Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,150 --> 00:00:00,690
All right.
2
00:00:00,690 --> 00:00:07,980
So now we're moving into layer four which is the transport layer of the OS side model and we're going
3
00:00:07,980 --> 00:00:12,160
to talk about what is TGP and what is UDP.
4
00:00:12,180 --> 00:00:22,030
So what type that in here DCP vs. UDP so DCP is what is known as the Transmission Control Protocol.
5
00:00:22,260 --> 00:00:26,700
And you could think of that as a connection oriented protocol.
6
00:00:26,700 --> 00:00:30,670
And we also have UDP which is the user data Graham protocol.
7
00:00:30,840 --> 00:00:34,590
And this is a connection less protocol.
8
00:00:34,590 --> 00:00:40,700
So when we have these two protocols one is best suited when it comes to high reliability.
9
00:00:40,770 --> 00:00:43,500
That's TCB DCP is connection oriented.
10
00:00:43,500 --> 00:00:49,320
We want to make a connection win high reliability so you can get something like a Web site which is
11
00:00:49,360 --> 00:00:56,980
HDP or HDP s or you can think of something like SS age or f T.P. the file transfer protocol.
12
00:00:57,090 --> 00:01:03,990
Those all utilize TTP when you think about UDP you might think about something like a streaming service
13
00:01:04,020 --> 00:01:09,230
that's connection lists or DNS connections or voice over IP is connection lists.
14
00:01:09,420 --> 00:01:15,810
And when this comes into the importance of scanning scanning is super important we're going to be scanning
15
00:01:15,810 --> 00:01:19,600
both DCP and UDP as a penetration tester.
16
00:01:19,650 --> 00:01:23,070
And don't worry about scanning right now when we get into the scanning section that will make a lot
17
00:01:23,070 --> 00:01:24,300
more sense.
18
00:01:24,720 --> 00:01:28,610
But we need to know what DCP and TPR and define them broadly.
19
00:01:28,620 --> 00:01:35,700
So the most commonly commonly used protocol that you're going to be scanning is going to be C P.
20
00:01:35,700 --> 00:01:39,120
Now TTP works on what is called a three way handshake.
21
00:01:39,120 --> 00:01:42,980
Now if we look at the three way handshake it's going to look something like this.
22
00:01:43,020 --> 00:01:50,440
We're going to first send out a sin packet and then we're going to receive back a sin ACH packet.
23
00:01:50,610 --> 00:01:52,910
And finally we're going to send an act packet.
24
00:01:52,920 --> 00:01:54,240
Now how does this work.
25
00:01:54,270 --> 00:01:56,680
Now you could think of this as an interaction.
26
00:01:56,790 --> 00:02:01,680
So let's say you have a friend or a neighbor and you go to your neighbor and you say hello.
27
00:02:01,680 --> 00:02:03,000
That's a sin.
28
00:02:03,000 --> 00:02:08,070
Now sin act is going to be the response it's going to say hey sin I acknowledge you that's your neighbor
29
00:02:08,070 --> 00:02:09,570
waving hello back.
30
00:02:09,660 --> 00:02:14,370
And then you know you are good to go start a conversation so that's the acknowledgment.
31
00:02:14,370 --> 00:02:21,660
Now when we think about this in terms of ports now port is a item that could be open on a machine.
32
00:02:21,660 --> 00:02:24,140
It's a way to communicate with certain protocols.
33
00:02:24,240 --> 00:02:31,600
For example if you think about HDP that's over port 80 if you think about HP s that's over port for
34
00:02:31,610 --> 00:02:37,020
4 3 there's a lot of different protocols and there are sixty five thousand plus ports that can utilize
35
00:02:37,020 --> 00:02:38,130
these protocols.
36
00:02:38,130 --> 00:02:42,330
So everything related here is has to do with these ports.
37
00:02:42,330 --> 00:02:47,220
Now let's say that you want to connect to port for four for three on a Web site you're going to send
38
00:02:47,220 --> 00:02:52,320
out a send packet to that Web site you're going to say hey I want to connect to you on port four for
39
00:02:52,360 --> 00:02:58,620
three and if for four or three is open and available for connection they're going to say hey you can
40
00:02:58,620 --> 00:02:59,910
go ahead and connect to me.
