Ethical Hacking Ebook - Newbie Guide To The Underground

-A Serious Newbie's Guide to the Underground v2By ratdance Aviator753 Killab Mls577
Table Of Contents
Introduction......................................................................4 Credits To Co-Authors.....................................................4 Preface..............................................................................4 What Is A ac!er"............................................................# What is a $%la&e'"..........................................................7 About Codin(...................................................................7 What is a )cri*t!idd+"....................................................., Wireless -et.or!s..........................................................., ,/0.112 )tandards..................................................3 Wireless )ecurit+...................................................1/ WAPv1 Additions..................................................11 4ther Wireless.......................................................10 Cr+*to(ra*h+...................................................................10
56) 7..................................................................13 Tri*le 56) 7.......................................................14 8M........................................................................14 -T8M...................................................................15 M50.....................................................................1# M54.....................................................................1# M55.....................................................................1# ) A-/..................................................................1, ) A-1..................................................................1, ) A-0..................................................................1, ) A-3.................................................................1, Co&&on Attac!s..........................................................1, 9ruteforcin(........................................................13 5ictionar+:Word list...........................................13 4*eratin( )+ste&s........................................................0/ )ecurit+.........................................................................0/ ;lo(in...........................................................................01 Win<ate........................................................................00 IA-A7........................................................................00 /5a+..............................................................................03 ats...............................................................................03 ;%C...............................................................................0#
Protocols.......................................................................07 IP...................................................................................07 The 4)I Model............................................................3/ What is the 4)I Model......................................3/ istor+ of the 4)I Model..................................31 o. it Wor!s 7................................................31 The 8a+ers.........................................................31 Ph+sical 8a+er...................................................30 5ata 8in! 8a+er................................................33 -et.or! 8a+er..................................................37 Trans*ort 8a+er................................................3, )ession 8a+er...................................................33 Presentation 8a+er...........................................4/ A**lication 8a+er............................................4/ Protocol ;eference..........................................41 TCP:IP.......................................................................43 ICMP.........................................................................44 )hout=........................................................................47 Contact Info...............................................................4,
hy this !a"er# this Boo$%

A ac!er is a &aster of his environ&ent> of his do&ain. ?nderstands> in an inti&ate de*th the .orld he is in> the co&*uter he is on> the servers> .or!stations he @s*ea!s@ to and @s*ea!s@ to hi&> not Aust the <?I and *rett+ colors he (a=es at> dail+> thin!in( he understands his co&*uter> but .hat is behind it all> .hat &a!es it @breath@ and ho. it @breaths@> fro& the 865Bs to the 9ee*s> to the data rushin( in and throu(h his lines> and ho. it arrives and is received> .hat ha**ens .hat sent and received.
&es"e't where &es"e't is (ue

I CratdanceD be(an this *a*er as a solo *roAect as I a& *rone to do. In a ver+ short *eriod of ti&e> &+ for&er students Killa> Aviator and M8)577> had Au&*ed in to ta!e over .hat be(an as so&e of &+ .or!> to unintentionall+ ta!in( over &+ *a*er and &a!in( it a 9oo!. And for this> I than! the& all for their ti&e and effort and in Aoinin( &+ 5i(ital Crusade to 6ducate the ac!ers that .ill be. There is no bi((er a than! +ou or dis*la+ of a**reciate for &+ e2istence> than this. Than! all of +ou> than! Esuidre.t> than! u(o Corn.all and 8lo+d CThe MentorD.
!refa'e
)o&eti&e a(o> I had *osted Calon( .ith a series of other docs and codeD a .doc on htt*F::ha2&e.or(:for...*icG1/155HstG1/ that s*read all over the net. The *roble& .ith this doc is that I intentionall+ didnBt direct its readers to .hat the+ could read and .here to be(in. I reall+ .anted others to thin! for the&selves. And so..I .ill (ive &+ *ersonal honest o*inion on .hat I feel the -eo*h+tes to be> should read and follo. u* on. 4ur Cdi(ital under(roundD has a dee* histor+ datin( bac! as earl+ as 1371..and .ith re(ret> &ost of toda+Bs neo*h+tes carr+ on to never be a.are of .here it all be(an and had led toF htt")**en+wi$i"edia++++,ha'$er,history
I stron(l+ encoura(e that not onl+ do +ou reference this .i!i or an+ li!e it> but research .hat it sho.s +ou. i.eF Ca*tain Crunch > learn &ore about hi& and .h+ is he a bi( dealCand all else in this lin!D htt*F::....&ithral.c...:&anifesto.ht&l Who .rote the Manifesto that is adhered to b+ the under(round to this ver+ da+. 8o+d 9lan!enshi* did..*lease reference and learn &ore htt*F::....te2tfiles...e2t:M456;-:hhb! The ac!ers andboo!...our bible. ver+> ver+> ver+> ver+> ver+ fe. actuall+ ta!e ti&e to read this. The challen(e I *ose to +ou and +our &ind is> .hat do +ou not see in this @9ible@> there is a lesson in the ans.er and u(o did it for a reason. htt*F::....scribd.co...on-0-/-Module-4 ;hino3Bs re*l+ to K> .ith technical infor&ation and intro to ;e&ote Attac!s via -et9I4) and null session. htt*F::....hac!canad...isc:.ardoc.ht&l rando& ;3 *hun htt*F::....*hrac!.co&: Phrac!..the under(rounds 6IineC6lectric Ma(a=ineD a(ain> &ost arenBt even a.are that it e2ists> let alone read it. 4utdated" no..not at all. itBs still &aintained as relevant infor&ation is *rovided b+ the under(round CusD for Phrac! to share .ith the rest of the under(round. If ever there .as a .a+ to (et +our di(ital handle out there..this is it. I% +ou donBt care to be(in fro& Phrac! 1> then at the ver+ least> do be(in at Phrac! 43 %ile 14> b+ Ale*h 4neJ learn about 9uffer 4verflo.s and .ho Ale*h is. htt*F::....0#//.co&: If +ou read the ac!ers andboo!Cthen res*ect to +ouD then +ou !no. .hat a 0#// is...thus &+ ne2t lin! htt*F::....tele*hone...e*hrea!in(.ht&l Kes> I !no.> a lot to read so far..I..no..W6Call hac!ers of the di(ital under(roundD .ant for +ou to understand the .orld +ouBre no. in.
hat -S a .a'$er%
Contrar+ to .hat the current e2istin( -eo*h+tes badl+ .ant to believe> a ac!er is not one .ho (leefull+ discovered re&ote TTP based attac!s such as ;%IBs> 8%IBs> )L8iBs> M;IBs>etc> as A88 of these are .ildl+ outdated and and are near to scri*ted. 9otto& line is> a B ac!B is -4T a securit+ co&*ro&ise a!aF brea!in( into a )erver> Wor!station> 5atabase> short of that bein( done via a ac!. 8et &e e2*lain... When a ac!er locatesCand usuall+ at rando&D a /da+> that is a -4- 5ocu&ented and ?-K-4W- re&ote or local vulnerabilit+> -4T *osted A-KW 6;6 before the &o&ent of discover+> T 6- .ritesCCodesD the reNuired e2*loit code to e2*loit the found /da+> and e2ecutes> successfull+> his *ersonal .ritten code for the confir&ed /da+> and (ains a user or root shell> then...it is a ac!. -4 runnin( to Metas*loit or loadin( 9ac!Trac! 4; A-KT I-< li!e the& 4; A-K vulnerabilit+ scanner that .as -4T .ritten b+ +ou> is - 4 T a ac!> it is bein( a s!idiot. K4? did -4T .rite A-K of that code 4; even .riteC-4 C8ICKI-< 4- )8AO T4 MAK6 A- P;6C4MPI865 4) 546)-T C4?-TD the 4). Pri&e e2a&*les of .hat a ac! I)> .ould be Theodore de ;aadt> the .riterCcoderD of 4*en9)5 ?-IOC is 4) ac!D htt*F::....o*enbsd.or(: > %+odor the .riterCcoderD of -Ma*C)oc!ets ac!D htt*F::insecure.or(: or 8inus Torvalds the father of 8inu2C4) ac!D. -4 because their creations are T 6I; ac!s> doesnBt &ean K4? usin( it &a!es it a ac!> it leans bac! to sri*t!id action if +ouBre usin( T 6I; .or! to (et +our lac! of a Clue> acco&*lished. When +ou ta!e so&ethin( that e2ists and deco&*ile to re.rite to &a!e it bi((er> better> faster or .rite:&a!e so&ethin( ne. of si(nificant use and reco&*ile> and it .or!s> itBs a ac!. When +ou can chan(e +our ;outer> Mode&> Mouse> Ke+board> To.er and A-K *eri*herals .ith in to do so&ethin( si(nificant> be+ond .hat it does nor&all+" ItBs a ac! botto& line isF Ta!e it> 9rea! it> Ma!e it 9i((er> 9etter or %aster> rebuild it> and itBs a ac!> .hether it be code or ard.are>etc> itBs a ac!. The co&&on user .ill sa+ @loo! .hat this can do@
The ac!er .ill sa+ @9ut loo! .hat I can &a!e it do...@ Who are or .hat is the 6lite" Those that can ta!e .hat e2ists and &a!e it bi((er than it self and the .hole .orld reco(ni=es itBs e2istence.. Theodore 5e ;aadt founder of 9)5 ?-IO...is 6lite %+odor of -MAP...is 6lite 8inus Torvalds of 8inu2..is 6lite and the list (oes on far *ast that> but IB& confident +ou (et the idea.
hat is a /0la1e/%
)te&&in( fro& Medieval 6n(land the burnin( of those .ho had a belief that .as unbefittin( of *resent societal reli(ious and social standards C&ost often BWitchPBD> the accused .as ver+ often tied to a *ole> do.sed in oil and set on fire Ci.eF %la&edD )o> it is stron(l+ advised a -eo*h+te to the under(round ;T%M to learn to abide b+ the standards and be a.are of the .orld the+ are no. in> lest the+ be subAect to constant %la&es.
About Coding
In &+ *revious 6Iine> I didnBt *ush too &uch on *ro(ra&&in(. o.ever> no. that IB& here> I do encoura(e 8o. 8evel 8an(ua(es. The closer +ou can (et to tal!in(> learnin( and understandin( +our co&*uter hard.are> the better. ;6A88K learnin( the .orld +ouBre in. A)M..Asse&bler...MA)M Microsoft Macro Asse&bler> TA)M Turbo Asse&bler> -A)M -et.ide Asse&bler. As of toda+> 0/1/> -A)M htt*F::....nas&.us: is .here to (o and learn both 2,# and 2#4 A)M. so&ethin( to (et +ou started" if +ouBre still readin( this" then 4K> fair is fairF
htt*F::as&.ini(ht&ar...eG1HlocationG10 htt*F::....e&u,/,#.co&: contains a full A)M doc> that I a**reciated. I .anted to direct +ou to a 8inu2:?-IO A)M> but I a& a.are &ost arenBt there..+et Alon( .ith A)M is C and Perl H P+thon. I learnt 2,# TA)M before Perl> but I su((est C> Perl or P+thon before A)M. Alon( .ith codin(> I ver+>ver+>ver+>ver+> stron(l+ ur(e +ou learn )oc!ets and ho. to use )oc!ets .ith +our code of choice. codin( is *ointless if +ou canBt (et connected to the net via TCP:IPCtrans&ission control *rotocolD> ?5PCuser data(ra& *rotocolD>ICMPCinternet control &essa(e *rotocolD. reall+> reall+ beco&e inti&ate .ith TCP:IP and itBs nuts H bolts such as the %8A<)> .hat the+ are and ho. the+ .or!. There is little .ron( .ith usin( others *ro(ra&s to (et a tas! done. There is 6Q6;KT I-< .ron( .ith usin( others code:*ro(ra&s and ta!in( credit for .hat it did:does for +ou.
hat is a S'ri"t$iddy a$a) S$idiot %

