• Transmission Control Protocol (TCP):
○ TCP makes sure that the data goes to destination in a reliable manner
○ TCP sends data b/w ports which range from 0 to 65535
§ Ports from 1- 1023 are called Standard Ports. These can be Port 80 for HTTP
§ Ports 1024- 65535 are called ephimeral ports. These are randomly selected when a device needs to find an open port. Both the destination and the client need to know what port the other one is listening on to be able to transmit data between them
○ TCP communications start with a handshake to ensure both source and destination are up and ready to communicate. It checks the open port and send the sequence number so that the data is sent reliably.
○ To establish a TCP session the sending and receiving TCP applications us a process called the three way handshake.
STEP 1 - The sender send a SYN packet to begin establishment of the session. It waits
STEP 2 - The receiver replies with an ACK packet to acknowledge the SYN that it received and also sends a SYN packet.
STEP 3 - The sender sends an ACK to acknowledge receipt of the SYN from the receiver.
The connection is now set up and data transfer can commence.
○ Now to terminate a connection you can do it the graceful way which is a four way process. Lets assume that the sender is finished with data transmission and now wants to end the session, similar to logging off an application.
STEP 1 - The sender sends a FIN packet and waits for a reply
STEP 2 - The receiver send and ACK packet
STEP 3 - The receiver also sends a FIN packet
STEP 4 - The sender sends an ACK packet and the session is closed.
○ You can also do an abrupt termination by just sending a RST packet from either sender or transmitter and the session ends abruptly. For example if you are using telnet CTRL-D will send a RST to close the session.
○ In Wireshark,
§
§
§ Second, we have Destination Port to where the packet will be transmitted
§ Next, we have the Sequence Number makes sure that none of the TCP segments are missing and it shows the current segement no.
§ Acknowledgement Number is the sequence number of the next packet
§ Flags are after this and they can be:
□ URG for Urgent
□ PSH for push
□ RST for Reset. If the connection is halted all of a sudden by accident, then TCP will reset the connection and stop all communications
□ SYN
□ FIN for finished
(Here, we have a FIN, ACK packet going on, so we know that this is a packet that includes acknowledgement. Also, because FIN=1, it means that it is also a finishing packet)
§ Below Flag, we have the Window Size. Window Size is the size of the TCP receiver buffer (in bytes).
§ After that, we have the Checksum
• User datagram Protocol (UDP):
○ It is a connectionless protocol used for faster transmissions
○ It does not have a start handshake and a cutoff handshake like TCP. Because of this, it helps other protocols transfer data at a much faster pace
○ In Wireshark,
§
○ It has 4 parts:
§ Source Port (here: 33233)
§ Destination port (here: 59329)
§ Length (in bytes)
§ Checksum
No comments:
Post a Comment