Lab Preperation CN
Lab Preperation CN
What is an IP Address?
An IP address (Internet Protocol address) is a unique numerical label assigned to each device connected
to a computer network that uses the Internet Protocol to communicate. It's used to identify and address
devices on a network.
Types of IP Addresses:
1. Public IP Address: A public IP address is an IP address that is accessible from the internet. It's assigned
to a device by an Internet Service Provider (ISP) and is unique to that device.
2. Private IP Address: A private IP address is an IP address that is not accessible from the internet. It's
used within a private network, such as a home or office network, to identify devices.
1. Static IP Address: A static IP address is an IP address that is manually assigned to a device and remains
constant.
What is NAT?
NAT (Network Address Translation) is a technique used to allow multiple devices on a private network to
share a single public IP address when accessing the internet. NAT translates the private IP addresses of
devices on the network to the public IP address.
What is DHCP?
DHCP (Dynamic Host Configuration Protocol) is a protocol used to automatically assign IP addresses and
other network settings to devices on a network. DHCP allows devices to obtain an IP address
dynamically, rather than having a static IP address assigned manually.
| Accessibility | Accessible from the internet | Not accessible from the internet |
✔ Best for Servers: Used for hosting websites, VPNs, and remote access.
Dynamic IP Address
✔ Less Reliable for Hosting: Not ideal for servers or remote access.
What is a Port?
A port is a virtual communication endpoint used to identify specific processes or services in a network.
It helps computers distinguish between different types of traffic, like web browsing, email, or file
transfers.
Ports work alongside IP addresses to ensure proper data transmission across the internet or networks.
Port:
A port is a logical endpoint for communication between devices on a network. Ports are identified by a
16-bit number, ranging from 0 to 65535.
What is a Protocol?
A protocol is a set of rules and standards that govern how devices communicate with each other over a
network. Protocols define the format, timing, and error detection and correction mechanisms for data
exchange. Examples of protocols include HTTP (Hypertext Transfer Protocol), FTP (File Transfer
Protocol), and TCP/IP (Transmission Control Protocol/Internet Protocol).
1. Header: Contains control information, such as source and destination IP addresses, packet sequence
number, and error-checking data.
1. Efficient use of bandwidth: Packets allow multiple devices to share the same communication channel,
increasing bandwidth efficiency.
2. Error detection and correction: Packets contain error-checking data, which enables devices to detect
and correct errors that occur during transmission.
3. Flexibility and scalability: Packet switching allows networks to easily add or remove devices, making it
a scalable solution.
4. Reliability: Packets can be retransmitted if they are lost or corrupted during transmission, ensuring
reliable data transfer.
5. Improved network congestion control: Packet switching helps prevent network congestion by
allowing devices to transmit packets at different times.
In summary, protocols define the rules for network communication, while packets are the small units of
data that are transmitted over the network. Sending data in packets offers numerous advantages,
including efficient bandwidth use, error detection and correction, flexibility, reliability, and improved
network congestion control.
Wireshark:
Wireshark is a free and open-source network protocol analyzer that captures and displays network
traffic in real-time. It's used to troubleshoot network issues, analyze network security, and debug
network protocols.
Capturing:
Capturing refers to the process of collecting network traffic data using Wireshark. This can be done by:
Analyzing refers to the process of examining and interpreting the captured network traffic data using
Wireshark. This can involve:
HTTP is a protocol used for transferring data over the web. It's typically used for:
HTTPS is an extension of HTTP that adds an extra layer of security by encrypting data in transit. It's
typically used for:
HTTP (HyperText Transfer Protocol): Data is transferred in plain text, making it vulnerable to hacking.
HTTPS (HyperText Transfer Protocol Secure): Encrypts data using SSL/TLS, providing secure
communication and protecting sensitive information like passwords and credit card details.
Websites with HTTPS are more secure, trusted by browsers, and improve SEO rankings.
source is the laptop destination is the server and then vice versa
TCP Handshake:
A TCP handshake is a three-step process that establishes a connection between two devices on a
network, ensuring reliable and error-free communication.
SYN (Synchronize):
A SYN packet is the first packet sent by a client to initiate a connection with a server, containing the
client's IP address, port number, and sequence number.
SYN-ACK (Synchronize-Acknowledgment):
A SYN-ACK packet is the server's response to the client's SYN packet, acknowledging the client's request,
sending its own sequence number, and acknowledging the client's maximum segment size.
ACK (Acknowledgment):
An ACK packet is the client's response to the server's SYN-ACK packet, completing the handshake
process and establishing the connection.
