137
From Embeds
5
Number of Embeds
2

Actions

Shares
Downloads
42
Comments
0
Likes
0

Embeds 5

http://networkjourney.wordpress.com 4
http://www.slideshare.net 1

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. NETWORK PROTOCOL ANALYSIS
  • 2. AMAK
    • A-> ANKITA (1MS07IS133)
    • 3. M-> MAYANK (1MS07IS047)
    • 4. A-> ANSHUJ (1MS07IS011)
    • 5. K-> KRISH (1MS07IS038)
  • TABLE OF CONTENTS
    • Introduction to Network Protocol Analysis.
    • 6. IP Packet structure.
    • 7. TCP Segment
    • 8. Difference between different Network Protocol Analyzers.
    • 9. FIDDLER tool demo.
  • INTRODUCTION
    • What is a protocol??
    A set of rules used by computers to communicate in a network.
    • What is network protocol Analysis??
    Process of decoding network protocol headers and trailers.
  • 10.
    • What is a network analyzer?
    Intercepts and logs traffic passing over a digital network.
    • A protocol analyzer is used to decode the protocols at each layer.
    • 11. What is packet sniffing?
    Illegal reading packets of data travelling through a network.
    • Packet Sniffing is difficult to detect.
  • METHODS OF PACKET SNIFFING
    • IP SPOOFING
    Intercepts traffic in a network by taking on the IP address of another computer.
    • RAW TRANSMIT
    Abnormal traffic generation such as TCP SYN floods.
  • 12. NETWORK LAYER
    • Data known as Packets.
    • 13. Header has logical address of source and destination.
    • 14. Checking routing table for routing information.
  • IPv4
    • Connectionless, unreliable.
    • 15. Can be Paired with TCP to enhance reliability.
    • 16. IP packet = Header + Data
    • 17. Max length= 216-1.
  • IP PACKET STRUCTURE
    Header
    Data
  • 18.
    • VERSION: 4 bit
    • 19. HEADER LENGTH:
    • 20. 4 bits determine total number of 4 byte words in.
    • 21. Length between 20 to 60 Bytes.
    • 22. SERVICES:
    3 bit 4bit 1bit
  • 23.
    • Precedence bit:
    • 24. Ranges from 000-111.
    • 25. Some datagrams are more important than others.
    • 26. TYPES OF SERVICES(TOS):
    • TOTAL LENGTH:
    • 27. 16 bit.
    • 28. Size of data = total length- header length.
    • 29. IDENTIIFICATION:
    • 30. 16bit.
    • 31. Packet does’nt fit into frame.
    • 32. Assigned by the sender that helps in assembling the fragments.
    • FLAGS:
    • 33. 3 bit.
    • 34. FRAGMENT OFFSET:
    • 35. 13 bit, determines the position of the fragment in the datagram.
    • 36. First fragment has an offset zero.
    Don’t More
    Fragment Fragment
  • 37.
  • 38.
    • TIME TO LIVE:
    • 39. 8 bit.
    • 40. Prevents packets from staying in the network after their use has expired.
    • 41. Used to destroy undelivered datagrams.
    • 42. PROTOCOL:
    • 43. 8 bit.
    • 44. Defines the protocol used like TCP and UDP for the data portions.
    • HEADER CHECKSUM:
    • 45. 16 bit.
    • 46. Value of the field is compared with the header checksum.
    • 47. SOURCE & DESTINATION ADDRESS:
    • 48. 32 bit IP address.
    • 49. Remains unchanged when packet travels from source to destination.
  • TCP SEGMENT STRUCTURE
    • TCP is a core protocol in the TCP/IP suite.
    • 50. Transport layer protocol.
    • 51. Reliable transmission of data between processes.
    • TCP segment contains header and data sections.
    • 52. Header contains various fields which are:-
    • 53. 16-bit source and destination port address.
    • 54. 32-bit sequence number identifies the logical sequence of segment.
    • 55. 32-bit Acknowledgement number holds the sequence number of the next expected segment if ACK flag is set.
    • 56. 4-bit Data Offset indicates the header size.
    • 57. 6-bit reserved for future use.
    • 58. 6-bit flags for control.
    • 16-bit window specifies the size of the receive window.
    • 59. 16-bit check sum to detect errors in header and data.
    • 60. 16-bit urgent pointer indicates the offset of last urgent data if URG flag is set.
    • 61. Variable size option field.
    • 62. Padding is a variable size field used to pack 0’s so the data starts from a bit position which is a multiple of 32.
  • 3-WAY HANDSHAKE
  • 63. CONNECTION ESTABLISHMENT IN TCP
    • 3-way handshake.
    • 64. Passive opening of port by server to allow service.
    • 65. Client sends SYN(synchronize) request to server.
    • 66. Server acknowledges by sending ACK-SYN.
    • 67. Client again responds with ACK
    • 68. Connection is now established.