Network+ : TCP/IP (Test 9)

Listen to this Post

Featured Image
TCP/IP (Transmission Control Protocol/Internet Protocol) is the backbone of modern networking, enabling communication between devices across the internet. Understanding its layers, protocols, and functions is essential for cybersecurity professionals and network administrators.

You Should Know:

1. TCP/IP Model Layers

The TCP/IP model consists of four layers:

  • Application Layer (HTTP, FTP, DNS)
  • Transport Layer (TCP, UDP)
  • Internet Layer (IP, ICMP)
  • Network Access Layer (Ethernet, ARP)

2. Key Protocols & Their Functions

  • TCP (Transmission Control Protocol) – Reliable, connection-oriented communication.
  • UDP (User Datagram Protocol) – Fast, connectionless communication.
  • IP (Internet Protocol) – Handles addressing and routing.
  • ICMP (Internet Control Message Protocol) – Used for diagnostics (e.g., ping).

3. Essential Linux & Windows Commands

Linux:

  • Check active connections:
    netstat -tuln 
    
  • Test connectivity (ICMP):
    ping google.com 
    
  • Trace route:
    traceroute google.com 
    
  • Capture network traffic:
    tcpdump -i eth0 
    

Windows:

  • Display active connections:
    netstat -ano 
    
  • Test connectivity:
    ping 8.8.8.8 
    
  • Flush DNS cache:
    ipconfig /flushdns 
    
  • View routing table:
    route print 
    

4. Analyzing TCP/IP with Wireshark

  • Capture and analyze packets:
    wireshark 
    
  • Filter HTTP traffic:
    http 
    
  • Filter by IP:
    ip.addr == 192.168.1.1 
    

5. Security Considerations

  • Firewall Rules (Linux):
    sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT 
    
  • Block ICMP (Prevent Ping Sweeps):
    sudo iptables -A INPUT -p icmp --icmp-type echo-request -j DROP 
    
  • Windows Firewall Rule:
    netsh advfirewall firewall add rule name="Block Port 445" dir=in action=block protocol=TCP localport=445 
    

What Undercode Say:

Mastering TCP/IP is crucial for cybersecurity, networking, and IT troubleshooting. Understanding packet flow, protocol behavior, and security configurations helps in defending against attacks like MITM, DDoS, and port scanning. Regular practice with tools like tcpdump, Wireshark, and `netstat` enhances real-world expertise.

Expected Output:

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State 
tcp 0 0 0.0.0.0:22 0.0.0.0: LISTEN 
tcp6 0 0 :::80 ::: LISTEN 
Active Connections
Proto Local Address Foreign Address State
TCP 192.168.1.2:50234 104.16.85.20:443 ESTABLISHED 

For further learning, check:

References:

Reported By: Housenathan Network – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 Telegram