The ter& )!idd+> )cri*t!idd+> )!idiot> etc all ste& fro& the conce*t of &ovie actors follo.in( their )cri*ts. A Predeter&ined action .ith a !no.n outco&e and .ritten b+ so&eone other than the&selves. Well> a )!I5I4T is the ver+ sa&e. )o&eone .ho finds anotherBs code or *ro(ra& and co&*iles to run or e2ecutes it> (ains root as it is &eant to do> then self *roclai&s hi&self a ac!er. 8a&e..... And the list (oes on far *ast that> but IB& confident +ou (et the idea.
ireless Networ$s
2 ritten By) Aviator3456
Wireless -et.or!s> Wi%i> ,/0.112F Aust a fe. of the &an+ na&es for co&&unicatin( .irelessl+ bet.een co&*uters. Wi%i does the sa&e thin( a .ired net.or! does> lin! to(ether &ulti*le co&*uters in order to co&&unicate infor&ation.
WhatBs the secret to .ireless net.or!in(" ;adio .aves> Aust li!e +our television> car radio> &icro.ave oven> and cell *hone uses> basic t.o .a+ co&&unicationF 1D A co&*uter turns infor&ation into a radio si(nal and trans&its it to an Access Point CAPD> a .ireless router> usin( its antenna. 0D The router receives the si(nal> decodes it> and sends it on throu(h a standard *h+sical 6thernet connection. The *rocess .or!s in reverse as .ell> fro& the router to the co&*uterBs ada*ter. While bein( si&ilar to other devices that use radio .aves> Wi%i is different in a fe. !e+ .a+sF -The infor&ation is trans&itted at 0.4 or 5 <i(ahert= C< =D> a &uch hi(her freNuenc+ than other devices> allo.in( hi(her data transfer rates> but at shorter distances -@%reNuenc+ o**in(@ allo.s a considerable reduction in interference and the abilit+ for &ulti*le devices to use the sa&e .ireless connection> @ o**in(@ ra*idl+ bet.een u* to three different freNuenc+ bands -the Institute of 6lectrical and 6lectronics 6n(ineers CI666D *rovides ,/0.11 net.or!in( standards.. IBll (et into those a little later> these standards allo. devices to &ove fro& one net.or! to another sea&lessl+. -o. letBs (et into the different ,/0.12 standards. As I &entioned before> these standards .ere created and are &aintained:u*dated b+ the I666 C*ronounced Be+e-tri*le6BD for carr+in( out .ireless local area net.or! CW8A-D co&*uter co&&unication in the 0.4> 3.#> and 5 < = freNuenc+ bands.
782+99: Standards
782+99 - 0.4 < = - Mune 1337 - allo.ed 1-0 Mbit:s data rates at a &a2i&u& distance of 1// &eters:33/ feet. Toda+> ho.ever> it is no lon(er used and nearl+ co&*letel+ obsolete.
782+99a - 5 < = - )e*te&ber 1333 - u* to R05 Mbit:s achievable s*eeds> distance u* to 10/&:33/ft. The hi(her freNuenc+ allo.ed trans&issions .ith drasticall+ lo.er interference> but also a lo.er effective ran(e> Cthe si(nals are &ore easil+ absorbed into .alls:floors:etcD. 782+99b - 0.4 < = - )e*te&ber 1333 - u* to 11 Mbit:s> distances u* to 14/&:4#/ft. 5evices utili=in( ,/0.11b suffered &uch interference fro& other *roducts usin( the 0.4 < = freNuenc+ band> includin( &icro.ave ovens> cordless tele*hones> bab+ &onitors> and the li!e. 782+99g - 0.4 < = - Mune 0//3 - u* to 54 Mbit:s> distances u* to 14/&:4#/ft. Also suffers &uch interference> but .as .idel+ ado*ted b+ consu&ers *rior to beco&in( ado*ted in Mune B/3 )till .idel+ used toda+> but is bein( re*laced:*hased out b+ the follo.in(F 782+99n - 0.4:5 < = - 4ctober 0//3 - u* to 15/ Mbit:s> .ith distances u* to 05/&:,0/ft. I&*roves *revious standards b+ i&*le&entin( BMIM4B CMulti*le-In*ut Multi*le-4ut*utD> &ulti*le antennas located on the trans&itter and receiver> allo.in( &uch hi(her bit rates:s*eeds and distance:ran(e. Another &ethod to reduce interference a&on( .ireless devices is for the& to o*erate on u* to 14 different channelsF sli(htl+ different freNuencies> ran(in( fro& 0.4/// to 0.4,35 < =. Channels 1-13 s*aced onl+ 5M = a*art> .ith channel 14 bein( 10 M = above channel 13.
ireless Se'urity
Well> itBs about that ti&e> letBs tal! about WI%I securit+. In order for an+ .ireless net.or! to use an+ encr+*tion> the client and the server &ust have the sa&e encr+*tion on or the+ .ill -4T be able to co&&unicate. CThin! of it as a *erson s*ea!in( Chinese tr+in( to co&&unicate .ith so&ebod+ that s*ea!s %renchD There are 4 &ain settin(s +ou can use as far as securit+ (oes for a routerF 4*en> MAC filtered> W6P> or WPA:WPA0. -O"en Networ$ - as absolutel+ no securit+> an+one can connect and access the totall+ unsecured connection.
-;AC 0iltering - Most Access Points CAPD have so&e sort of MAC %ilterin( that allo.s the ad&inistrator to onl+ *er&it certain co&*uters to connect> ho.ever MAC s*oofin( utilities are .idel+ available and can easil+ b+*ass this *rotection. - <! - -o. .e (et to the fun one> also called BWireless 6Nuivalent Privac+B. W6P .as the 4;I<I-A8 6-C;KPTI4- )TA-5A;5 for .ireless. WA)> bein( the !e+.ord there. 9e(innin( in 0//1> &aAor fla.s .ere found and e2*loited. Man+ &an+ &an+ o*en source utilities .ere created to e2a&ine and decr+*t the *ac!ets> successfull+ and Nuic!l+ brea!in( into a W6P-secured net.or! SIn 0//5> a (rou* fro& the ?nited )tates %9I bro!e a W6P encr+*ted net.or! in less than 3 &inutesT Another issue in W6P is !e+ &ana(e&entF if enou(h *ac!ets can be interce*ted> a *erson could brute force it in a &atter of hours. A&on( W6Ps .ea!nesses> it is still &uch better than an unsecured> o*en net.or!F at least it !ee*s out &indless leeches. - !Av9 - BWi-%i Protected AccessB WPA is s*ecial in its .a+ as it i&*le&ents the securit+ of a four-.a+ handsha!e. It .as created to re*lace W6P> in 0//3 it .as officiall+ announced the successor of W6P. WPA also allo.s A6)-CCMP al(orith&> drasticall+ increasin( the *rotection over W6P. WPA uses a Pre-shared )hared Ke+ CP)KD to establish *rotection usin( an , to #3 character *ass.ord. WPA-P)K can be brute forced usin( an offline dictionar+ attac! b+ ca*turin( the four-.a+ handsha!e .hen the client auto&aticall+ reconnects .hen 56-authenticated
A!v9 Additions
There are a fe. thin(s that can be used alon(side WPA in order to stren(then its securit+.
1.
-T=-! - BTe&*oral Ke+ Inte(rit+ ProtocolBC*ronounced Btee-!i*BD TKIP uses a *er-*ac!et !e+ &i2in( .ith a &essa(e inte(rit+ chec!..effectivel+ avoidin( the *roble&s of W6P -<A! - B62tensible Authentication ProtocolB 6AP is -4T an authentication &echanis&> it is an authentication %;AM6W4;K. It *rovides co&&on functions and ne(otiation of 6AP &ethods Sthere are about 4/ of the&T 6AP is not a *rotocol> *er se> instead it defines &essa(e for&ats that are used for authentication. -><A! - B8i(ht.ei(ht 62tensible Authentication ProtocolB 86AP is basicall+ W6P that has been u*(raded to &ini&ali=e its fla.s and a so*histicated !e+ &ana(e&ent s+ste&. 86AP also uses a MAC Address %ilterin(:authentication Cthou(h> as I &entioned in a *rior section> MACs can be s*oofed to b+*ass this filterin(D -!<A! - BProtected 62tensible Authentication ProtocolB P6AP allo.s for secure transfer of infor&ationU!e+sUetc .ithout a certificate server.
- !A2 - The *ri&ar+ difference bet.een WPAv1 and v0 is the i&*le&entation of A6)CCMP CAdvanced 6ncr+*tion )tandard-Counter Mode .ith Ci*her 9loc! Chainin( Messa(e Authentication Code Protocol...sa+ that 52 fastD....hich is an 6ncr+*tion Protocol &eant to re*lace TKIP. WPA0 also su**orts 6APU86APUP6APUetc At this "oint in ti1e> WPA0 is the &ost secure> *ublicl+ available Wireless securit+ 6ncr+*tion.
Other
ireless Trans1ission 1ethods
-Bluetooth is an o*en .ireless *rotocol for trans&ittin( data over short distances> usin( ver+ short-len(th radio .aves.. also able to connect &ulti*le devices si&ultaneousl+> overco&in( s+nchroni=ation *roble&s -Ad-ho' - ;efers to a .ireless net.or! that reNuires no Access Point. Co&*uter to Co&*uter> Cell Phone to Cell Phone> 5evice to 5evice. 6ach device is essentiall+ a router and an ada*ter> a server and a client. 6ach device is inde*endent of all others and can co&&unicate .ith an+ other adhoc enabled device.
Cry"togra"hy
C ritten By ;>S4336
6ncr+*tion is convertin( data fro& a *lain te2t into .hat is called ci*her te2t. Ci*her te2t is the infor&ation that has been transfor&ed or encr+*ted usin( an al(orith& or ci*her into a character strin(. This data can be converted bac! into its ori(inal for& or reverse the *rocess is called decr+*tion. To recover the ori(inal data that .as once in *lain te2t +ou need the decr+*tion !e+> the decr+*tion !e+ .ill undo the *rocess .hich encr+*tin( the data has done. A decr+*tion !e+ is .hat deter&ines the out*ut of either the ci*her or al(orith&. If no decr+*tion !e+ is su**lied then si&*l+ there .ill be no end result> it .ill si&*l+ do nothin(. The ci*her can be atte&*ted to be bro!en throu(h &athe&atics alon( .ith so&e other techniNues that .ill be e2*lained in the re&ainder of this boo!. In so&e cases thou(h> +ou &a+ not even need to find out the !e+ to the ci*her to (ain access. The &ore co&*licated the encr+*tion the &ore difficult it is to brea! the code Cci*herD.
Cr+*to(ra*h+ dates bac! to .hen co&&unication .as first established. It could be so&ethin( as si&*le as invertin( letters in the al*habet or so&ethin( co&*le2 as A6) encr+*tion. Cr+*to(ra*h+Vs *ur*ose .as and still is to !ee*in( sensitive infor&ation *rivate to others that are unauthori=ed to receivin( this infor&ation. Thou(h as thin(s *ro(ress there .as a need for &ore co&*le2 and so*histicated ci*hers to *rotect such data. This is ho. so&e of the &odern encr+*tions of toda+ ca&e to be. Ciphers that will be cover in this book include: W (<S and Tri"le (<S W >; W NT>; W ;(2# ;(?# ;(4 W S.A-8 through S.A-5 These encryptions can be decrypted through techniques such as: W Brute-0or'e W (i'tionary* ord list Atta'$
W &ainbow Tables* Cuda
(<S
(<S stands for 5ata 6ncr+*tion )tandard. In 1370 it .as decided that there .as a need for an al(orith& that could *ro*erl+ and securel+ *rotect classified and nonclassified infor&ation b+ the -ation Institute of )tandards and Technolo(+ C-I)TD. The ori(inal al(orith& .as called the 8ucifer ci*her> .hich .as develo*ed b+ the I9M Tea& in 1374. When it .as &odified fro& 10,-bit to 5#-bit b+ the -)A C-ational )ecurit+ A(enc+D in 137#> it .as then rena&ed 56). The 56) al(orith& is a bloc! ci*her .hich is a for& of a shared secret encr+*tion. A )hared )ecret is a *iece of data that can be a *ass.ord> *ass *hrase> or rando&l+ chosen b+tes that is !no.n b+ t.o (rou*s that is over secured co&&unication. It .as available for *ublic use in 1377> but onl+ a fe. +ears later in 133, the 6lectronic %rontier %oundation crac!ed a 56) !e+ in about 3
da+s. Then in 1333 the 6lectronic %rontier %oundation crac!ed the !e+ in 00 hours and 15 &inutes> .hich .as a .a!e-u* call that so&ethin( had to be done about it. After that a ne. variant of the encr+*tion .as i&*le&ented called Tri*le 56)> .hich .ill be described &ore belo..
Tri"le (<S
Tri"le (<S is as &entioned above a variant of the 5ata 6ncr+*tion )tandard C56)D> .hich .as develo*ed in esti&ation bet.een 133, -0///. It is considered that Tri*le 56) is three ti&es &ore secure than its obsolete in-secure counter*art. Thou(h a do.nside of this is that Tri*le 56) ta!es three ti&es lon(er to co&*ute than a 56) but the securit+ vulnerabilities it had ta!en care of out-.ei(hs the *rocessin( ti&e. Tri*le 56) is s*lit u* into three #4-bit sub-!e+s or 130-bits. When the !e+ is i&*le&ented it is> if necessar+ converted into #4-bit *arts and then is encr+*ted in three se*arate *arts .hich are then *ut to(ether to &a!e the ci*her te2t. This is .hat &a!es 3 56) secure initiall+> thou(h if not *ro*erl+ i&*le&ented could cause *roble&s. An e2a&*le of this .ould be if +ou &ade t.o *arts the sa&e Ct.o #4-bitsD. This .ould turn Tri*le 56) into re(ular 56). Thou(h Tri*le 56) .as considered secure at the ti&e currentl+ it is .a+ less secure then other &ore co&&on encr+*tions.
>;
>; stands for 8A- Mana(er. It is associated .ith Microsoft Windo.Vs o*eratin( s+ste&s> u* until .indo.s vista at least. 4n versions of .indo.s that are above Windo.s OP have 8A- Mana(er turned off b+ default. If the *ass.ord is over 14 b+tes CcharactersD it .ill not be stored b+ .indo.s. The *rocess of convertin( A)CII into 8M ci*her te2t isF 1D Convert A)CII to all u**ercase. 0D The *ass.ord is s*lit into t.o 7-bit hashes Cci*her te2tD. 3D The t.o 7-bit hashes are then converted a 56) !e+ C#4-bitD. 4D 6ach !e+ is then 56)-encr+*ted to constant A)CII .hich results in t.o ,-bit ci*her te2t. 5D Those t.o *arts then create a 8M hash.
NT>;
NT>; stands for -T 8A- Mana(er. -T8M is a variant of the ori(inal 8M. It is an authentication *rotocol used on net.or!s runnin( the .indo.s o*eratin( s+ste&s. -T8M has a lot &ore securit+ than its counter*art 8A- Mana(er Includin( secure lo(in credentials usin( a challen(e and a secure &eans of authenticatin( .ithout the need for sendin( the *ass.ord insecurel+ over the .ire. -T8M credentials consist of a do&ain na&e> user na&e> and a *ass.ord that has been encr+*ted .ith a one .a+ hash. The .a+ it authenticates .ithout the *ass.ord bein( sent over the .ire is the s+ste& reNuests a calculation Ca rando& nu&ber challen(eD to be solved to *rove it has access to the credentials. The *rocess of authentication as listed belo.F 1D The client *rovides a user na&e> *ass.ord Cthat is encr+*tedD> and do&ain. Then sends the user na&e in *lain te2t to the server. 0D The server then creates a challen(e and sends it bac! to the client. 3D The client encr+*ts the challen(e and sends it to the server alon( .ith the encr+*ted *ass.ord CusersD. This is also !no.n as a res*onse also !no.n as a challen(e. 4D The server then sends the data (iven fro& the client to the do&ain controller. The do&ain controller retrieves the *ass.ord fro& )AM Csecurit+ Account Mana(erD and uses that *ass.ord to encr+*t the challen(e. 5D The do&ain controller then co&*ares the t.o hashes and sees if the+ are identicalJ if so then authentication is a**roved.
-o.> .ithin .hat I have .ritten about -T8M have (one over both -T8Mv1 and -T8Mv0 as a .hole. I left out the s*ecifics of the chan(es> but I .ill no. describe so&e of the differencesF X In -T8Mv1 the server sends an ,-b+te challen(e and then the client sends bac! t.o 04-b+te co&*utation of the challen(e (iven b+ the server. When in -T8Mv0 the server sends a ,-b+te challen(e and the t.o 1#-b+te res*onses. X In -T8-v1 the t.o 04-b+te res*onses .ere s*lit into t.o different encr+*tions. 4ne .as 8A- Man and the other .as M54. As in -T8Mv0 are encr+*ted in h&ac-&d5 also
the first *art is &ade u* of a ,-b+te client challen(e .ith a 1#-b+te res*onse &a!es a 04b+te *art si&ilar to -T8Mv1. Then the second *art consists of an -T Ti&e for&at> an ,b+te value> and do&ain na&e C.hich are called -Tv0D.
;(2
;(2 stands for Messa(e 5i(est 0. It is an al(orith& created b+ ;onald ;ivest in 13,3. It .as created for ,-bit s+ste&s> .hich is no. obsolete to &odern 30 and #4 bit s+ste&s. M50 is defined in ;%C 1313. The M50 Al(orith& is e2*lained belo.F 1. The &essa(e 5i(estVs len(th is e2tended C*addedD in b+tes so that it consists of 1#b+tes lon(. This ste* is done in an+ circu&stance includin( .hen the &essa(e is alread+ eNual to 1#-b+tes. 0. A 1#-b+te chec! su& is created of the &essa(e after ste* on is *erfor&ed. This ste* uses a 05#-b+te &athe&atical *er&utation ta!en fro& the nu&erals of *i CYD. 3. An M5 buffer is then created> .hich consists of a 4,-b+tes. 4. An Identical 05#-b+te *er&utation as used in ste* 0 creates a *rocess &essa(e in 1#b+te bloc!s. 5. Assu&in( that ever+thin( .ent correctl+ the &odified &essa(e di(est is out*utted.
;(?
;(? )tands for Messa(e 5i(est 4. This al(orith& .as created in 133/ b+ ;onald ;ivest. It essential re*laced itBs *redecessor M50 CMessa(e 5i(est 0D.It .as desi(ned for 30-bit s+ste&s. It is used to (enerate -T hash di(ests for Windo.s -T> OP> Qista> and 7. )ince M54 and M55 onl+ have a fe. differences I decided to &er(e the& both into one> so if +ou read belo. +ou .ill find out &ore infor&ation on ho. M54 and M55 .or!.
;(4
;(4 stands for &essa(e di(est 5. It is s*ecified in ;%C 1301 and .as first *ublished in 1331 b+ ;onald ;ivest. It is re*resented b+ a 30-di(it lon( he2adeci&al nu&ber. It .as co&&onl+ used alon( .ith the rest of the &essa(e di(ests u* until 133# that revealed vulnerabilit+ that dre. *eo*le to use other al(orith&s such as ) A-1> .hich .ill be e2*lained a little later. Thou(h the ori(inal vulnerabilit+ .asnVt &aAor it still deterred *eo*le fro& usin( it and in 0//4 a &aAor vulnerabilit+ .as discovered and
led to &an+ abandonin( it. M54 and M55 are described belo.F 1.The &essa(eBs len(th is e2tended to 44,-bits. 6ven .hen the &essa(e is eNual to 44,> this ste* is still *erfor&ed. 0. The #4-bit &essa(e before *addin( is a**ended to the end result of the *revious ste*. 3. A buffer is used to create a &essa(e di(est. The buffer consists of four-.ords.
4.Three functions are defined .ith three 30-bit .ords and s*its out one 30-bit .ord.
5. The &essa(e di(est *roduces the out*ut. Accordin( to ;%C 1301 the differences are as follo.in(F W A fourth round has been added. W 0. 6ach ste* no. has a uniNue additive constant. W 4. 6ach ste* no. adds in the result of the *revious ste*. This *ro&otes a faster @avalanche effect@. W 5. The order in .hich in*ut .ords are accessed in rounds 0 and 3 is chan(ed> to &a!e these *atterns less li!e each other. W The shift a&ounts in each round have been a**ro2i&atel+ o*ti&i=ed> to +ield a faster @avalanche effect.@ The shifts in different rounds are distinct. All credit (oes to the authors of ;%C 1301 for the $ori(inal' differences bet.een M54 and M55.
S.A-8
S.A-8 stands for )ecurit+ ash Al(orith& but its ori(inal na&e .as )ecure ash )tandard. It .as believe to be based on ;onald ;ivestVs M5 C&essa(e di(estD al(orith&s. It .as first introduced in %IP) 1,/ in 1333 b+ The -ational Institute of )tandards and Technolo(+ C-I)TD. ) A-/ and ) A-1 both creates a 1#/-bit di(est
derived fro& a &essa(e .ith an end len(th of 0#4 9its. ) A-1 .as then re&oved b+ the -)AJ reason (iven .as that there .as serious vulnerabilit+ that .as *atched in ) A-1 in 1335 in %IP) 1,/-1.
S.A-9
S.A-9 is al&ost identical to ) A-/J onl+ one thin( differs bet.een the t.o. This difference is in the bit .ise rotation in the co&*ression function. This .as chan(ed b+ the -)A fi2in( the so-called vulnerabilit+ in securit+.
S.A-2
S.A-2 li!e its $fa&il+' stands for )tandard ashin( Al(orith& 0. ) A-0 co&es in a fe. different version includin( ) A-004> 05#> 3,4> and 510 bit. ) A-0 .as first introduced in 0//1 in 1,/-0. These versions .ere used in Nuite a fe. thin(s. In e2a&*le ) A-05# is used in 5ebian 8inu2 )oft.are Pac!a(es. 4ther uses for ) A-05# and ) A-510 are used on various Zni2 4)Vs for *ass.ord hashin(. Thou(h ) A-0 is .idel+ used> it .ill &ost li!el+ be re*laced b+ the finished develo*&ent of ) A-3.
S.A-5
S.A-5 J .hich .ill re*lace itVs for&er versions of ) A is still in develo*&ent. Its set finish date is in 0/10. I donVt have &uch &ore infor&ation about ) A-3> so this .ill unfortunatel+ end the ) AVs.
Co11on Atta'$s
Brute 0or'e is a &ethod used to brea! encr+*tion b+ s*ecif+in( a nu&ber of certain variables to the !e+ and tr+in( each !e+ until the correct !e+ has been discovered. A !e+ is a *iece of infor&ation that .ill deter&ine the out*ut. This &ethod is controversial on .hether this attac! is still useful. -o.> +es the+Vre other &ethods to crac!in( the !e+. These &ethods .ill be e2*lained later> but so&e of the reasons for this
to be ineffective are because of the ti&e it ta!es to crac! the !e+. This is a variable that can be chan(ed throu(h a fe. thin(s li!e a &ore *o.erful s+ste&> usin( certain *ro(ra&s> and utili=in( certain thin(s to Nuic!en the ti&e. Kou can also reduce ti&e b+ chan(in( the character sets for e2a&*le if +ou are brute forcin( a hash and +ou !no. that the !e+ is onl+ in lo.ercase letters and nu&bers. Then it is not necessar+ to have u**ercase characters included in the attac!. This .ill initiall+ save ti&e and .hen +ou utili=e other shortcuts> +ou can definitel+ shorten the ti&e it ta!es to brute force a !e+. Another *roble& .ith brute force is that in so&e cases +ou canVt tell .hether +ou have successfull+ found the correct !e+ or not. These *roble&s &i(ht encoura(e +ou to *ic! another &ethod of attac!. (i'tionary* ord list Atta'$ is a &ethod that is tr+in( to brea! an encr+*tions !e+ b+ tr+in( all the .ords in the 5ictionar+: Word list Kou &a+ sa+ to +ourself> .h+ donVt sa+ one or the other. Well> I donVt sa+ one or the other because fran!l+ this attac! can actuall+ be a list of .ords that ha**en to be fro& a actuall+ dictionar+ li!e WebsterVs 5ictionar+> It &a+ Aust be a rando& list of .ords that +ou &ade u* +ourself for a s*ecific tar(et> or it could Aust be a rando& list &ade u* of rando& *hrases and al*ha [nu&eric characters. These &a+ also be .ords of another lan(ua(e for e2a&*le if +ou s*ea! 6n(lish but .ant to *ic! so&ethin( that so&ebod+ &i(ht not (uess and +ou decide to use a .ord fro& another lan(ua(e such a )*anish. Then that &i(ht &a!e +our *ass.ord &ore secure. There are &an+ .ord lists that can be found all around the .eb> it Aust ta!es a certain search on +our favorite search en(ine and +ou have found a .ord list that +ou .ere loo!in( for. This &ethod can be fast de*endin( on ho. far do.n the *ass.ord is on this list. Thou(h> a bad thin( about this attac! is that the *ass.ord that +ou are loo!in( for &a+ not be on the list> .hich is reall+ a bi( .aste of ti&e on +our *art. To increase +our chances +ou should do so&e research on the tar(et before +ou do this attac! to hel* cut ti&e. Also as &entioned above> so&e *ro(ra&s and utilities can Nuic!en this *rocess. 4ne other thin( that &i(ht be alread+ built in to so&e *ro(ra&s is that it .ill ta!e the .ord and invert it or scra&ble it to tr+ to &a!e different .ords. This &i(ht increase +our chances on the effectiveness of the attac!. ;e&e&ber to do so&e research on the tar(et and *ic! a .ord list that fits that situation in order to increase +our chances and save ti&e.
