sachinsutey: TCP / IP
TCP/IP defines how
electronic devices (like computers) should be connected to the Internet, and
how data should be transmitted between them.
IPv6 or IP version 6 is the next generation Internet protocol which will eventually replace the
current protocol IPv4. IPv6 has a number of improvements and simplifications when compared to IPv4. The primary difference is that IPv6 uses 128 bit addresses as compared to the 32 bit addresses used with IPv4. This means that there are more available IP addresses using IPv6 than are available with IPv4 alone. For a very clear comparison, in IPv4 there is a total of 4,294,967,296 IP addresses. With IPv6, there is a total of 18,446,744,073,709,551,616 IP addresses in a single /64 allocation.
To also help illustrate the sheer magnitude of available IP addresses using IPv6, you can get 65536 /64 allocations out of a single /48, and then 65536 /48 allocations out of a single /32. Many Service Providers are getting /32 allocations from their Regional Internet Registry (RIR) like ARIN, APNIC, RIPE, etc.
A significant difference between IPv6 and IPv4 is the address notation. IPv4 uses a period (.) between each octet, compared to IPv6 which uses a colon (:). With IPv6, if you have a series of zeroes in a row, the address need not be written out completely. You can use a double colon (::) to represent that series of zeroes, however you can only use that once. For example, if you have an address like "2001:0DB8:0000:0003:0000:01FF:0000:002E", it can be written like "2001:DB8::3:0:1FF:0:2E" or "2001:DB8:0:3:0:1FF::2E", but would never be written like "2001:DB8::3::1ff::2E". You also cannot have three colons in a row (:::).
IPv6 availability depends on your Service Provider, either at home or for work. In a dual-stack environment, IPv4 and IPv6 co-exist along the same connection and don't require any special kind of connection. If dual-stack is not available, you might find yourself using an IP tunneling product or service to bring IPv6 connectivity to you. IPv4 exhaustion, as of this writing, is estimated to happen sometime in early or mid 2011. When this happens, IPv4 won't simply disappear off the face of the Internet, but continued explosive growth requiring more unique IP address assignments will mean using more and more of the abundant IPv6 address space.
Many Operating System platforms have native IPv6 support these days. The UNIX based platforms like Linux, BSD (Free, Open, Net) & MacOSX have had IPv6 support enabled for years now. Microsoft Windows starting having native IPv6 support enabled by default with it's Vista and Windows 2008 products. Earlier Windows versions like 2000/2003/XP had to have it installed optionally, and did not have as robust features that are available in the newer versions of Windows. Even common web browsing and email software will use IPv6 if it is enabled and available, without having to check off an option or special configuration. The transition from IPv4 to IPv6 is being worked on to be as seamless as possible, and many might not even notice the subtle changes in the coming years.
Your Internet address "192.168.10.14" is a part of the standard TCP/IP protocol (and so is your domain name).
Why it works?
IP-Spoofing works because trusted services only rely on network address based authentication. Since IP is easily duped, address forgery is not difficult.
The main reason is security weakness in the TCP protocol known as sequence number prediction.
Firstly it tells you that it's tracing the route to mediacollege.com, tells you the IP address of that domain, and what the maximum number of hops will be before it times out.
Next it gives information about each router it passes through on the way to its destination.
IPv6 or IP version 6 is the next generation Internet protocol which will eventually replace the
current protocol IPv4. IPv6 has a number of improvements and simplifications when compared to IPv4. The primary difference is that IPv6 uses 128 bit addresses as compared to the 32 bit addresses used with IPv4. This means that there are more available IP addresses using IPv6 than are available with IPv4 alone. For a very clear comparison, in IPv4 there is a total of 4,294,967,296 IP addresses. With IPv6, there is a total of 18,446,744,073,709,551,616 IP addresses in a single /64 allocation.
To also help illustrate the sheer magnitude of available IP addresses using IPv6, you can get 65536 /64 allocations out of a single /48, and then 65536 /48 allocations out of a single /32. Many Service Providers are getting /32 allocations from their Regional Internet Registry (RIR) like ARIN, APNIC, RIPE, etc.
