Team members: Naveen Kumar Murgesh Kalyani Faculty Incharge: Rajaram Sir  NEW CREATERS
<ul><li>Network Protocol Analysis </li></ul>
INDEX: <ul><li>Title……………………………………………………3 </li></ul><ul><li>Abstract………………………………………..……..4 </li></ul><ul><li>What is Netwo...
ABSTRACT: <ul><li>Decode network protocol headers and trailers. </li></ul><ul><li>Understand the data and information insi...
WHAT IS NETWORK? <ul><li>Series of points or nodes interconnected by communication paths. </li></ul>
MOST COMMONLY USED NETWORK TOPOLOGIES ARE
<ul><li>The tool  Colasoft  Caspa is mainly employed to: </li></ul><ul><li>Analyze network problems </li></ul><ul><li>Gain...
<ul><li>Other than Caspa: </li></ul><ul><li>Carnivore </li></ul><ul><li>dSniff </li></ul><ul><li>Ettercap </li></ul><ul><l...
WHAT IS PROTOCOL? TYPES OF NETWORK PROTOCOLS <ul><li>Rules determining the format and transmission of data. </li></ul><ul>...
<ul><li>Continued…. </li></ul><ul><li>CLNP: connectionless network protocol. </li></ul><ul><li>IPsec: internet protocol se...
<ul><li>IPsec authentication header (AH) </li></ul><ul><li>AH provides authentication of contents of datagrams by adding h...
HOW  ICMP PROTOCOL WORKS??? <ul><li>Step 1: understanding the ICMP protocol </li></ul><ul><li>Can u imagine a world with n...
<ul><li>ICMP general operation </li></ul>
<ul><li>consider a  client host  A  sending a message to  server  host  B, </li></ul><ul><li>with a problem detected in th...
<ul><li>ICMP Message Classes </li></ul><ul><li>At the highest level, ICMP messages are divided into two classes: </li></ul...
<ul><li>ICMP Message Types: </li></ul><ul><li>Each individual kind of message in ICMP is given its own unique  Type  value...
Message Class Type Value Message Name Summary Description of Message Type Defining RFC Number ICMPv4 Error Messages 3 Dest...
ACKNOWLEDGMENT:  <ul><li>Firstly we would like to thank “Mydili Ma’am” for giving us a great opportunity to represent our ...
REFERENCES: <ul><li>http://www.youtube.com/watch?v=mn6A0Y5aroc </li></ul><ul><li>http://www.colasoft.com/help/Capsa6.9help...
<ul><li>Thank you… </li></ul><ul><li>Any Questions?   </li></ul>
Upcoming SlideShare
Loading in …5
×

New Creators

942 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
942
On SlideShare
0
From Embeds
0
Number of Embeds
26
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