O"erating Syste1s
2 ritten by ratdan'e6
A(ain in &+ ori(inal .5oc> I didnBt encoura(e an+ 4-6 4)...and so..no...I .ill. htt*F::....slac!.are.co&: is b+ far the oldest and still &aintained 8inu2 4)> on the -et> and I (uarantee &ost if not all 4ld school ac!ers are on it and true as*irin( hac!ers are headed to.ards it. Then .e have htt*F::....debian.or(: that is a 8inu2 based on a ?-IO such as htt*F::o*enbsd.or(: > htt*F::....freebsd.or(: > htt*F::....netbsd.or(: I .ould li!e to ta!e a &o&ent to *oint out that 4)O is in fact built on htt*F::....freebsd.or(: and .hen +ou s*a.n a 9A) shell on 4)O> it is a %9)5 ?-IO shell +ouBre no. in. I reall+ .ant to (et on a soa*bo2 and *reach about 49)5> %9)5 and -9)5> but .ill refrain.
Se'urity
2 ritten By) ratdan'e6
ItBs a fic!le subAect> securit+Cor lac! there ofD Co&*ro&ise.. allo. &e to ta!e a &o&ent to clarif+ so&ethin(... .here did the *hrases @9lac! hat@ and @White hat@ even co&e fro&" .ell> datin( bac! to the Co.bo+Bs H Indians or Western> Movies> +ou .ould notice the social *eriahBsCbad (u+sD .ere in 9lac! hatBs> .hile Mohn Wa+ne and the stereot+*ical .ere in White hatBs -o.> contrar+ to *o*ular belief> this doesnBt &a!e us 9lac! hatBs bad an+&ore than it &a!es a White hat> (ood. We Aust ta!e a different a**roach to &atters. 62a&*leF I &+ self> after IBve found a vulnerable server:.or!station> .ill (o ahead and bounce fro& a Bdais+ chainB of Pro2ies> Win(ates and QP-Bs then tunnel &+ e2*loit codeC&ost often coded b+ &eD to said server:.or!station. <ain root or elevate said access to root> then create an account or add a !e+ lo((er for *ur*ose of (ainin( an e2istin( users account> or to allo. &e to rlo(in>in..h&&..4K>because I al.a+s *reach about teachin( .hat +ou *reach about> allo. &e to elaborate on ;84<I-F
&>OG-N
-4T6F this is -4T the onl+ &eans to re&ote access via ?-IO co&&ands>and is onl+ an e2a&*le. Please do ta!e the ti&e to learn ?-IO:8inu2 and itBs co&&andsF
;lo(in reNuires the user to have a file in their ho&e director+ that tells .hat s+ste& the+ can receive the rlo(in fro&. In this file .rhosts it .ould loo! li!e thisF user na&e host na&e CorD host na&e If +ou .ere to add to this file \ \ it .ould let an+ user fro& an+ host lo(in .ithout a *ass.ord. The file .ould loo! li!e thisF ----- cut here -----\\ --cut here -----if the+ alread+ had entr+Bs +ou could add the \ \ under their host na&es> but re&e&ber no. the+ .ould notice seein( the+ .ould no. be able to rlo(in .ithout the *ass.ord. Kou .ould be tar(etin( *eo*le that did not alread+ have a .rhosts file. then fro& +our shell> it .ould beF rlo(in re&ote]host na&e 6nter O& rlo(in -l ^co&*ro&ised user acct na&e_ 6nter
inGate
2 ritten by) ratdan'e6
Was:is a soft.are &ade b+ Micro`oft> that is a near eNuivalent to a *ro2+. li!e netcat> telnet or )) > via 9A) or 54) CM5 Pro&*t> then once connected> it is as &indless as enterin( the IP of the IP +ou ne2t .ish to connect to. And so +ou can i&a(ine itBs ease of use in chainin( (ates and *ro2ies>to(ether. Win(ates> b+ default> run on *ort 03> but often are reconfi(ured to a hi(her location *ast the IA-A 1/04
-ANA
htt*F::....iana.or(:...ts:*ort-nu&bers Internet Assi(ned Ports Authorit+. This is .ho decides .hat runs on .hat *ort or *ort ran(e. 9ut once a(ain> I di(ress. The 9lac! hatBs see&in(l+ &alicious nature>is not inherentl+ so. <ranted> &an+ of the ne.er (eneration .ill use it to Austif+ unreNuired 5o) or 554) attac!s> virii> troAans>etc. I .ould li!e to *oint out that 5o) attac!s have an authentic *ur*ose. In e2a&*leF If I (et a re&ote H ad&inistrative access to an M` &achine> then set u* a ne. account or *ro(ra&> often enou(h it is reNuired that> that &achine reboots before the ne. acct or *ro(ra& co&es into full *la+..and so> should it be .e .ere unable to &anuall+ reboot said &achine> .e ver+ .ell &a+ use a for& of 5o):55o) to it to do so. This is indeed a rare event> ho.ever I have e2*erienced the need to do so in the *ast. 5eface&ents" <uilt+ on several accounts. It &a+ ver+ .ell be that once .e have co&*lete our root Aob> that .e have Nuietl+ cleaned u* all lo(s and an+ incri&inatin( evidence> and donBt feel the need to do the other.ise inco&*etent Ad&ins Aob of securin( his obvious insecure &achine. %urther &ore> not .antin( to lose our ne.l+ acNuired user:root shell to another ac!er or...Zsi(hZ so&e rando& ha*less s!idd+> .e .ill e&ail the ad&in fro& a s*oofed e&ailCso&eone re&ind &e to co&e bac! and lecture on )MTP s*oofD> or via his o.n e&ail fro& co&*ro&ised &achine. There is no rule .ritten in stone> but on avera(e .e tend to .ait fro& 3 da+s to 1 .ee! before .e send a 0nd e&ail .arnin( of said vulnerabilit+> then sa&e *eriod before .e flat out deface in order to screa& to both to the *ublic and ad&in @K4? AQ6 A ;6M4T6 486 8A;<6 6-4?< T4 PA;K A MAC T;?CK I-T4@ and bac! u* the inde2 to .old and &ention the sa&e in the deface&ent. Most *ut u* so&e i&*ressive (ra*hics. In an earlier ti&e> .e .ould all send our deface&ents to htt*F::....attrition...it+:co&&entar+:..in fact> so&e of &+ cre.s deface&ents are buried so&e.here in here. suidre.t e2F htt*F::attrition.or(...a&eri-soft.co&: > there are Nuiet a fe...but I donBt thin! .ade .ill ta!e !indl+ to &e see&in(l+ encoura(in( deface&ents. )o&e (et reall+ (ra*hic.
The entiret+ of &+ *oint bein(>root shells and deface&ents &eans little else other than +ouBve invested so&e ti&e into researchin( re&ote H local vulnerabilities and &erits little to no reco(nition. At best> +ou can use it as an e2a&*le to teach ho. to carr+ out a /da+ +ou have discovers.....ell 4K> if +ou have +our o.n /da+" T AT .ill (et +ou &uch &erit and res*ect.
8(ay*Oh'(ay
A local:re&ote vulnerabilit+ that has been discovered> e2*loited> docu&ented and released .ith in a 04 hour *eriod. it is / da+s old.
.ats
All this raises a Nuestion about the ;ole of the White hat co&&unit+. %act is> White hatBs are si(nificantl+ &ore *roductive than the 9lac! hat> as the+ oft .ill find> re*ort> fi2 then docu&ent and &a!e infor&ation *ublicall+ available to learn. such !e+ sites as htt*F::....securit+focus.co&: are a (lea&in( e2a&*le of the White hat role in the under(round. -oteF do si(n u* 9u(traN for dail+ vulnerabilit+ infor&ation via dail+ e&ails. Kou .ant to thin! t.ice before selectin( A88 cata(ories as the+ co&e in s.ar&s and are rarel+ all covered in less than a fe. hours> dail+. The 9lac! hatBs issue .ith the White hat release of infor&ation is that .eC9lac! hatBsD are a fir& believer in B%ull 5isclosureB of infor&ation> as such sites as....&il./r&.co& .here docu&entation and code .ith full e2*lanation for o. and Wh+ the e2*loit is and .or!s. The White hats &ean to control the da&a(e and educate> the 9lac! hatBs &ean to educate via da&a(e as an e2a&*le. Kes even via release of Qirii> the *oint is to &a!e a *oint of hu&an i(norance or .ea! soft.are> vulnerable hard.are..and the fairl+ true Nuote @There is no cure for u&an )tu*idit+@ -o.> donBt see this as a di(ital .ar bet.een 9lac! H White. Qer+> ver+ often +ou .ill see 9lac! and White hatBs rehabilitatin( in the sa&e I;C channel> %oru&s> 5efConBs>etc. M+ self as an e2a&*le> a certifiable 9lac! hat educatin( on an other.ise White hat foru&. There is little choice but to a(ree to disa(ree for both sides. This re-invo!es a *rior *oint..5o):554). An+ T;?6 ac!er> 9lac! or White hat> .ill be -4 fan of a &alicious *ointless 5o) or 554) Attac! as it is a blatant 5enial of Infor&ation. If the 9lac!s and Whites have A-KT I-< in co&&on" it is to challen(ed our o.n and otherBs &inds> learn and &a!e bi((er and better all .e co&e
across. I &+ self a& no fan of 5o):55o) for sa!e of a .ea! failed atte&*t at fa&e. All of this...thus far> and I a& far fro& done> raises its o.n Nuestion....@Wh+"@ Wh+ *ost all this> .h+ fi(ht to encoura(e or even enforce others to learn &ore and faster> .h+ &a!e it all a bi( *ublic scene> dail+.. To Quote Isaac Newton(if I may : /-f - have seen further it is by standing on the shoulders of Giants/ When I be(an in 13,3 on &+ T;),/> dialin(Cliterall+...D into 99)BsC9ulletin 9oard )+ste&sD> all .e had .as a static di(ital foru& .here .e left notes for one another on @ho. to@ of stuff .e .ere all learnin( as .e .ent. fro& 9A)IC *ro(ra&&in(> 9asic )ecurit+>ho. to code our o.n 99)>etc> the first M9CMe(ab+teD hadnBt +et e2isted> and all .as in K9Bs. M+ dial u* s*eed .as &easured in 9aud....9aud....1 !9d G 1>/// 9dCbaudD e2*lained as s+&bols *er second or *ulses *er second. I .as> at that ti&e> on a 4//9aud internal &ode&..&+ &ode& .as built I-T4 &+ !e+board as .ell &+ video> ra& and all *eri*herals. Kou couldnBt i&a(ine the da+ I (o &+ 10.0!b Mode&P The (lee..I .as sure I .as dialin( out at brea! nec! s*eeds.. then &+ first 5#!.. then I)5-CInte(rated )ervices 5i(ital -et.or!> 5/ ti&es faster than standard &ode&sD .hich is still a dial u*> Aust fastest PPPCPoint to Point ProtocolD dial u* before &+ 5)8C5i(ital )ubscriber 8ine> 4 ti&es faster than I)5-D and soon after A5)8PCAs+&&etric 5)8D> then &+ first 4c10PC4*tical Carrier 10 is a hi(h-band.idth @*i*e@ connection to the Internet o*eratin( at s*eeds 10 2 51.,4 G #00./, &e(abits *er secondD 4c4,PP then T1Cdevelo*ed b+ ATHT 9ell 8abs on T.isted Co**er PairD e2*erience at .or!> then T3P and..as of this *a*er> &+ Cable 6thernet at 7.7Mb*s C&e(abits *er secondDJ and &+ *ri=ed &e&or+ .as 10,!b> built into &+ !e+board> no. on 4<b and 0<b bet.een )8IBd <e%orceBs...*oint bein(..all of this .ith in 1 life ti&e and still (oin(. I be(an at a(e 1/-11> no. 37> IBve seen and lived fro& flo**+ discs> to dis!ettes> to C5Bs to 5Q5Bs> to Qirtual 5rives> and it (oes on... @If I have seen further it is b+ standin( on the shoulders of <iants@ All of that Technolo(ical *ro(ress .as established b+ the (enerations that be> learnin( fro& the e2*erience and notes>docu&ents>*osts>;%CBsCreNuests for co&&entD of the *rior (eneration> allo.in( the ne2t (eneration to slin(shot for.ard and *ro(ress e2*onentiall+ faster than the (eneration *rior. 4K> so .hat do toda+Bs co&&unit+ (et fro& it" We (et to live to e2*erience the ne2t ste* then live to contribute to the *ro(ress the ne2t (eneration &a!es for the (eneration co&in(. I .as born into the Kilob+tes and a& breathin( the Terraflo*sC%loatin( *oint 4*erations Per )econdD and Terrab+tes. let &e sho. +ou .here I be(an and a& here to e2*erience
-!ilob+te GG1>/04 b+tesJ M+ &e&or+ on &+ T;),/ .as 10,!b and 4//9uad Mode& -&e(ab+te GG1>/04 !ilob+tesJ -(i(ab+te GG1>/04 &e(ab+tesJ -terab+te GG1>/04 (i(ab+tesJ M+ current 55 is 1.5 Terrab+te fro& da+s of &+ 10,!b cache &e&or+ I crunch data and co&*ile code faster than I .ould ever i&a(ine .hen I .as a teen I u*:do.n load and burn entire &ovies .ith in &inutes>.hen I used to .ait da+s to do.nload an &*3 or a .doc file I code a**s no.> I used to drea& of o.nin( I a& fluent in &ore 4*eratin( )+ste&s and Pro(ra&&in( 8an(ua(esC&ost lo. level> at thatD than I s*ea! lan(ua(es. The old school have the ne. school to than! for ta!in( the *assed torch and runnin( .ith it> the ne. school have the old school to than! for runnin( .ith the torch and *assin( it. Kes> I do ride the ne. (enerations case> and often..and hard...can +ou +et see .h+" IB& not dead>+et> and far fro& it. I .ant to live to see .hat is ushered into the di(ital .orld>ne2t> and it .ill be the ne. (eneration of ac!ers> that start the *rocess.
&0C
2 ritten by) Aviator3456
;%C - ;eNuest for Co&&ents.. *ublished b+ the I6T% CInternet 6n(ineerin( Tas! %orceD describin( research> advance&ents> behaviors> and &ethods that deal .ith the internet and s+ste&s that use the internet. The ori(in of ;%C .as in 13#3 as *art of the A;PA-6T CAdvanced ;esearch ProAects A(enc+ -et.or!D *roAect. SAs a side note> A;PA-6T .as the ver+ first o*erational *ac!et s.itchin( net.or!.. the ori(inal internetT Currentl+> it is the official *ublication channel for the I6T%> IA9 CInternet Architecture 9oardD> and &uch of the (lobal co&&unit+ of co&*uter net.or! researchers.
In the be(innin(> onl+ hard co*ies of the first ;%Cs .ere s*read around and .ere .ritten in a infor&al st+le> .hich is no. co&&on for ;%C drafts *rior to a**roval. In 5ece&ber of 13#3> ;%Cs be(an bein( distributed via the ne.l+ created A;PA-6T. ;%C 1>called @ ost )oft.are@> .as .ritten b+ )teve Croc!er fro& ?C8A C?niversit+ of California> 8os An(elesD> and .as *ublished on A*ril 7> 13#3. ;%C 3 ori(inall+ defined the ;%C series and .as attributed to the @-et.or! Wor!in( <rou*@ created b+ Croc!er. %ro& 13#3-133,> Mon Postal .as the ;%C editor. After the A;PA-6T contract e2*ired> the BInternet )ociet+B acted on behalf of the I6T% .hen it contracted .ith the ?)C Infor&ation )ciences Institute> net.or!in( division in order to edit and *ublish. The ;%C 6ditor assi(ns each ;%C a uniNue nu&ber. 4nce *ublished> a ;%C is never &odifiedJ Instead> if the docu&ent reNuires a chan(e> the authorCsD *ublish a revised docu&ent. Therefore> so&e ;%Cs re*lace others. To(ether> the ;%Cs co&*ose a continuous historical record of the evolution of Internet standards. !ee* in &ind> the ter& B;%CB is also used b+ several other (rou*s> ho.ever I6T% is the best-!no.n. Thou(h &ost ;%Cs are authored b+ (rou*s s*onsored b+ institutions> individuals and s&all (rou*s also have the abilit+ to *resent an ;%C for *ublishin(. -ot all ;%Cs are internet standards> each is (iven one of the follo.in( statusesF 1D Infor&ational - This status includes nearl+ an+thin(> fro& A*ril 1st Ao!es to essential ;%Cs Cfor e2a&*le> see ;%C 1531D 0D62*eri&ental - Can be I6T% docu&ent or individual sub&issionJ )o&e docu&ents are not *ro&oted to B)tandards Trac!B solel+ because there are no volunteers for the *rocedural details. 3D9est Current Practice C9CPD - 5ocu&ents .ith this status include ad&inistrative and other te2ts considered the official BrulesB> but do not affect over the .ire data. 9CP also includes technical reco&&endations for ho. to *ractice internet standards. C;%C 0,07 refers to ho. to &a!e a 5o) attac! &ore difficultD The difference bet.een 9CP and )tandards Trac! docu&ents is often unclear. 4D)tandards Trac! - 5ocu&ents are divided into Pro*osed )tandard> 5raft )tandard> and Internet )tandard 5D istoric - These docu&ents have been re*laced .ith ne.er> u*dated versions or been re&oved fro& use alto(ether. %or &ore details about ;%Cs and the *ublishin( *rocess> see ;%C 0/0#F htt*F::tools.ietf.or(:ht&l:rfc0/0#
!roto'ols
AKAF o. .e flin( *ac!ets around and across the internet> across and at -et.or!s> to and fro& 8A-Clocal area net.or!D to 8A-> 8A- to WA-C.ide area net.or!D> WA- to MA-C&etro*olitan area net.or!D> etcJ o. .e (et an IMCinstant &essa(in(D &essa(e across to anotherCi.eF Kahoo to M)->etcDJ o. .e send files to one another and usuall+ not lose an+thin( of the sent file in the *rocess of doin( soJ o. .e 5o) and 55o) each other off the net li!e cluebie s!idiot cha&*ions.
-!
IP - Internet Protocol.. used for transferrin( data across net.or!s usin( TCP:IP. IP is the *ri&ar+ Internet 8a+er *rotocol and is used for trans&ittin( *ac!ets fro& the source host to the destination host> based solel+ on their IP Addresses. %or this reason> IP defines several &ethods and structures for addressin( hosts. IP enca*sulates data fro& u**er la+er *rotocols in order to deliver it to the destination host. In Ma+ 1374> the Institute of 6lectrical and 6lectronic 6n(ineers CI666D *ublished a *a*er titled @A Protocol for Pac!et -et.or! Interconnection@ .ritten b+ Qint Cerf and 9ob Kahn. It described a *rotocol for transferrin( *ac!ets a&on( nodes. TCP CTrans&ission Control ProtocolD .as the &ain co&*onent of this &odel and included both connectionoriented connections and data (ra& services bet.een hosts. This .as later se*arated into TCP at the connection-oriented la+er and IP at the internet-.or!in( la+er. This &odel beca&e !no.n as TCP:IP> thou(h it is also called the Internet Protocol )uite. The &ost .idel+ used inter-net.or!in( *rotocol is IPv4 Cas described in ;%C 731 in the +ear 13,1D. The successor to IPv4 is IPv#J The &ost notable difference is the addressin( s+ste&. Q4 uses 30-bit addresses Ctotalin( R4.3 9illionD .hile v# uses 10,-bit addresses Ctotalin( 34/ undecillionD. 9ecause of IPBs enca*sulation> it can be used over a &i2ed net.or!. Cone that contains co&*uters connected via 6thernet> to!en rin(>
Wi-%i> etcD As a result of each different net.or! t+*e usin( its o.n &ethod of addressin(> address resolution is handled b+ the Address ;esolution Protocol CA;PD for IPv4> and the -ei(hbor 5iscover+ Protocol C-5PD for IPv#. IP Addressin( and routin( are *ossibl+ the &ost co&*le2 *art of the Internet Protocol. Addressin( refers to ho. hosts are assi(ned IP addresses and ho. sub net.or!s are (rou*ed to(ether. IP routin( is *erfor&ed b+ all hosts> but &ost cruciall+ b+ internet.or! routers that t+*icall+ use either Interior <ate.a+ Protocols CI<PsD or 62ternal <ate.a+ Protocols C6<PsD to &a!e IP *ac!et:data(ra& for.ardin( decisions across internet connected net.or!s. IPBs desi(n *rinci*les assu&e that the net.or! is co&*letel+ unreliable at an+ sin(le net.or! ele&ent and it is d+na&ic in availabilit+ of lin!s and nodes. That is to sa+> It doesnBt &atter is a router is do.n> a Trans-Atlantic cable is cut> etc> the infor&ation .ill al.a+s find a *ath to the host that .or!s. o.ever> there is no (uarantee of deliver+. There is no central &onitorin( of the state of the net.or!. In order to reduce the co&*le2it+ of the net.or!> the infor&ation in the net.or! is located *ri&aril+ in the end nodes of each trans&ission C!no.n as the end-to-end *rinci*leD. This unreliable s+ste& can result in data corru*tion> lost *ac!ets or data(ra&s> data du*lication> out-of-order *ac!et deliver+ CPac!et 5 arrives before *ac!et 4> etc.D The onl+ error *revention IP includes is a chec! su& that is chec!ed at the routin( nodes Cho.ever> this discards *ac!ets .ith bad headers instantl+D IPv# abandons the chec! su&> thus *rovidin( a faster transit throu(h routin( ele&ents in the net.or!. The four nu&bers in an IPv4 Address are called BoctetsB because the+ have , *ositions .hen vie.ed in binar+ for&. These octets are used to create classes of IP addresses that can be assi(ned to a *articular business> (overn&ent> etc. based on si=e and need. the octets are s*lit into -et and ost Calso called -odeD. the -et section is al.a+s the first octet and is used to identif+ the net.or! an address belon(s to. The ost> or -ode> identifies the s*ecific co&*uter on a net.or! and contains the last octet. There are 5 IP classesF Class A - used for ver+ lar(e net.or!s> includes addresses .ith the first octet 1 to 10#> account for half of all IP addresses> and the first binar+ nu&ber in the first octet is al.a+s a / C=eroD
Class 9 - used for &ediu&-si=ed net.or!s> first octet fro& 10, to 131> also includes the second octet as *art of the -et identifier Cother t.o octets used to identif+ ost:-odeD> &a!es u* a total of 1:4 all IP addresses> first binar+ nu&ber is 1 ConeD and second is / C=eroD in the first octet Class C - co&&onl+ used for s&all to &id-si=e businesses> first octet fro& 130-003> include second and third octet as *art of the -et identifier> contains about 1:, of all IP addresses> first binar+ nu&ber is 1 ConeD> follo.ed b+ 1 ConeD> follo.ed b+ / C=eroD in the first octet Class 5 - ?sed for &ulticasts> first binar+ di(its are 1-1-1-/ Cone-one-one-=eroD> the other 0, bits are used to identif+ the (rou* of co&*uters the &ulticast &essa(e is intended for> includes 1:1# of all IP addresses Class 6 - %or e2*eri&ental *ur*oses onl+> binar+ di(its are 1-1-1-1 Cone-one-one-oneD> the other 0, bits are used to identif+ the (rou* of co&*uters the &ulticast &essa(e is intended for> includes 1:1# of all IP addresses
The OS- 2&eferen'e6 ;odel -n All -ts Glory hat is the OS- ;odel%
$True )tor+'
)o .hat is the 4)I Model" 4)I Model stands for the 4*en )+ste& Interconnection ;eference &odel. The 4)I &odel details ho. infor&ation fro& a soft.are a**lication in 9o2 1 &oves throu(h a net.or! &ediu& to a soft.are a**lication in another 9o2 0. 4r for a bit &ore technical .a+ to s*ell it outF an abstract descri*tion for la+ered co&&unications and 9o2 net.or! *rotocol desi(n. )i&*l+ *ut the 4)I &odel ta!es a net.or! architecture and cho*s it u* into 7 $8a+ers' Cthe la+ers .ill be e2*lained in de*th later onD.
$This 7 la+er reference &odel defines a conce*t of &ovin( infor&ation bet.een net.or!ed 9o2Bs. It describes ho. infor&ation flo.s fro& one end-user a**lication throu(h a net.or! into another a**lication. The 4)I &odel is considered the *ri&ar+ architectural &odel for inter-9o2 co&&unications.'-Philli*> s*eed(uide.net The &odel doubles as a ho.-to so to s*ea!. ItVs a (ood *lace to start if +ouBre loo!in( to (et into an+thin( as far as net.or!in(> havin( a (ood understandin( of the 4)I &odel is essential. 6s*eciall+ if +ouBre *lannin( on (ettin( an+ t+*e of Cisco certification. Thin! of the &odel as a factor+ Ca ver+ s&all oneD and the la+ers are 7 *eo*le> .ho& .or! there. 8etVs sa+ the+ &a!e to+s> no. each *erson has a s*ecific tas! that the+ &ust co&*lete in order for a to+ to reach its final sta(e. The &odel in itself is the $housin('> so to s*ea! for the various la+ers to conduct their business and o*erate in.
here (id The OS- ;odel Co1e 0ro1%

