Network Analysis

2.

Foundational Networking Concepts

2.1.

2.1.1.

Overview and Purpose of the OSI Model

2.1.1.1.

Seven-Layer Architecture

2.1.1.2.

Abstraction and Modularity

2.1.1.3.

Protocol Stack Interaction

2.1.2.

Layer 1: Physical

2.1.2.1.

Physical Media Types

2.1.2.1.1.

2.1.2.1.2.

Fiber Optic Cables

2.1.2.1.3.

2.1.2.2.

Signaling and Encoding

2.1.2.2.1.

Digital Signal Transmission

2.1.2.2.2.

Modulation Techniques

2.1.2.2.3.

Signal Attenuation

2.1.2.3.

Network Topologies

2.1.2.3.1.

2.1.2.3.2.

2.1.2.3.3.

2.1.2.3.4.

2.1.3.

Layer 2: Data Link

2.1.3.1.

Framing and Error Detection

2.1.3.1.1.

Frame Structure

2.1.3.1.2.

Cyclic Redundancy Check

2.1.3.1.3.

Error Correction Methods

2.1.3.2.

2.1.3.2.1.

Address Format and Structure

2.1.3.2.2.

Unicast, Multicast, and Broadcast

2.1.3.2.3.

Address Resolution

2.1.3.3.

Switches and Bridges

2.1.3.3.1.

Frame Forwarding

2.1.3.3.2.

MAC Address Tables

2.1.3.3.3.

Collision Domains

2.1.3.4.

VLANs and Tagging

2.1.3.4.1.

2.1.3.4.2.

2.1.3.4.3.

2.1.4.

Layer 3: Network

2.1.4.1.

IP Addressing and Subnetting

2.1.4.1.1.

IPv4 Address Classes

2.1.4.1.2.

2.1.4.1.3.

2.1.4.1.4.

IPv6 Addressing

2.1.4.2.

Routing and Routers

2.1.4.2.1.

2.1.4.2.2.

2.1.4.2.3.

Dynamic Routing Protocols

2.1.4.3.

ARP and Neighbor Discovery

2.1.4.3.1.

Address Resolution Protocol

2.1.4.3.2.

IPv6 Neighbor Discovery

2.1.4.3.3.

ARP Cache Management

2.1.5.

Layer 4: Transport

2.1.5.1.

2.1.5.1.1.

Connection-oriented vs. Connectionless

2.1.5.1.2.

Reliability Mechanisms

2.1.5.1.3.

Performance Characteristics

2.1.5.2.

Ports and Sockets

2.1.5.2.1.

Port Number Ranges

2.1.5.2.2.

Socket Programming Concepts

2.1.5.2.3.

Port Multiplexing

2.1.5.3.

Flow Control and Congestion Control

2.1.5.3.1.

Sliding Window Protocol

2.1.5.3.2.

Congestion Avoidance Algorithms

2.1.5.3.3.

Buffer Management

2.1.6.

Layer 5: Session

2.1.6.1.

Session Establishment and Termination

2.1.6.1.1.

Session Initiation

2.1.6.1.2.

Session Maintenance

2.1.6.1.3.

Session Cleanup

2.1.6.2.

Session Management Protocols

2.1.6.2.1.

NetBIOS Sessions

2.1.6.2.2.

2.1.6.2.3.

2.1.7.

Layer 6: Presentation

2.1.7.1.

Data Encoding and Translation

2.1.7.1.1.

Character Encoding

2.1.7.1.2.

Data Format Conversion

2.1.7.1.3.

Endianness Handling

2.1.7.2.

Encryption and Compression

2.1.7.2.1.

Symmetric Encryption

2.1.7.2.2.

Asymmetric Encryption

2.1.7.2.3.

Data Compression Algorithms

2.1.8.

Layer 7: Application

2.1.8.1.

Application Protocols

2.1.8.1.1.

Protocol Design Principles

2.1.8.1.2.

Client-Server Architecture

2.1.8.1.3.

Peer-to-Peer Architecture

2.1.8.2.