New Creators

  1. 1. Team members: Naveen Kumar Murgesh Kalyani Faculty Incharge: Rajaram Sir NEW CREATERS
  2. 2. <ul><li>Network Protocol Analysis </li></ul>
  3. 3. INDEX: <ul><li>Title……………………………………………………3 </li></ul><ul><li>Abstract………………………………………..……..4 </li></ul><ul><li>What is Network…………………………………….5 </li></ul><ul><li>Types of Topology…………………………………...6 </li></ul><ul><li>The tool’s Utility…………………………………….7 </li></ul><ul><li>List of other tools……………………………………8 </li></ul><ul><li>What is Protocol? Types of Protocol………………9 </li></ul><ul><li>How ICMP Protocol works………………………..13 </li></ul><ul><li>ICMP General Operation…………………………15 </li></ul><ul><li>Acknowledgment…………………...…………...…19 </li></ul><ul><li>Reference…………………………………………….20 </li></ul>
  4. 4. ABSTRACT: <ul><li>Decode network protocol headers and trailers. </li></ul><ul><li>Understand the data and information inside the packet encapsulated by the protocol. (Dawn of the Net) </li></ul><ul><li>A brief intro on various protocol types. </li></ul><ul><li>Implementation via “Colasoft Caspa” tool. </li></ul>
  5. 5. WHAT IS NETWORK? <ul><li>Series of points or nodes interconnected by communication paths. </li></ul>
  6. 6. MOST COMMONLY USED NETWORK TOPOLOGIES ARE
  7. 7. <ul><li>The tool Colasoft Caspa is mainly employed to: </li></ul><ul><li>Analyze network problems </li></ul><ul><li>Gain information for effecting a network instruction </li></ul><ul><li>Monitor network usage </li></ul><ul><li>Gather and report network statistics </li></ul><ul><li>Filter suspect content from network traffic </li></ul><ul><li>Spy on network </li></ul><ul><li>Debug client/server communications </li></ul><ul><li>Debug network protocol implementations </li></ul>
  8. 8. <ul><li>Other than Caspa: </li></ul><ul><li>Carnivore </li></ul><ul><li>dSniff </li></ul><ul><li>Ettercap </li></ul><ul><li>Fluke Lanmeter </li></ul><ul><li>Microsoft Network Monitor </li></ul><ul><li>OPNET Technologies ACE Analyst </li></ul><ul><li>NetScout Sniffer Global Analyzer </li></ul><ul><li>NetScout Sniffer Portable Professional Analyzer </li></ul><ul><li>Network Instruments Observer </li></ul><ul><li>NetworkMiner packet analyzer </li></ul><ul><li>PacketTrap pt360 Tool Suite </li></ul><ul><li>snoop (part of Solaris ) </li></ul><ul><li>tcpdump </li></ul><ul><li>WildPackets OmniPeek (old name AiroPeek, EtherPeek) </li></ul><ul><li>Wireshark (formerly known as Ethereal) </li></ul><ul><li>NetworkActiv PIAFCTM </li></ul><ul><li>Cain and abel </li></ul><ul><li>Clarified Analyzer </li></ul>
  9. 9. WHAT IS PROTOCOL? TYPES OF NETWORK PROTOCOLS <ul><li>Rules determining the format and transmission of data. </li></ul><ul><li>There are mainly five network protocols: </li></ul><ul><li>IPv4: internet protocol version 4. </li></ul><ul><li>IPv6: internet protocol version 6 (next generation protocol). </li></ul><ul><li>Advantages of IPv6 over IPv4 </li></ul><ul><li>Large address space </li></ul><ul><li>Better header format </li></ul><ul><li>Provision for extension </li></ul><ul><li>Resource allocation (“flow label”) </li></ul><ul><li>Security features </li></ul>
  10. 10. <ul><li>Continued…. </li></ul><ul><li>CLNP: connectionless network protocol. </li></ul><ul><li>IPsec: internet protocol security,this enables encryption and authentication of every IP packet that moves in the data stream. </li></ul><ul><li>ICMP: internet control message protocol. </li></ul>
  11. 11. <ul><li>IPsec authentication header (AH) </li></ul><ul><li>AH provides authentication of contents of datagrams by adding header. </li></ul><ul><li>The calculation of header is based on values in datagram. </li></ul><ul><li>Operation of AH protocol: </li></ul><ul><li>Uses hashing algorithm & specific key </li></ul><ul><li>A security association between two devices is set up. </li></ul><ul><li>On tne source side AH performs computation, calculated result Integrity Check Value (ICV). </li></ul><ul><li>Puts the ICV into a special header with other fields for transmission. </li></ul><ul><li>Destination does the same calculation to retrieve data. </li></ul>
  12. 12.