Personall+ I see the histor+ and evolution of an+thin(> the &ost i&*ortant *art of the stor+. o. can +ou trul+ !no. so&ethin( or about so&ethin( unless +ouBre sure of its *oint of ori(in and its histor+" The 4)I Model .as desi(ned b+ the International 4r(ani=ation for )tandardi=ation CI)4D. Althou(h the .or! for a net.or! architecture started before the &id 13,/as. The International tele(ra*h and Tele*hone Consultative Co&&ittee Cor CCITTD and the International 4r(ani=ation for )tandardi=ation both too! *art in develo*in( a standardi=ed net.or! architecture. Al&ost all of the as*ects of the 4)I &odel Cthe desi(n an+.a+D> ca&e fro& e2*eriences fro& the CKC8A56) net.or! .hich .as also ver+ influential in internet desi(n.
So .ow does this a'tually wor$%

This Nuestion as +ou &a+ have (uessed b+ no. is not easil+ ans.ered b+ a si&*le one-liner C.ould have been nice thou(hD. -o. +ou !no. basicall+ .here its fro& and .hatBs in it. 8ets ta!e a loo! at ho. it .or!s. Protocols enable an+ for& of connectivit+ via a 9o2 to interact .ith another 9o2 usin( the sa&e la+er> for a tas! that is the sa&e and:or different. 5ifferent la+ers of the 4)I &odel can and often do interact .ith another la+er fro& another 9o2> due to the fact
that the 4)I &odel is the net.or! architecture for a &aAorit+ of the 9o2Bs out there C&ostl+ *ost-137/asD. The above si&*l+ su&&ari=es the 4)I &odel> lets (o a bit $dee*er into the rabbit hole' to see .here it leads and 6OACT8K .hat it is its doin(.
The >ayers
There are 7 8a+ers in the 4)I Model and the+ are as follo.sF 1. Ph+sical 0. 5ata 8in! 3. -et.or! 4. Trans*ort 5. )ession #. Presentation 7. A**lication 5onBt be alar&ed itVs not that &uch. 9esides this is Aust the introduction to the la+ers> the !yn of the conversation if +ou .ill. 6ach la+er has a different Aob to do at different ti&es but li!e a lin! in a chain the+ all rel+ on each other to (et said obAective co&*leted. We are (oin( to (o la+er-b+-la+er and e2*lain its function> describe said la+er in detail> and tell +ou .hat data is called in certain la+ers. )o letVs be(inPP
The !hysi'al >ayer 2>ayer 96

