WEBVTT 00:00.440 --> 00:06.800 To attack network protocols, you need to understand the basics of computer networking. 00:06.830 --> 00:11.720 The more you understand how common networks are built and function, the easier it will be applied to 00:11.720 --> 00:15.980 the knowledge to capturing, analyzing and exploiting new protocols. 00:16.010 --> 00:23.120 Through this section, I will introduce the basic network concepts and and that you will encounter every 00:23.120 --> 00:25.510 day when you are analyzing network protocols. 00:25.520 --> 00:30.830 I will also lay the groundwork for a way to think about the network protocols, making it easier to 00:30.830 --> 00:34.870 find previously unknown security uses during your analysis. 00:34.880 --> 00:40.760 So let's get started with by the network architecture and protocols here. 00:41.030 --> 00:42.020 Network. 00:48.150 --> 00:51.300 This is our topic here that you will learn about. 00:51.450 --> 00:58.050 So let's start by reviewing some basic networking terminology and asking the fundamental question What 00:58.050 --> 00:59.130 is a network? 00:59.130 --> 01:06.450 So the network is a set of two or more computers connected together to share information, and it's 01:06.450 --> 01:10.650 a common to refer to each connected device as a node. 01:10.680 --> 01:15.720 Here, as you can see here, workstation node, mainframe node, server node. 01:15.720 --> 01:17.640 And this is our network here. 01:18.720 --> 01:25.620 So the so it's common to refer to each connected device as a node on the network to make the description 01:25.620 --> 01:28.810 applicable to a wide range of devices. 01:28.830 --> 01:33.000 Here you are seeing a very simple example of our nodes here. 01:33.000 --> 01:40.170 So this diagram shows three nodes connected with a common network and each node might have a different 01:40.170 --> 01:41.760 operating system or hardware. 01:41.760 --> 01:50.280 But as long as each node follows a set of rules or a network protocols, it can communicate with other 01:50.280 --> 01:51.210 nodes on the network. 01:51.210 --> 01:58.970 So to communicate correctly, all the nodes on a network must understand the same network protocols. 01:58.980 --> 01:59.490 Here. 01:59.490 --> 02:01.740 Let's actually, I just. 02:03.130 --> 02:03.850 Here. 02:04.930 --> 02:14.200 So and this is the functions and the what the network protocols serves in our network here. 02:14.200 --> 02:21.940 So, uh, the network protocols serves many functions, including one of these functions here. 02:21.940 --> 02:27.070 So this is the maintaining state session state. 02:27.070 --> 02:33.580 So this protocols typically implement mechanisms to create a new connections and terminate existing 02:33.580 --> 02:34.420 connections. 02:34.420 --> 02:42.310 Here we, uh, this protocol also does identifying nodes through addressing here. 02:42.310 --> 02:45.970 So data must be transmitted to correct node on a network. 02:45.970 --> 02:52.300 So some protocols implement an addressing mechanism to identify specific nodes or groups of nodes. 02:52.300 --> 02:55.420 And we are also going to control the flow. 02:55.420 --> 02:56.500 So controlling flow. 02:56.500 --> 03:01.570 So this is the amount of data transferred across a network is limited, of course, So the protocols 03:01.570 --> 03:08.990 can implement ways of managing data flow to increase throughput and reduce latency. 03:09.820 --> 03:14.910 And we are also going to be guaranteeing the order of transmitted data. 03:14.920 --> 03:21.880 So many networks do not guarantee that the order in which the data is sent will match the order in which 03:21.880 --> 03:30.790 it is received, and the protocol can reorder the data to ensure it's delivered in the correct order. 03:30.790 --> 03:35.800 And we are also going to detecting and correcting errors here. 03:35.890 --> 03:36.730 So. 03:37.550 --> 03:42.080 Um, the many networks are not 100% reliable, right? 03:42.080 --> 03:50.690 So data can become corrupted and it's important to detect the corruption and ideally correct it. 03:50.810 --> 03:59.150 And here lastly, uh, formatting and encoding data and the data isn't always in a format suitable for 03:59.150 --> 04:00.440 transmitting on a network. 04:00.440 --> 04:10.400 And a protocol can specify ways of encoding data such as encoding English text into binary values.