Connection-Oriented:
Reliable:
A reliable protocol ensures that data is delivered in the correct order, without errors or loss.
Error-Checked:
An error-checked protocol detects and corrects errors that occur during transmission, ensuring data
integrity.
LAB02 CONTENTS:
OSI LAYERS
- Protocols:
- Functions: Defines physical means of data transmission (cable specifications, wireless transmission,
etc.)
- Protocols:
- Ethernet (IEEE 802.3)
- Functions: Provides error-free transfer of data frames between two devices on the same network.
- Protocols:
- IP (Internet Protocol)
- Functions: Routes data between different networks, and provides logical addressing (IP addresses).
- Protocols:
- Functions: Provides reliable data transfer between devices, and ensures data is delivered in the correct
order.
- Protocols:
- Functions: Converts data into a format that can be understood by the receiving device, and provides
data compression and encryption.
- Protocols:
- Functions: Provides services and interfaces for applications to communicate with each other, such as
email, file transfer, and web browsing.
- It's a request-response protocol, where a client (e.g., web browser) sends a request to a server, and the
server responds with the requested data.
- HTTPS is an extension of HTTP that adds an extra layer of security by encrypting data in transit.
- HTTPS uses SSL/TLS (Secure Sockets Layer/Transport Layer Security) to encrypt data.
- HTTPS is used for secure online transactions, such as banking, e-commerce, and password-protected
websites.
- TLS is an extension of SSL, and is designed to provide improved security and performance.
- TLS is widely used for secure online transactions, including HTTPS, FTPS (File Transfer Protocol Secure),
and SFTP (Secure File Transfer Protocol).
- Version: SSL is an older protocol, while TLS is a more modern and secure protocol.
- Encryption: TLS uses more secure encryption algorithms, such as AES (Advanced Encryption Standard),
while SSL uses weaker encryption algorithms, such as RC4.
In summary:
- HTTPS is an extension of HTTP that adds an extra layer of security by encrypting data in transit using
SSL/TLS.
- SSL is an older cryptographic protocol that has been largely replaced by TLS.
- TLS is a more modern and secure cryptographic protocol used for secure online communication.
1. Persistent Connection
A single connection is kept open for multiple requests and responses between a client and a server.
Advantages:
✔ Minimizes latency.
Disadvantages:
2. Non-Persistent Connection
Advantages:
Key Differences
Connection Stays open for multiple requests Closes after each request
Resource Use More server resource consumption Frees resources after each request
Conclusion: Persistent connections are preferred for modern web applications due to better
performance, while non-persistent connections are simpler but less efficient. both securely moves data
from client to server using some algorithms keep alive in persistence
http methods
status line
response header
response body
========
401 unauthorized
====http methods
get
delete
components of http when we are analyzing packets(shown in 200 ok response)
HTTP Methods
- HEAD: Retrieves metadata about a resource without retrieving the resource itself.
- OPTIONS: Returns the HTTP methods supported by the server for a particular resource.
- Expires: Specifies the date and time after which the response is considered stale.
- The response body contains the actual data being returned by the server.
- Examples of response body formats include HTML, JSON, XML, and image data.
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1234
<html>
<head>
<title>Example Page</title>
</head>
<body>
<h1>Welcome to Example.com!</h1>
</body>
</html>
Stateless Responses
- A stateless response is a response from a server that does not retain any information about the client
or the client's previous requests.
- The server does not maintain any session information or context between requests.
- Stateless responses are typically faster and more scalable, as the server does not need to maintain any
session state.
Stateful Responses
- A stateful response is a response from a server that retains information about the client or the client's
previous requests.
- The server maintains session information or context between requests, allowing it to remember the
client's previous interactions.
- Stateful responses are typically used for applications that require a user to log in or maintain a session,
such as online banking or e-commerce websites.
Key differences:
- Session management: Stateless responses do not maintain any session information, while stateful
responses maintain session information between requests.
- Scalability: Stateless responses are typically more scalable, as the server does not need to maintain any
session state.
- Security: Stateful responses can be more secure, as the server can maintain information about the
client's session and detect potential security threats.
Examples:
- Stateless example: A website that provides static information, such as a blog or a news website, can
use stateless responses.
- Stateful example: An online banking website that requires a user to log in and maintain a session can
use stateful responses.
Protocols:
- HTTP: HTTP is a stateless protocol, meaning that each request is treated as a new, independent
request.
- HTTPS: HTTPS is also a stateless protocol, but it can be used with stateful responses by maintaining
session information through cookies or other mechanisms.
LAB03 CONTENTS:
Type: which is ‘A‘ for IPv4(32 bits) and is ‘AAAA‘ for IPv6(128 bits).
