What is a network packet and how does it work?

A network packet is a basic unit of data that's grouped together and transferred over a computer
network, typically a packet-switched network, such as the internet. Each packet or chunk of data forms
part of a complete message and carries pertinent address information that helps identify the sending
computer and intended recipient of the message.

Why use packets?

Packets are used for efficient and reliable transmission of data. Instead of transferring a huge file as a
single data block, sending it in smaller packets improves transmission rates. Packets also enable multiple
computers to share the same connection. For example, if one person is downloading a file, the
computer can send packets to the server, while another user is simultaneously sending packets to the
same server.

While it's possible to transfer data without using packets, it would be highly impractical to send the data
without first slicing it into smaller chunks. The following are some of the benefits of using packets:

 Different paths can be used to route packets to their destination. This process is known as
packet switching.
 If an error occurs, the packets can be stored and retransmitted later.
 Packets use the best route available for delivery. This enables them to be routed across
congested parts of the network without slowing them down in a specific spot.
 To ensure secure delivery, packets can be encrypted.

Packet switching vs. circuit switching

Packet switching

 It is a connectionless service and doesn't require a dedicated path between the sender and the
receiver.Each packet carries pertinent information, such as source, destination and protocol
identifiers, which help the packet select the best available route to its destination.
 The grouping of data into packets in a packet-switched network enables interoperable
networking across these different networks and devices until the packets reach the destination
where the receiving hosts reassemble them to their original form. For example, a host in a
packet-switched network, such as Ethernet, can send data that traverses its local network
without having any information about the destination's local area network or any of the devices
or networks between its LAN and the destination's LAN.

 While packet-switched networks can't guarantee reliable delivery, they do minimize the risk of
data loss, as the receiving device can request the missing packet upon detection and the
originating device can then resend it.
 No bandwidth reservation is required in advance, and no call setup is required.
Protocols used in packet switching are complex. If the security protocols aren't used during packet
transmission, the connection is insecure.

Since it isn't a dedicated connection, packet switching can't be used in applications that require little
delay and higher service quality.

Packet switching is reliable, as it helps to eliminate packet loss, as data packets can be resent if they
don't reach their destination.

Circuit switching

 It reserves the entire bandwidth in advance, as a connection setup is required for data transfers.
The reserved bandwidth improves the quality of the connection and network performance due
to the reduced congestion.
 It requires a dedicated path before the data can travel between the source and the destination,
which makes it impossible to transmit other data even when the channel is free. For example,
even if there's no transfer of data, the link is still maintained until it's terminated by users.
 Circuit switching is suitable for long and continuous communication due to its dedicated nature.

Simple Mail Transfer Protocol

SMTP (Simple Mail Transfer Protocol) is a protocol for managing Internet’s electronic mail. It is an
application layer protocol. SMTP uses persistent connections. The same TCP connection can be used to
send multiple emails, once the connection has been established.

DNS in Networking-

 DNS is short for Domain Name Service or Domain Name System.

 It is an application layer protocol.

Purpose-

 DNS is a host name to IP Address translation service.

 It converts the names we type in our web browser address bar to the IP Address of web servers
hosting those sites.

What is Wireshark?

 Wireshark is a network packet analyzer. A network packet analyzer presents captured packet
data in as much detail as possible.
 You could think of a network packet analyzer as a measuring device for examining what’s
happening inside a network cable, just like an electrician uses a voltmeter for examining what’s
happening inside an electric cable (but at a higher level, of course).
 In the past, such tools were either very expensive, proprietary, or both. However, with the
advent of Wireshark, that has changed. Wireshark is available for free, is open source, and is one
of the best packet analyzers available today
Some intended purposes

Here are some reasons people use Wireshark:

 Network administrators use it to troubleshoot network problems

 Network security engineers use it to examine security problems
 QA engineers use it to verify network applications
 Developers use it to debug protocol implementations
 People use it to learn network protocol internals

Open Source Software

Wireshark is an open source software project, and is released under the GNU General Public
License (GPL). You can freely use Wireshark on any number of computers you like, without worrying
about license keys or fees or such. In addition, all source code is freely available under the GPL. Because
of that, it is very easy for people to add new protocols to Wireshark, either as plugins, or built into the
source, and they often do!

HTTPS traffic analysis

The Hypertext Transfer Application Layer Protocol (HTTP) utilizes the internet to establish protocols
whenever the HTTP client/server transmits/receives HTTP requests.

Start a Wireshark capture -> Open a web browser -> Navigate to any HTTPS-based website -> Stop the
Wireshark capture.

Input ' ssl' in the filter box to monitor only HTTPS traffic -> Observe the first TLS packet -> The
destination IP would be the target IP (server).