$Without &e +ou .ould be nothin('.
8ets start .ith la+er one. 8a+er 1 is !no.n as the Ph+sical 8a+er. Well .h+" It doesnBt ta!e &uch i&a(ination to fi(ure this one out. The *h+sical la+er defines electrical and *h+sical s*ecifications and reNuire&ents for the devices in +our 9o2. ThatBs it" -o> itVs not. <otcha> the *h+sical la+er does a lot &ore than &onitor electrical si(nals it also> defines the relationshi* bet.een a device and a *h+sical &ediu&. This la+er is also res*onsible for the la+out of *ins> volta(es hubs re*eaters> host bus ada*ters> cable s*ecifications> net.or! ada*ters> tele*hone net.or! &ode&s> I;5A
CInfra ;ed 5ata AssociationD> ?)9 C?niversal )erial 9usD> 6thernet> 5)8 C5i(ital )ubscriber 8ineD> 9luetooth> %ire Wire> and ether-loo*. %urther&ore the The Ph+sical la+er of the 4)I &odel defines the &eans of trans&ittin( ra. bits of data rather than lo(ical data *ac!ets over a *h+sical lin! and net.or! nodes. The bit strea& &a+ be (rou*ed into code .ords or s+&bols and converted to a *h+sical si(nal that is trans&itted over a hard.are trans&ission &ediu&. The *h+sical la+er *rovides an electrical> &echanical> and *rocedural interface to the trans&ission &ediu&. Its &ain function is &edia> si(nal and binar+ trans&ission. This la+er is essential due to the fact that it is a funda&ental la+er underl+in( the lo(ical data structures of the hi(her level functions in a net.or!. In la+&anBs ter&s this is +our foundation for +our house. Mu&*in( a bit ahead> the 5ata lin! la+er and the Ph+sical la+er A;6 -4T T 6 )AM6P If +ou .ill i&a(ine the *h+sical la+er as concerned *ri&aril+ .ith the interaction of a sin(le device .ith a &ediu&. As o**osed to the 5ata lin! la+er .hoBs (reater concerned &ore .ith the interactions of &ulti*le devices Cat least t.oD .ith a shared &ediu&. 6ssentiall+ the *h+sical la+er .ill tell one device ho. to trans&it to the &ediu& at the sa&e ti&e> the *h+sical la+er .ill tell another device ho. to receive fro& it. In 3:1/ of these scenarios it does not tell the device to connect to the &ediu&. )o&e of the &aAor Aobs and functions of the *h+sical la+er are listed as follo.sJ 1. 6stablishin( and ter&inatin( of a connection to a co&&unications &ediu&. 0. Partici*ation in the *rocess .hereb+ the co&&unication resources are effectivel+ shared a&on( &ulti*le users. %or instance contention resolution and flo. control. 3. Modulation> or conversion bet.een re*resentation of di(ital data in user eNui*&ent and the corres*ondin( si(nals trans&itted over a co&&unications channel. These are si(nals o*eratin( over the *h+sical cablin( such as co**er and o*tical fiber or over a radio lin! 4. Auto ne(otiation 5. 9it-b+-bit or s+&bol-b+-s+&bol deliver+ #. Modulation 7. 8ine codin( ,. Its s+nchroni=ation s+nchronous serial connection 3. )tart sto* si(nalin( and flo. control in as+nchronous serial co&&unication.
1/.Circuit s.itchin( 11.Multi*le2in( 10.Carrier sense and collision detection utili=ed b+ so&e level t.o &ulti*le access *rotocols. 13.6Nuali=ation filterin(> trainin( seNuences> *ulse sha*in(> and other si(nal *rocesses of *h+sical si(nals. 14.%or.ard error correction 15.9it rate 1#.Point-to-*oint> &ulti-*oint or *oint-to-&ulti-*oint line confi(uration 17.Ph+sical -et.or!in( To*olo(+> for e2a&*le bus> rin(> &esh or star net.or! 1,.)erial or *arallel co&&unication 13.)i&*le2> half du*le2 or full du*le2 trans&ission &ode The *h+sical la+er is often referred to as P K.
The (ata >in$ >ayer 2>ayer 26