CNAME cnonical name domain name is directly changed into cname rather then ipv4 or ipv6
nslookup pucit.edu.pk
if there are multiple addresses if we search for ip address in cmd so there permenent address will
be one and other are temporary
local DNS-->Root DNS-->tlp(top level domain e.g .pk,.com,.org,.edu) there are only 13 DNS in whole
world wide
for pucit it will go to .edu it will go to Authorotative (if not this too then google will say that this site
does not exits)
oxfford-->(nsoxford.com)
DNS Types:
- AAAA Record (IPv6): Maps a domain name to an IPv6 address (128 bits).
- CNAME Record: Maps an alias or subdomain to the canonical name of a server or another domain.
1. Client: The client (e.g., web browser) sends a DNS query to the operating system's DNS cache.
2. OS Cache: The operating system's DNS cache checks if it has a valid IP address for the requested
domain.
3. Router Cache: If the OS cache doesn't have the IP address, the request is sent to the router's DNS
cache.
4. ISP Cache (PTCL): If the router cache doesn't have the IP address, the request is sent to the ISP's
(PTCL) DNS cache.
5. TTL (Time To Live): The ISP's DNS cache has a TTL value set, which determines how long the IP address
is cached.
6. Local DNS: If the ISP's cache doesn't have the IP address, the request is sent to a local DNS server.
7. Recursive Calls: The local DNS server makes recursive calls to the root DNS servers, TLD (top-level
domain) servers, and authoritative name servers to resolve the IP address.
1. Root DNS Servers: The root DNS servers are the top-level servers that manage the DNS system. There
are only 13 root DNS servers worldwide.
2. TLD (Top-Level Domain) Servers: The TLD servers manage the top-level domains (e.g., .com, .org, .edu,
.pk).
3. Authoritative Name Servers: The authoritative name servers manage the DNS records for a specific
domain.
Example:
- nslookup pucit.edu.pk: This command performs a DNS lookup for the domain pucit.edu.pk.
- The DNS lookup process involves recursive calls to the root DNS servers, TLD servers, and authoritative
name servers to resolve the IP address.
Note:
- The DNS lookup process can involve multiple caches, including the OS cache, router cache, ISP cache,
and local DNS cache.
- The TTL value determines how long an IP address is cached in each cache.
- The DNS server hierarchy involves root DNS servers, TLD servers, and authoritative name servers
working together to resolve IP addresses
What is DNS?
- DNS (Domain Name System) is a decentralized system that translates human-readable domain names
into machine-readable IP addresses.
- DNS is often referred to as the "phonebook" of the internet, as it allows users to access websites and
online services using easy-to-remember domain names instead of difficult-to-remember IP addresses.
Importance of DNS:
- Accessibility: DNS makes it easy for users to access websites and online services using domain names
instead of IP addresses.
- Scalability: DNS allows the internet to scale to accommodate millions of devices and domain names.
- Flexibility: DNS enables website owners to change their IP addresses without affecting their domain
name.
- IPv4 (Internet Protocol version 4): IPv4 is the original protocol used for communicating over the
internet. It uses 32-bit IP addresses, which are limited in number.
- IPv6 (Internet Protocol version 6): IPv6 is the newer protocol designed to replace IPv4. It uses 128-bit IP
addresses, which provide a much larger address space.
DNS Hierarchy:
- Root DNS servers: The root DNS servers are the top-level servers that manage the DNS system. They
are responsible for directing queries to the correct top-level domain (TLD) servers.
- TLD servers: The TLD servers manage the top-level domains (such as .com, .org, etc.). They direct
queries to the correct name servers for a particular domain.
- Name servers: The name servers manage the DNS records for a particular domain. They provide the IP
address associated with a domain name.
- A CNAME record is a type of DNS record that maps an alias or subdomain to the canonical name of a
server or another domain.
- CNAME records are often used to associate a subdomain with a server or another domain.
NSLOOKUP:
- NSLOOKUP is a command-line tool used to query DNS servers and retrieve DNS records.
- NSLOOKUP can be used to troubleshoot DNS issues, verify DNS records, and perform other DNS-related
tasks.
IPCONFIG/ALL:
- IPCONFIG is a command-line tool used to display and configure network settings on Windows
computers.
- The /all option displays detailed information about the computer's network settings, including the DNS
servers, IP address, subnet mask, and default gateway.
- nslookup example.com: Queries the DNS server for the IP address associated with the domain name
example.com.
- ipconfig /all: Displays detailed information about the computer's network settings.
- dig example.com: Queries the DNS server for the IP address associated with the domain name
example.com (using the dig command)