-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtemplateonly
93 lines (53 loc) · 7.03 KB
/
templateonly
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
# TEMPLATE ONLY --- USE THIS TEMPLATE ------ TITLE GOES HERE!
STEPS TO CREATE A PAGE:
1. Copy this page - Top right click on PENCIL icon to edit, copy this markdown page or click on RAW to copy the markdown page.
2. Create a new file - on the left navigation, click on the PLUS sign to add a new page.
3. Name your file with (.md) extenstion (ie. newpage.md)
4. Copy your text and add your image/s - Upload your images here (look for your name folder or create one): [Images Folder](https://drive.google.com/drive/folders/1jQvqKC6bEb3_auwKDmnhnY25e84ueKMx?usp=sharing)
5. Click Commit changes.
|  |
| ----------------------- |
| Analyzing network protocols is a crucial aspect of network troubleshooting, security analysis, and performance optimization. Network protocols govern the rules and procedures for data communication between devices in a network. To analyze network protocols effectively, professionals often rely on tools like Wireshark or other neutral vendor tools, which provide detailed insights into the traffic flowing through the network. |
| Network protocol analysis is the process of examining the data packets that are transmitted over a network. This can be done for a variety of purposes, including troubleshooting network problems, detecting security threats, and analyzing network traffic. |
**There are a number of tools that can be used for network protocol analysis. Some of the most popular tools include.**
- Wireshark: Wireshark is a free and open-source network protocol analyzer. It is one of the most powerful tools available for network protocol analysis.
- NetworkMiner: Network Miner is a commercial network protocol analyzer. It offers a number of features that are not available in Wireshark, such as the ability to decode encrypted traffic.
- tcpdump: tcpdump is a command-line network protocol analyzer. It is a powerful tool, but it can be difficult to use.
- ngrep: ngrep is a command-line network protocol analyzer that is similar to tcpdump. It is easier to use than tcpdump, but it does not offer as many features.
- Microsoft Network Monitor: Microsoft Network Monitor is a commercial network protocol analyzer that is included with Windows Server. It is a powerful tool, but it is not as widely used as Wireshark or Network Miner.
When analyzing network protocols, two widely used models come into play: **the OSI model and the TCP/IP model.** These models serve as frameworks for understanding and dissecting the different layers of network communication.
**The OSI (Open Systems Interconnection) model is a conceptual framework that defines seven layers, each responsible for a specific aspect of network communication. These layers include:**
1. Physical Layer: Deals with the electrical and physical properties of data transmission, such as cables and network interfaces.
2. Data Link Layer: Manages the reliable transmission of data across a physical link, addressing errors and controlling flow.
3. Network Layer: Handles logical addressing and routing of data packets across different networks.
4. Transport Layer: Provides end-to-end communication between source and destination hosts, ensuring reliable data delivery and flow control.
5. Session Layer: Establishes, manages, and terminates connections between applications.
6. Presentation Layer: Translates data between the application layer and the network format, handling data encryption, compression, and formatting.
7. Application Layer: Represents the interface between the network and the end-user applications, facilitating communication between them.
|  |
| ----------------------- |
**The TCP/IP (Transmission Control Protocol/Internet Protocol) model is a simplified version of the OSI model, widely used in today's internet communication. It consists of four layers:**
1. Network Interface Layer: Equivalent to the combination of the physical and data link layers in the OSI model.
2. Internet Layer: Corresponds to the network layer in the OSI model, handling IP addressing, routing, and fragmentation.
3. Transport Layer: Combines the functions of the transport and session layers in the OSI model, with TCP and UDP protocols responsible for reliable data delivery and connection management.
4. Application Layer: Similar to the OSI model's application layer, it includes protocols like HTTP, SMTP, FTP, etc., that enable application-level communication.
When using tools like Wireshark or neutral vendor tools, the network traffic is captured at various layers of the OSI or TCP/IP model, depending on the tool's capabilities and configuration. These tools provide detailed packet-level analysis, allowing professionals to examine the headers, payload, and other relevant information for each captured packet.
**By analyzing network protocols using such tools, experts can:**
1. Identify and troubleshoot network issues: Analyzing protocol-level data helps pinpoint problems such as packet loss, latency, or misconfigurations at different layers.
2. Monitor network performance: By examining protocol-specific metrics, professionals can assess the performance of individual protocols, identify bottlenecks, and optimize network resources.
3. Ensure network security: Analyzing protocols allows for the detection of malicious or abnormal traffic patterns, helping to identify potential security threats and vulnerabilities.
4. Validate compliance and standards: By comparing captured network traffic against established protocols and standards, professionals can ensure compliance and identify any deviations or non-standard behavior.
Analyzing network protocols using tools like Wireshark or neutral vendor tools allows professionals to gain insights into the intricacies of network communication. The OSI and TCP/IP models provide a framework for understanding the different layers involved in this communication, enabling effective troubleshooting, performance optimization, security analysis, and compliance validation.
## Technical Documentation 🤖
[Analyzing Network Protocols](https://docs.google.com/document/d/19xuaboWqPuh2xHv4bwEWp6eR3k2f7zS9hQ9Nw0aDXqE/edit?usp=share_link)
## 🔗 Authors: 👐
### Emilie Dionisio👩
[](https://www.linkedin.com/in/emdionisio/)
- [@Emilie Dionisio](https://github.com/emiliedionisio)
### Ameha Zewde Lemma 👨
[](https://www.linkedin.com/in/ameha-lemma/)
- [@Ameha Zewde Lemma](https://github.com/orgs/cybertrainingrange/people/ameha01)
### Mayra Castillo👩
[](https://www.linkedin.com/in/mayra-castillo-barrios/)
- [@Mayra Castillo](https://github.com/mbarri0s)