$Knoc!> Knoc!> WhoBs There"'
-o. that .eBve full+ anal+=e the first la+er of the 4)I &odel letBs &ove on to the second la+er. The second la+er is co&&onl+ !no.n as the data lin! la+er. This la+er transfers data bet.een nodes on the sa&e local area net.or!. It *rovides the functionalit+ and *rocedural abilities to transfer data bet.een net.or! entries and &a+ also even *rovide the &eans to detect and *ossibl+ correct errors that &i(ht occur in the *h+sical la+erP It &a+ also transfer data bet.een adAacent net.or! nodes in a .ide area net.or!. )o&e e2a&*les of data lin! *rotocols .ould be 6thernet for local area net.or!s C&ulti-nodeD> the *oint-to-*oint *rotocol CPPPD> 58C C i(h 5ata 8in! ControlD> and A5CCP CAdvanced 5ata Co&&unication Control ProceduresD for *ointto-*oint *rotocol. The *riorit+ of the data lin! la+er is local deliver+ of fra&es bet.een devices on the sa&e 8A- C8ocal Area -et.or!D. 5ata lin! fra&es are .hat these *rotocol data units are called. These do not leave the li&its of the local net.or!. ;eall+ the data lin! *rotocols focus on local deliver+> addressin(> and &edia arbitration. The data lin! la+er can be co&*ared to a co* due to the fact that it endeavors to attribute bet.een *arties contendin( for access to &ediu&. 5eliver+ of fra&es b+ la+er t.o devices is effected throu(h the use of una&bi(uous hard.are addresses. A fra&es header contains source and destination
addresses that indicate .hich device ori(inated the fra&e and .hich device is e2*ected to receive and *rocess it. In contrast to the hierarchical and routable addresses of the net.or! la+er> la+er t.o addresses are flat> &eanin( that no *art of the address can be used to identif+ the lo(ical or *h+sical (rou* to .hich the address belon(s. The datalin! bus *rovides data transfer across the *h+sical lin!. That transfer can be reliable or unreliableJ &an+ datalin! *rotocols do not have the ac!no.led(&ents of successful fra&e rece*tion and acce*tance and so&e data lin! *rotocols &i(ht not even have an+ for& of chec! su& to chec! for trans&ission errors. In those cases> hi(her-level *rotocols &ust *rovide flo. control> error chec!in(> and ac!no.led(&ent and retrans&ission. What does all this &eans +ou" Well the data lin! la+er is often i&*le&ented in soft.are such as net.or! card drivers. The o*eratin( s+ste& .ill have defined soft.are interface bet.een the data lin! in the net.or! trans*ort stac! above this interface is not a .a+ of itself but rather a definition on facin( bet.een la+ers The data lin! la+er also has t.o sub-la+ers The t.o sub-la+ers are co&&onl+ !no.n as lo(ical lin! control subla+er> and &edia access control subla+er. If there .ere a hierarch+ for sub-la+ers lo(ical lin! control .ould have it. The lo(ical lin! control subla+er &ulti*le2es *rotocols runnin( ato* the data lin! la+er> and o*tionall+ *rovides flo. control> ac!no.led(&ent> and error notification. The lo(ical lin! control also *rovides addressin( in control of the data lin! that s*ecifies .hich &echanis&s are to be used for addressin( stations .ere the trans&ission &ediu& and for controllin( the data e2chan(e bet.een the ori(inator and reci*ient &achines. )o no. letBs ta!e a loo! at the &edia access control CMACD subla+er. This as IB& sure +ouBve (uessed b+ no. is the la+er that is under lo(ical lin! control subla+er. This la+er deter&ines .ho is allo.ed to access the &edia at an+ one ti&e. 4ther ti&es it refers to a fra&e structure .ith a Mac address inside. The t.o &ain for&s of &edia access control are distributed and centrali=ed. The thin! of it is t.o *eo*le tal!in( on the *hone in a net.or! &ade of *eo*le s*ea!in(> i&a(ine .atchin( a (rou* of *eo*le> +ou bein( one of the&. -o. i&a(ine tr+in( to deter&ine .ho is (oin( to sa+ .hat the ne2t and letBs sa+ +ou see t.o *eo*le about to be(in s*ea!in( at those t.o *eo*le s*ea! at the sa&e ti&e the+ .ill bac! off and be(in a lon( and elaborate (a&e of sa+in( no +ou first. This subla+er also deter&ines .here one fra&e of data and seven e2cellent starts this is si&*l+ referred to as fra&e s+nchroni=ation. There are four different .a+s that the &edia access control utili=es fra&e s+nchroni=ation the+ are as follo.sJ ti&e-based> character countin(> b+te stuffin( and bit stuffin(.
8etBs ta!e a dee*er loo! at fra&e s+nchroni=ation that .a+ +ou can trul+ understand .hat it is that the &edia access control subla+er actuall+ does for +ou. 1. The first one that .e &entioned .as the ti&e-based a**roach .hich si&*l+ *uts a s*ecific a&ount of ti&e bet.een the fra&es. This is a *ain in the A)P oh due to the fact that ne. (a*s can be introduced CA- be lost due to e2ternal influences. 0. Character countin( si&*l+ notes the count of the re&ainin( characters in the fra&es header. This &ethod ho.ever> is easil+ distributed if this field (ets fault+ in so&e .a+> &a!in( it harder to !ee* u* s+nchroni=ation. 3. 9+te stuffin( this co&es before the fra&e .ith a s*ecial b+te seNuence such as 586 )TO and it succeeds it .ith 586 6TO. A**earances of dle Cb+te value /21/D has to be esca*ed .ith another dle. The start and sto* &ar!s are detected at the receiver and re&oved as .ell as the inserted dle characters. 4. 9its stuffin( si&*l+ re*laces the startin( bloc!s .ith fla(s consistin( of a s*ecial bit *attern. The chances of this bit *attern in the data trans&itted is avoided b+ insertin( a bit. ee hee e2a&*le .here the fla( is /111111/> / is inserted after 5 consecutive 1as in the data strea&. The fla(s in the inserted /as are re&oved the receivin( end. This &a!es for arbitrar+ lon( fra&es and eas+ s+nchroni=ation for the reci*ient. -ote that this stuffed bit is added even if the follo.in( data bit is /> .hich could not be &ista!en for a s+nc seNuence> so that the receiver can run una&bi(uousl+ distin(uished u*dates fro& the bits. As .e did .ith the first *la+er .e are (oin( to list a bunch of the data lin! la+er services> the+ are as follo.sJ 1. 6nca*sulation of -et.or! la+er data *ac!ets into fra&es. 0. %ra&e )+nchroni=ation. 3. 8o(ical 8in! Control )ubla+er 4. 6rror control 5. Media Access Control la+er #. Multi*le access *rotocols 7. Ph+sical addressin( or Mac addressin( ,. 8A- and s.itchin( G Aust *ac!et s.itchin( 3. 5ata *ac!et Nueuin( schedulin( 1/.)tore and for.ard s.itchin( or cut throu(h s.itchin(. 11.Lualit+ of service control 10.Qirtual 8A-Bs CQ8A-D The *rotocol e2a&*les are as follo.sF 1. A;Cnet CAttached ;esource Co&*uter -6T.or!D 0. ATM
3. Cisco 5iscover+ Protocol CC5PD 4. Controller Area -et.or! 5. 6conet #. 6thernet 7. 6thernet auto&atic *rotection s.itchin( ,. %iber 5istributed 5ata Interface 3. %ra&e rela+ 1/. i(h-level data 8in! control 11.I666 ,/0.0 10.I666 ,/0.11 .ireless 8A13.8in! Access Procedures> 5 channel 14.8ocalTal! 15.Multi*rotocol label s.itchin( 1#.*oint-to-*oint *rotocol 17.)*annin( Tree Protocol 1,.)tar8an 13.To!en rin( 0/.?ni-directional lin! detection 01.As .ell as &ost for&s of serial co&&unication
The Networ$ >ayer 2>ayer 56