  13. 13. HOW ICMP PROTOCOL WORKS??? <ul><li>Step 1: understanding the ICMP protocol </li></ul><ul><li>Can u imagine a world with no traffic signal no stop signal to control daily life? No right </li></ul><ul><li>Same way, just imagine internet without ICMP protocol, it will become unwieldy mess without it. </li></ul><ul><li>Step 2: what is ICMP and what it stands for? </li></ul><ul><li>well ICMP stands for “internet control message protocol”. </li></ul><ul><li>It is unheralded hero of the four core protocol. </li></ul>
  14. 14. <ul><li>ICMP general operation </li></ul>
  15. 15. <ul><li>consider a client host  A  sending a message to server  host  B, </li></ul><ul><li>with a problem detected in the datagram by  router   R3 . </li></ul><ul><li>Even if  R3  suspects that the problem was caused by one of the preceding routers that handled the message, such as  R2. </li></ul><ul><li>it  cannot  send a problem report to  R2 . It can only send an ICM </li></ul><ul><li>Because it is only  A 's address in the datagram. Thus,  R3   must send a problem report back to  A </li></ul><ul><li>and  A  must decide what to do with it. </li></ul><ul><li>Device  A  may decide to change the route it uses, or to generate an error report that an administrator can use to troubleshoot the  R2  router. P message back to host  A . </li></ul>
  16. 16. <ul><li>ICMP Message Classes </li></ul><ul><li>At the highest level, ICMP messages are divided into two classes: </li></ul><ul><li>Error Messages:  These messages are used to provide feedback to a source device about an error that has occurred. </li></ul><ul><li>Informational (or Query) Messages:  These are messages that are used to let devices exchange information, implement certain IP-related features, and perform testing. </li></ul>
  17. 17. <ul><li>ICMP Message Types: </li></ul><ul><li>Each individual kind of message in ICMP is given its own unique  Type  value, which is put into the field of that name in the ICMP common message format. </li></ul><ul><li>This field is 8 bits wide, so a theoretical maximum of 256 message types can be defined. </li></ul><ul><li>A separate set of  Type  values is maintained for each of ICMPv4 and ICMPv6. </li></ul><ul><li>In ICMPv4,  Type  values were assigned sequentially, to both error and informational messages, on a “FCFS” basis (sort of) </li></ul><ul><li>In IPv6,  errormessages  have  Type  values from 0 to 127, and informational messages have values from 128 to 255. </li></ul>
  18. 18. Message Class Type Value Message Name Summary Description of Message Type Defining RFC Number ICMPv4 Error Messages 3 Destination Unreachable Indicates that a datagram could not be delivered to its destination. 792 4 Source Quench Lets a congested IP device tell a device that is sending it datagram's . 792 5 Redirect Allows a  router  to inform a host of a better route to use for sending datagram's. 792 ICMPv4 Informational Messages (part 1 of 2) 0 Echo Reply Sent in reply to an  Echo . 792 8 Echo (Request) Sent by a device to test connectivity to another device on the internetwork. 792 9 Router Advertisement Used by routers to tell hosts of their existence and capabilities. 1256 ICMPv6 Error Messages 1 Destination Unreachable Indicates that a datagram could not be delivered to its destination.  2463 2 Packet Too Big Sent when a datagram cannot be forwarded . 2463 3 Time Exceeded Sent when a datagram has been discarded . 2463 ICMPv6 Informational Messages 128 Echo Request Sent by a device to test connectivity to another device on the internetwork. 2463 129 Echo Reply Sent in reply to an  Echo (Request)  message; used for testing connectivity. 2463
  19. 19. ACKNOWLEDGMENT: <ul><li>Firstly we would like to thank “Mydili Ma’am” for giving us a great opportunity to represent our skills. </li></ul><ul><li>Secondly to “Rajaram sir” who supported us in doing this project. </li></ul><ul><li>Thirdly to “All OUR DEAR FRIENDS” who listened to this seminar quietly. </li></ul>
  20. 20. REFERENCES: <ul><li>http://www.youtube.com/watch?v=mn6A0Y5aroc </li></ul><ul><li>http://www.colasoft.com/help/Capsa6.9help.html </li></ul><ul><li>http://www.javvin.com/protocolanalysis.html </li></ul><ul><li>http://www.chappellseminars.com/ </li></ul><ul><li>http://www.dodear.com/images/TorrentOperation.gif </li></ul>
  21. 21. <ul><li>Thank you… </li></ul><ul><li>Any Questions? </li></ul>

×