User Interfaces

2.1.8.2.1.

Command Line Interfaces

2.1.8.2.2.

Graphical User Interfaces

2.1.8.2.3.

Web-based Interfaces

2.2.

The TCP/IP Model

2.2.1.

Comparison with OSI Model

2.2.1.1.

Four-Layer vs. Seven-Layer Model

2.2.1.2.

2.2.1.3.

Practical Implementation Differences

2.2.2.

2.2.2.1.

Ethernet Technologies

2.2.2.1.1.

2.2.2.1.2.

Gigabit Ethernet

2.2.2.1.3.

10 Gigabit Ethernet

2.2.2.2.

Wireless Technologies

2.2.2.2.1.

802.11 Standards

2.2.2.2.2.

Cellular Networks

2.2.2.2.3.

2.2.3.

2.2.3.1.

IPv4 Addressing

2.2.3.1.1.

Address Classes

2.2.3.1.2.

Private Address Ranges

2.2.3.1.3.

Network Address Translation

2.2.3.2.

IPv6 Addressing

2.2.3.2.1.

2.2.3.2.2.

Address Autoconfiguration

2.2.3.2.3.

Transition Mechanisms

2.2.3.3.

Routing Protocols

2.2.3.3.1.

Distance Vector Protocols

2.2.3.3.2.

Link State Protocols

2.2.3.3.3.

Path Vector Protocols

2.2.4.

Transport Layer

2.2.4.1.

2.2.4.1.1.

Reliable Data Delivery

2.2.4.1.2.

Connection Management

2.2.4.1.3.

2.2.4.2.

2.2.4.2.1.

Datagram Delivery

2.2.4.2.2.

Minimal Overhead

2.2.4.2.3.

Real-time Applications

2.2.5.

Application Layer

2.2.5.1.

Common Application Protocols

2.2.5.1.1.

2.2.5.1.2.

2.2.5.1.3.

2.2.5.1.4.

2.3.

Core Network Components

2.3.1.

Packets, Frames, and Segments

2.3.1.1.

Data Unit Terminology

2.3.1.2.

Structure and Headers

2.3.1.2.1.

2.3.1.2.2.

2.3.1.2.3.

Trailer Information

2.3.1.3.

Encapsulation and Decapsulation

2.3.1.3.1.

Protocol Data Units

2.3.1.3.2.

Header Addition Process

2.3.1.3.3.

Header Removal Process

2.3.2.

2.3.2.1.

Address Formats

2.3.2.1.1.

48-bit Address Structure

2.3.2.1.2.

Organizationally Unique Identifier

2.3.2.1.3.

Locally Administered Addresses

2.3.2.2.

Address Resolution

2.3.2.2.1.

2.3.2.2.2.

ARP Table Management

2.3.2.2.3.

2.3.3.

2.3.3.1.

IPv4 Addressing

2.3.3.1.1.

Address Structure

2.3.3.1.2.

Classful Addressing

2.3.3.1.3.

Classless Addressing

2.3.3.2.

IPv6 Addressing

2.3.3.2.1.

2.3.3.2.2.

2.3.3.2.3.

2.3.3.3.

Subnetting and CIDR

2.3.3.3.1.

Subnet Calculation

2.3.3.3.2.

Variable Length Subnet Masks

2.3.3.3.3.

2.3.4.

Ports and Sockets

2.3.4.1.

Well-known Ports

2.3.4.1.1.

System Ports (0-1023)

2.3.4.1.2.

Common Service Ports

2.3.4.1.3.

Port Assignment Authority

2.3.4.2.

Ephemeral Ports

2.3.4.2.1.

Dynamic Port Allocation

2.3.4.2.2.

Port Range Configuration

2.3.4.2.3.

Port Exhaustion Issues

2.3.4.3.

Socket Communication

2.3.4.3.1.

2.3.4.3.2.

2.3.4.3.3.

Socket Programming

2.4.

2.4.1.

2.4.1.1.

Frame Structure

2.4.1.1.1.

Preamble and Start Frame Delimiter

2.4.1.1.2.