$What do +ou &ean> Custo&s sto**ed the *ac!a(e"'
A lot of the desi(n and confi(uration .or! for inter-net.or!s ha**ens at la+er 3. Wh+" Well the net.or! la+er Cla+er 3D defines net.or! addresses. I a& not tal!in( about MAC address> .e alread+ covered the& in la+er 0 Cif +ou .here *a+in( attentionD. It covers thin(s li!e Internet Protocol CIPD. It also defines net.or! addresses in a .a+ that route selection can be deter&ined s+ste&aticall+ b+ co&*arin( the source net.or! address .ith the destination net.or! address> and thus a**l+in( the subnet &as!. This la+er defines the lo(ical net.or! la+out> for instance> routers can use this la+er to deter&ine ho. to for.ard *ac!ets. And on to* of that it Cla+er 3D also controls s.itchin(> creatin( lo(ical *aths CQirtual CircuitsD for trans&ittin( data fro& node-to-node.
We alread+ tal!ed about the routin( and for.ardin( functions of this la+er ho.ever there is &oreP The net.or! la+er also handles error handlin(> con(estion as .ell as *ac!et seNuencin( C.hich +ou can do so&e *rett+ evil thin(s .ithD.
&elation to Other layers

As .ith all the above &entioned la+ers the net.or! la+er .or!s .ith the data lin! la+er b+ translatin( lo(ical co&&unication reNuests fro& the data lin! la+er Cla+er 0D > into hard.are s*ecific o*erations to effect trans&ission or rece*tion of electronic si(nals.
.ow the Networ$ >ayer &elates to TC!*-! ;odel

The TCP:IP Model has a la+er called the Internet 8a+er. This is located above the 8in! 8a+er. Most of the ti&e *eo*le .ill consider the Internet 8a+er CTCP:IP ModelD as an eNual or eNuivalent of the net.or! la+er C4)I ModelD. The Internet 8a+er is onl+ a subset of functionalit+ of the net.or! la+er.
The Trans"ort >ayer 2>ayer ?6

$All he !no.s ho. to do is 5o)'.
The trans*ort la+er .or!s .ith the session la+er and se(&ents the data for trans*ort across the net.or!. 4ne (eneral as*ect of the trans*ort la+ers Aob is to ensure that data is delivered error-free> in the *ro*er seNuence> error recover+ as .ell as flo. control. Its res*onsible for enca*sulatin( a**lication data bloc!s into data units called data(ra&s> or se(&ents. Thus &a!in( the& suitable for transfer to the net.or! infrastructure fro& trans&ission the the destination host> or &ana(in( the reverse transaction b+ abstractin( net.or! data(ra&s and deliverin( there *a+load to an a**lication. The *rotocols of the trans*ort la+er establish a direct> visual host-to-host co&&unications trans*ort &ediu& for a**lications and hence the reason .h+ the+ are also referred to as $trans*ort *rotocols'.
I a& .illin( to bet as +ou read throu(h this +ou &a+ be a bit baffled> ho*efull+ not. o.ever +ou alread+ !no. one of the *rotocols that .e have been tal!in( about here Cthat is if +ou !no. an+thin( about *rotocols .hat so everD. The *rotocol that I a& referrin( to is TCP. 8ets ta!e a Cver+D Nuic! loo! at a fe. *rotocols and ho. e2actl+ the+ interact and .hat the+ are. TCPF Trans&ission Protocol data. ;es*onsible for se(&ent si=e> flo. control> the rate at .hich data is e2chan(ed> and net.or! traffic con(estion. 9esides the internet so&e of the other uses of TCP e-&ail and file transfer Ca&on( &an+ other thin(sD. ?5PF ?ser 5ata(ra& Protocol. This *rotocol is also so&eti&es referred to as F ?niversal 5ata(ra& Protocol. )CTPF This is a relativel+ ne. *rotocol. It stands for )trea& Control Trans&ission Protocol. This *rotocol .ill &ost li!el+ be outdated as of I*v#> so there is no *oint in (ettin( into it. %eel free ho.ever to loo! it u* and research it. 5efinitel+ interestin(> Aust not co&*letel+ relevant. ))8F )ecure )oc!et 8a+er. This .as created b+ -etsca*e. The ori(inal *ur*ose of it .as to send *rivate data. It uses cr+*to(ra*hic s+ste& that uses t.o !e+s to encr+*t said data. The first !e+ .as a *ublic !e+ that .as !no.n to ever+one. The second !e+ .as a *rivate !e+ or $secret !e+' that .as onl+ !no.n to the *erson .ho& .as receivin( the &essa(e. 5CCPF 5ata(ra& con(estion Control Protocol. 5CCPas Aob is to I&*le&ent reliable connection setu*> tear do.n> 6C-> Con(estion control> and feature ne(otiation. Throu(h 5CCP n +outh tea& (ained access to con(estion control &echanis&s .ithout havin( to i&*le&ent the& at the a**lication la+er. 6C-F 62*licit Con(estion -otification. 6C- is an e2tension to Internet Protocol. 6C-as Aob is to &ana(e end-to-end notification of net.or! con(estion> .ithout dro**in( *ac!ets. The *recedin( .ere not all of the *rotocols that are used> onl+ a fe..
The Session >ayer 2>ayer 46

$The+ !ee* tr+in( to add &e> 1-.ord> 5enied'.
The )ession 8a+ers Cla+er 5D Aob is to establish> &ana(e and ter&inate co&&unication sessions. )o .hat is a co&&unication session" Co&&unication sessions consist of service reNuests and service res*onses that occur bet.een a**lications located in different net.or! devices. )aid reNuests and res*onses are coordinated b+ *rotocols C.e alread+ .ent over a fe. *rotocolsD i&*le&ented at the session la+er. )o .hat are so&e of the *rotocols bein( i&*le&ented" Well ;e&ote Procedure Calls C;PCD> Ione Infor&ation Protocol CIIPD. 8etVs ta!e a closer loo! at those t.o *rotocols. ;PCF ;e&ote Procedure Calls> is an inter-*rocess co&&unication that allo.s a co&*uter *ro(ra& to cause subroutine or *rocedure to e2ecute in another address s*ace. IIPF Ione Infor&ation Protocol This .as the *rotocol that A**leTal! net.or! nu&bers .here associated .ith =one na&es. The $Ione' .as a subdivision of the net.or! that &ade sense to hu&ans.
The !resentation >ayer 2>ayer @6

$I &ust have &issed so&ethin( or I a& Aust retarded to not understand .hat +ou are tr+in( to sa+.'
ave +ou ever been bus+ and had a friend t+*e for +ou .hether it be for an IM or so&ethin( else" 5id that friend ever &ess u* that &essa(e" Then +our friend is eNuivalent to the Presentation 8a+er on a bad da+. The Presentation la+ers Aob is to *reserve the &eanin( of infor&ation sent across a net.or!. )o ho. does it .or! its &a(ic" It $re*resents' it. And no not li!e a hac!er re*resents the under(round> &ore li!e encodes it. It does this in &ore than one .a+ ho.ever li!e> data co&*ression or encr+*tion.
8etVs ta!e a dee*er loo! inside the *resentation la+er and .hat it doesJ it &ainl+ has the follo.in( res*onsibilitiesF 1. 5ata %or&at. Convertin( the co&*le2 data structures used b+ an a**lication strin(s> inte(ers> structures> etc. into a b+te strea& trans&itted across the net.or!. ;e*resentin( infor&ation in such a .a+ that co&&unicatin( *eerVs a(e to the for&at of data bein( e2chan(ed. 0. Co&*ressin( data to reduce the a&ount of trans&itted data.
The A""li'ation >ayer 2>ayer 36