41
00:03:00,120 --> 00:03:04,620
And when you want to actually establish that connection you're going to send that acknowledgement packet
42
00:03:04,620 --> 00:03:05,720
back.
43
00:03:05,760 --> 00:03:08,150
Now let's make more sense of this.
44
00:03:08,160 --> 00:03:12,280
Let's go ahead and open up a tool called wire charger.
45
00:03:12,480 --> 00:03:14,530
So this is built into Cally Linux.
46
00:03:14,550 --> 00:03:19,800
I'm just going to type in wires shark and provide an ampersand here just so I have Shell access if I
47
00:03:19,800 --> 00:03:24,990
need it in the background and all I'm going to do is capture packet data.
48
00:03:25,020 --> 00:03:30,020
So this is going to be listening in on my neck and it's going to say Hey what's he doing.
49
00:03:30,020 --> 00:03:31,590
Let's capture all that data.
50
00:03:31,590 --> 00:03:32,760
So we're going to capture that.
51
00:03:32,760 --> 00:03:34,750
I'm going to start a capture here.
52
00:03:34,890 --> 00:03:36,720
You're gonna start to see a bunch of traffic coming through.
53
00:03:36,720 --> 00:03:38,640
You can see the different protocols here.
54
00:03:38,640 --> 00:03:40,940
You could see UDP is coming through right now.
55
00:03:41,220 --> 00:03:43,820
But we're gonna go establish a connection.
56
00:03:43,830 --> 00:03:46,320
So let's go out to the World Wide Web.
57
00:03:46,830 --> 00:03:49,520
And I've got Google up I'm just going to refresh Google.
58
00:03:49,530 --> 00:03:51,750
You can see a lot of traffic start coming through.
59
00:03:51,840 --> 00:03:55,680
So I'm going to go ahead just stop this right here.
60
00:03:55,780 --> 00:03:59,080
Look at all the data packets that get sent when you're using your computer.
61
00:03:59,080 --> 00:04:00,940
This is what's going on in the background.
62
00:04:00,970 --> 00:04:01,810
You don't even think about it.
63
00:04:02,350 --> 00:04:05,660
So we could see some sense and acts there those are in the gray.
64
00:04:05,680 --> 00:04:07,560
Let's see if we can find a good one.
65
00:04:07,570 --> 00:04:11,670
OK so here is one right here.
66
00:04:11,740 --> 00:04:13,900
So what we're gonna do actually let's find a better one.
67
00:04:14,080 --> 00:04:23,150
So we're going to come down to here and we're going to say OK so here we are we're our source IP is
68
00:04:23,230 --> 00:04:25,650
1 9 2 1 6 8 4 7 3 9.
69
00:04:25,720 --> 00:04:29,700
We're going out to destination is seventy four one twenty five twenty one one fifty five.
70
00:04:29,700 --> 00:04:34,460
We're saying hey I've got this port here I want to connect to your port so important for 4.
71
00:04:34,470 --> 00:04:35,790
This is a web page.
72
00:04:35,950 --> 00:04:42,430
We're sending a send packet if that port is open and available for connection and communication what's
73
00:04:42,420 --> 00:04:47,380
going to happen back is that IP address is going to say hey here I am.
74
00:04:47,380 --> 00:04:49,790
All of you to connect on this port.
75
00:04:49,960 --> 00:04:55,270
And if we make that final connection we're gonna go ahead and send the Act packet back which is right
76
00:04:55,270 --> 00:04:55,750
here.
77
00:04:55,750 --> 00:05:01,540
It's going to say Ach so that is the three way handshake please do you remember this is going to come
78
00:05:01,540 --> 00:05:05,880
back into play when we get into scanning and we'll talk about stealth scanning and how we modify the
79
00:05:05,890 --> 00:05:08,990
three way handshake to actually do some scanning.
80
00:05:09,010 --> 00:05:10,360
So that is it for this lesson.
81
00:05:10,540 --> 00:05:12,220
I will catch you over in the next one.
8135
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.