Destination and Source Addresses

2.4.1.1.3.

EtherType Field

2.4.1.1.4.

Frame Check Sequence

2.4.1.2.

Collision Domains

2.4.1.2.1.

CSMA/CD Operation

2.4.1.2.2.

Collision Detection

2.4.1.2.3.

Backoff Algorithms

2.4.2.

Address Resolution Protocol

2.4.2.1.

ARP Requests and Replies

2.4.2.1.1.

ARP Message Format

2.4.2.1.2.

Broadcast and Unicast ARP

2.4.2.1.3.

ARP Cache Timeout

2.4.2.2.

2.4.2.2.1.

Attack Mechanisms

2.4.2.2.2.

Detection Methods

2.4.2.2.3.

Prevention Techniques

2.4.3.

Internet Protocol

2.4.3.1.

IPv4 Header Fields

2.4.3.1.1.

Version and Header Length

2.4.3.1.2.

Type of Service

2.4.3.1.3.

2.4.3.1.4.

Identification and Flags

2.4.3.1.5.

2.4.3.1.6.

2.4.3.1.7.

Header Checksum

2.4.3.1.8.

Source and Destination Addresses

2.4.3.2.

IPv6 Header Fields

2.4.3.2.1.

Version and Traffic Class

2.4.3.2.2.

2.4.3.2.3.

2.4.3.2.4.

2.4.3.2.5.

2.4.3.2.6.

Source and Destination Addresses

2.4.4.

Internet Control Message Protocol

2.4.4.1.

Echo Requests and Replies

2.4.4.1.1.

2.4.4.1.2.

Echo Message Format

2.4.4.1.3.

Round-Trip Time Calculation

2.4.4.2.

2.4.4.2.1.

Destination Unreachable

2.4.4.2.2.

2.4.4.2.3.

Parameter Problem

2.4.4.2.4.

Redirect Messages

2.4.5.

Transmission Control Protocol

2.4.5.1.

Connection Establishment

2.4.5.1.1.

Three-Way Handshake

2.4.5.1.2.

SYN Flood Protection

2.4.5.1.3.

Connection State Machine

2.4.5.2.

Flow and Congestion Control

2.4.5.2.1.

2.4.5.2.2.

Congestion Window

2.4.5.2.3.

Slow Start Algorithm

2.4.5.2.4.

2.4.6.

User Datagram Protocol

2.4.6.1.

Datagram Structure

2.4.6.1.1.

UDP Header Format

2.4.6.1.2.

Checksum Calculation

2.4.6.1.3.

Port Multiplexing

2.4.6.2.

2.4.6.2.1.

Real-time Applications

2.4.6.2.2.

Simple Request-Response

2.4.6.2.3.

Broadcast and Multicast

2.4.7.

Domain Name System

2.4.7.1.

Name Resolution Process

2.4.7.1.1.

Recursive Queries

2.4.7.1.2.

Iterative Queries

2.4.7.1.3.

2.4.7.2.

2.4.7.2.1.

A and AAAA Records

2.4.7.2.2.

2.4.7.2.3.

2.4.7.2.4.

2.4.7.2.5.

2.4.7.2.6.

2.4.8.

Dynamic Host Configuration Protocol

2.4.8.1.

2.4.8.1.1.

2.4.8.1.2.

2.4.8.1.3.

2.4.8.1.4.

DHCP Acknowledge

2.4.8.2.

2.4.8.2.1.

2.4.8.2.2.

Default Gateway

2.4.8.2.3.

2.4.8.2.4.

2.4.9.

Hypertext Transfer Protocol

2.4.9.1.

Request and Response Structure

2.4.9.1.1.

2.4.9.1.2.

2.4.9.1.3.

2.4.9.1.4.

2.4.9.2.

Secure Communication

2.4.9.2.1.

2.4.9.2.2.

Certificate Validation

2.4.9.2.3.

Encryption Algorithms

Previous

1. Introduction to Network Analysis

Go to top

Next

3. Network Traffic Capture