$<odP'
This la+er is used b+ net.or! a**lications. These *ro(ra&s are .hat actuall+ i&*le&ent the functions *erfor&ed b+ users to acco&*lish various tas!s over the net.or!. The a**lication la+er is the la+er .ith the &ost functions> +a+. It *rovides services for user a**lications to e&*lo+. 8etVs sa+ for instance +ou o*en u* <oo(le Chro&e> no. that itVs u* and o*en doesnBt &ean that it resides in the a**lication la+er. It is ho. ever an a**lication runnin( on +our 9o2. It does ho.ever use so&e of the *rotocols of so&e of the services that are located in the a**lication la+er. TTP C +*er Te2t Transfer ProtocolD or TTP) C +*er Te2t Transfer Protocol )ecureD are *robabl+ the ones that +ouBre &ost fa&iliar .ith. There are a ton of *rotocols that reside in the a**lication la+er. Kou .ill find a lot of the& in the $Protocol ;eference' located belo..
!roto'ol &eferen'e
2written by $illab6
9<PF 9order <ate.a+ Protocol> is the core routin( *rotocol of the entire internetP 9<P &aintains a table of IP net.or!s or $*refi2es' .hich desi(nate net.or! reach-abilit+ a&on( Autono&ous )+ste&s CA)D.
5 CPF 5+na&ic ost Confi(uration Protocol is a co&&unications *rotocol allo.s net.or! ad&inistrators centrall+ &ana(e and auto&ate the assi(n&ent of Internet Protocol CIPD addresses in an or(ani=ations net.or!. 5 CP is an e2tension of an earlier net.or! IP &ana(e&ent *rotocol> 9ootstra* Protocol C944TPD. 5-)F 5o&ain -a&e )+ste& Cor )erviceD> that translates do&ain na&es into IP addresses. 5o&ain na&es are al*habetic. 6ver+ ti&e +ou use a do&ain na&e> a 5-) service &ust translate the na&e into the corres*ondin( IP address. )a+ the do&ain na&e htt*F::....*ac!etstor&securit+.or( &i(ht translate to ##.007.17.13. %TPF %ile transfer Protocol> enables +ou to transfer files fro& one co&*uter to another co&*uter> net.or! or the Internet. Which in-turn e2*lains the ori(in of its na&eJ it .as for&ed as an acron+&. TTPF +*erte2t Transfer Protocol is an a**lication-level *rotocol .ith the li(htness and s*eed necessar+ for distributed> collaborative> h+*er&edia infor&ation s+ste&s. It is a (eneric> stateless> obAect-oriented *rotocol .hich can be used for &an+ tas!s> such as na&e servers and distributed obAect &ana(e&ent s+ste&s> throu(h e2tension of its reNuest &ethods Cco&&andsD. A feature of TTP is the t+*in( of data re*resentation> allo.in( s+ste&s to be built inde*endentl+ of the data bein( transferred. IMAPF The Internet Messa(e Access Protocol CIMAPD is one of the t.o &ost *revalent Internet )tandard *rotocols for e-&ail retrieval> the other bein( the Post 4ffice Protocol CP4PD. I;CF Internet Chat ;ela+> enables *eo*le all over the .orld to tal! to(ether over the internet in real-ti&e sessions in virtual roo&s. Me(acoF Media <ate.a+ Control Protocol> is a QoIP *rotocol. M<CPF Media <ate.a+ Control Protocol> is a *rotocol for the control of Qoice over IP CQoIPD calls b+ e2ternal call-control ele&ents !no.n as &edia (ate.a+ controllers CM<CsD> or call a(ents CCAsD. --TPF -et.or! -e.s Transfer Protocol> the *rotocol used to *ost> distribute> and retrieve $usernet' &essa(es. -TPF -et.or! Ti&e Protocol> is desi(ned to s+nchroni=e the cloc!s of co&*uters over a net.or!.
P4PF Post 4ffice Protocol enables an+ e&ail *ro(ra& an+.here on the Internet to connect to an+ e&ail server to *erfor& the usual e&ail functions> li!e readin( and sendin(> as lon( as the+ have a valid account and *ass.ord. ;IPF ;outin( Infor&ation Protocol is d+na&ic> distance vector routin( *rotocol. ;TPF ;eal-ti&e Trans*ort Protocol o*ens t.o *orts for co&&unication. 4ne for the &edia strea& Can even *ort nu&berD and one for control CLo) feedbac! and &edia controlD - ;TCP. The *ort nu&bers are not hard defined> it de*ends ver+ &uch u*on the a**lication. ;T)PF ;eal-Ti&e )trea&in( Protocol establishes and controls either a sin(le or several ti&e-s+nchroni=ed strea&s of continuous &edia such as audio and video. )5PF )ession 5escri*tion Protocol is a for&at for describin( strea&in( &edia initiali=ation *ara&eters. )IPF )ession Initiation Protocol C)IPD is an Internet 6n(ineerin( Tas! %orce CI6T%D standard *rotocol for initiatin( an interactive user session that involves &ulti&edia ele&ents such as (a&in(> chat> voice> video> and virtual realit+. )MTPF )i&*le Mail Transfer Protocol is a TCP:IP *rotocol used in sendin( and receivin( e-&ail. )-MPF )i&*le -et.or! Mana(e&ent Protocol> is essentiall+ a reNuest-re*l+ *rotocol runnin( over ?5P C*orts 1#1 and 1#0D> thou(h TCP o*eration is *ossible )4APF )i&*le 4bAect Access Protocol is a *rotocol s*ecification for e2chan(in( structured infor&ation in the i&*le&entation of .eb services in co&*uter net.or!s. )) F )ecure )hell or )) is a net.or! *rotocol that allo.s data to be e2chan(ed usin( a secure channel bet.een t.o net.or!ed devices. TelnetF A ter&inal e&ulation *ro(ra& for TCP:IP net.or!s such as the internet. T8)F Trans*ort 8a+er )ecurit+> is a *rotocol that ensures *rivac+ bet.een co&&unicatin( a**lications and their users on the Internet. OMPPF 62tensible Messa(in( and Presence Protocol> is an o*en technolo(+ for realti&e co&&unication> .hich *o.ers a .ide ran(e of a**lications includin( instant &essa(in(> *resence> &ulti-*art+ chat> voice and video calls> collaboration> li(ht.ei(ht &iddle .are> content s+ndication> and (enerali=ed routin( of OM8 data.
-C;!
ICMP - Internet Control Messa(e Protocol...ICMP is not used for data trans&ission as TCP and ?5P co&&onl+ are> but rather for net.or! error &essa(in(J for e2a&*le> a host could not be reached or a service is unavailable. ICMP &essa(es are (enerall+ created and sent in res*onse to errors in IP Bdata(ra&sB Cbasicall+ a *ac!et that does not notif+ the sender u*on a deliver+ failureD> dia(nostics> or routin( *ur*oses. 6ver+ ICMP &essa(e is included inside a sin(le IP data(ra&..therefore it is unreliable C5oes not deliver a re*l+ &essa(e.. deliver+ is un!no.n to hostD The ICMP header be(ins after the 1#/th bit of the IP header. Thou(h it is inside an IP data(ra&> it is not treated the sa&e. The contents of the ICMP &essa(e often reNuire the error &essa(e to be sent bac! to the a**lication that ori(inall+ created the IP *ac!et that caused the need for a ICMP &essa(e. )till .ith &e" <ood. Most co&&on net.or! utilities are based u*on ICMPJ for instance Traceroute and Pin(. EEEEE 62a&*les of ICMP Messa(e T+*es EEEEE / - 6cho ;e*l+.. used as a res*onse to a Pin( 1 - ;eserved 0 - ;eserved 3 - 5estination ?nreachable.. Trans&ission failure due to destination host> *rotocol> or *ort unreachable> destination host or net.or! un!no.n or *rohibited> route failure> or isolated source host. 4 - )ource Luench.. used for con(estion control 5 - ;edirect Messa(e.. includes a redirect data(ra& for the host> net.or!> T4) CT+*e of )erviceD H host> or T4) H net.or! # - Alternate ost Address 7 - ;eserved , - 6cho ;eNuest.. used to reNuest 3 - ;outer Advertise&ent.. ever+ router *eriodicall+ sends this &essa(e fro& each interface announcin( the IP Address of that interface 1/ - ;outer )olicitation.. ;outer discover+:selection:solicitation CAre +ou there> Mr. router"D 11 - Ti&e 62ceeded.. This &essa(e is sent .hen a *ac!et ta!es too lon( to reach its destination Salso called TT8 CTi&e to 8iveDT> or .hen fra(&ent reasse&bl+ ta!es too lon( 10 - Para&eter Proble&F 9ad IP header.. this &essa(e is sent .hen a IP header is &issin( a reNuired o*tion> *ointer indicates an error> or its len(th is incorrect 13 - Ti&esta&*.. reNuests ti&e for s+nchroni=ation
14 - Ti&esta&* ;e*l+ 15 - Infor&ation ;eNuest 1# - Infor&ation ;e*l+ 17 - Address Mas! ;eNuest.. reNuests subnet &as! 1, - Address Mas! ;e*l+ 13 - ;eserved for )ecurit+ %or &ore infor&ation on ICMP t+*es and codes> *lease reference ;%C E730F htt*F::tools.ietf.or(:ht&l:rfc730
TC!*-!
2written by $illab6
4K> so .e Aust finished learnin( about the 4)I Model. If +ou s!i**ed that cha*ter and fi(ured +ou alread+ !ne. it I su((est +ou (o bac! and read it. If +ouBre a neo*h+te as that is .ho this boo! is desi(ned for and +ou s!i**ed the 4)I Model section then +ou seriousl+ need to (o bac! and read it.
The Origin
To full+ understand .hat so&ethin( is +ou should !no. .here it ca&e fro&> this section .ill tell +ou about the TCP:IPas ori(ins. )o .hen .as this Internet Protocol )uite CTCP:IP ModelD &ade" It .as created in the 137/as b+ the 5efense Advanced ;esearch ProAects A(enc+. Who are the+" The+ are an a(enc+ of the ?.). 5o5 C?nited )tates 5e*art&ent of 5efenseD. Prett+ ori(inal thin!ers huh" -ot reall+> the &odel for the TCP:IP &odel .as a &or*hed h+brid of A;PA-6T CAdvanced ;esearch ProAects A(enc+ -et.or!> sa+ that 1/2 fastD. 9asicall+ it .as the .orldVs first WA- CWide Area -et.or!D. KouBre tal!in( *re-internet here.
TC!*-! As+ OS)o .h+ should +ou care about the TCP:IP Model" Well> the reason +ou should care about it is because +ou use it on a dail+ basis. )o .h+ did I Aust have +ou read the 4)I Model section" We utili=e the 4)I Model to educate *eo*le Cnot Aust neo*h+tes also -et.or! Ad&ins> and *rett+ &uch an+one .ho needs to !no. the architectural structure of a net.or! and co&*uter s+ste& both as a .hole and as an individualD. The 4)I &odel does a better Aob at la+in( out .hat each la+er is doin(. As .e discussed in the *revious cha*ter the 4)I Model has 7 8a+ers. TCP:IP onl+ has 4. The+ la+ers are as follo.sF A**lication> Trans*ort> Internet> and -et.or! Access. The Wh+ .e .ill (et into in a bit. The 4)I &odel .as not al.a+s a tool .e used for educational *ur*oses thou(h. In fact in the earl+ 137/as it .as a co&*etin( standard to TCP:IP. ThatBs ri(ht the+ .erenBt al.a+s friendsP At that *oint in ti&e> the+ .ere in fact co&*etitors. %or those of +ou not *a+in( an+ attention> TCP:IP B.onB that fi(ht. Althou(h &an+ s*eculate as to .h+> and thin! that 4)I is:.as a &uch better *rotocol. Wh+ if it .as so better did it loose then" Its addresses .here far too co&*le2> ho. so" It used he2adeci&al> if +ou donBt !no. .hat that is then 0 seconds of (o((lin( should *rovide +ou .ith an ans.er. I find this funn+ as all hell. Wh+" <o loo! at an IPv# address. The 4)I &odel is still used as a .a+ to teach thou(h. 9ut TCP:IP is .hat is t+*icall+ used for net.or! co&&unication. TCP:IP is not Aust one *rotocol but an entire suite of *rotocols. If +ou thin! of <M> the+ have a ton of other sub-co&*anies. 5ifferent *lants that *rovide different *roducts for different thin(s. In the sa&e .a+ TCP:IP is a suite of *rotocols.
The >ayers
?nli!e the 4)I &odel .hich has 7 la+ers> the TCP:IP &odel onl+ has 4. )o .here did the 3 la+ers (o" -o.here> the+ .ere in fact &er(ed into one. The reason that all of the to* 3 la+ers are &er(ed is because all of the to* 3 la+ers have stuff that ha**ens before it leaves the co&*uter. )tuff that is onl+ seen b+ the o*eratin( s+ste&.
The trans*ort la+er sta+s the sa&e. The net.or! la+er .as turned into the Internet la+er. The data lin! la+er and the *h+sical la+er .here &er(ed into one and in the TCP:IP &odel it is called -et.or! Access 8a+er. In order to (et a better understandin( of the difference> I .ill list the 4)I Model 8a+ers and the TCP:IP Model 8a+ers. The 4)I Model 8a+ersF 1. A**lication 8a+er 0. Presentation 8a+er 3. )ession 8a+er 4. Trans*ort 8a+er 5. -et.or! 8a+er #. 5ata-8in! 8a+er 7. Ph+sical 8a+er -o. letVs co&*are that to the TCP:IP Model. As +ou .ill see the+ are different. ;e&e&ber> as I discussed before> so&e la+ers are &er(ed to(ether to create one la+er> as o**osed to 3 se*arate la+ers. If +ou can onl+ re&e&ber one of the &odels> I su((est +ou re&e&ber 4)I. The follo.in( is the TCP:IP 8a+ersF 1. A**lication 8a+er C&er(edF A**lication 8a+er> Presentation 8a+er H )ession 8a+erD 0. C ost-To- ostD Trans*ort 8a+er 3. Internet 8a+er C&er(edF net.or! la+er H 5ata-lin! 8a+erD 4. -et.or! Interface 8a+er ThatBs it. If +ou *aid attention in the 4)I Model cha*ter then +ou alread+ !no. the Aobs> and abilit+Bs of the la+ers individuall+ and there is no need to restate all of the&. If not then *erha*s +ou should consider readin( this boo! in order. Who !no.s &a+be the authors but it in that order for a s*ecific reason...
ShoutB
&atdan'e) E)uidre.t =illab)
5C,/0 IPT A(ent O Aviator345) 5eaftone Ai(b<reenMonster ;>S433) E)uidre.t
Conta't -nfo)
;atdanceF ratdancec(&ail.co& KillabF threefift+sevenco*!illac(&ail.co& )!+*eF !illab###1 Aviator753F aviator753c(&ail.co& )!+*eF Avi753 M8)577F &ls577clive.co&

Ethical Hacking Ebook - Newbie Guide To The Underground

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ethical Hacking Ebook - Newbie Guide To The Underground

Uploaded by

Copyright:

Available Formats

-A Serious Newbie's Guide to the Underground v2By ratdance Aviator753 Killab Mls577

hy this !a"er# this Boo$%

&es"e't where &es"e't is (ue

hat is a S'ri"t$iddy a$a) S$idiot %

ireless Trans1ission 1ethods

W &ainbow Tables* Cuda

here (id The OS- ;odel Co1e 0ro1%

So .ow does this a'tually wor$%

The !hysi'al >ayer 2>ayer 96

The (ata >in$ >ayer 2>ayer 26

The Networ$ >ayer 2>ayer 56

&elation to Other layers

.ow the Networ$ >ayer &elates to TC!*-! ;odel

The Trans"ort >ayer 2>ayer ?6

The Session >ayer 2>ayer 46

The !resentation >ayer 2>ayer @6

The A""li'ation >ayer 2>ayer 36

5C,/0 IPT A(ent O Aviator345) 5eaftone Ai(b<reenMonster ;>S433) E)uidre.t

You might also like