A significant difference between IPv6 and IPv4 is the address notation. IPv4 uses a period (.) between each octet, compared to IPv6 which uses a colon (:). With IPv6, if you have a series of zeroes in a row, the address need not be written out completely. You can use a double colon (::) to represent that series of zeroes, however you can only use that once. For example, if you have an address like "2001:0DB8:0000:0003:0000:01FF:0000:002E", it can be written like "2001:DB8::3:0:1FF:0:2E" or "2001:DB8:0:3:0:1FF::2E", but would never be written like "2001:DB8::3::1ff::2E". You also cannot have three colons in a row (:::).
IPv6 availability depends on your Service Provider, either at home or for work. In a dual-stack environment, IPv4 and IPv6 co-exist along the same connection and don't require any special kind of connection. If dual-stack is not available, you might find yourself using an IP tunneling product or service to bring IPv6 connectivity to you. IPv4 exhaustion, as of this writing, is estimated to happen sometime in early or mid 2011. When this happens, IPv4 won't simply disappear off the face of the Internet, but continued explosive growth requiring more unique IP address assignments will mean using more and more of the abundant IPv6 address space.
Many Operating System platforms have native IPv6 support these days. The UNIX based platforms like Linux, BSD (Free, Open, Net) & MacOSX have had IPv6 support enabled for years now. Microsoft Windows starting having native IPv6 support enabled by default with it's Vista and Windows 2008 products. Earlier Windows versions like 2000/2003/XP had to have it installed optionally, and did not have as robust features that are available in the newer versions of Windows. Even common web browsing and email software will use IPv6 if it is enabled and available, without having to check off an option or special configuration. The transition from IPv4 to IPv6 is being worked on to be as seamless as possible, and many might not even notice the subtle changes in the coming years.
Your Internet address "192.168.10.14" is a part of the standard TCP/IP protocol (and so is your domain name).
Inside the TCP/IP
standard there are several protocols for handling data communication:
- TCP (Transmission Control
Protocol) communication between applications
- UDP (User Datagram Protocol)
simple communication between applications
- IP (Internet Protocol)
communication between computers
- ICMP (Internet Control
Message Protocol) for errors and statistics
- DHCP (Dynamic Host
Configuration Protocol) for dynamic addressing
TCP Uses a Fixed
Connection
TCP is for
communication between applications.
If one application
wants to communicate with another via TCP, it sends a communication request.
This request must be sent to an exact address. After a "handshake"
between the two applications, TCP will set up a "full-duplex"
communication between the two applications.
The
"full-duplex" communication will occupy the communication line between
the two computers until it is closed by one of the two applications.
UDP is very similar
to TCP, but simpler and less reliable.
IP is Connection-Less
IP is for
communication between computers.
IP is a
"connection-less" communication protocol.
IP does not occupy
the communication line between two computers. IP reduces the need for network
lines. Each line can be used for communication between many different computers
at the same time.
With IP, messages (or
other data) are broken up into small independent "packets" and sent
between computers via the Internet.
IP is responsible for
"routing" each packet to the correct destination.
IP Routers
When an IP packet is
sent from a computer, it arrives at an IP router.
The IP router is
responsible for "routing" the packet to the correct destination,
directly or via another router.
The path the packet
will follow might be different from other packets of the same communication.
The router is responsible for the right addressing, depending on traffic volume,
errors in the network, or other parameters.
Connection-Less
Analogy
Communicating via IP
is like sending a long letter as a large number of small postcards, each
finding its own (often different) way to the receiver.
TCP/IP
TCP/IP is TCP and IP
working together.
TCP takes care of the
communication between your application software (i.e. your browser) and your
network software.
IP takes care of the
communication with other computers.
TCP is responsible
for breaking data down into IP packets before they are sent, and for assembling
the packets when they arrive.
IP is responsible for
sending the packets to the correct destination.
IP Addresses
Each computer must
have an IP address before it can connect to the Internet.
Each IP packet must
have an address before it can be sent to another computer.
IP addess is the
identity of computer or website.
Domain Names
A name is much easier
to remember than a 12 digit number.
Names used for TCP/IP
addresses are called domain names.
google.com is a
domain name.
When you address a
web site, like http://www.google.com, the name is translated to a number by a
Domain Name Server (DNS).
All over the world,
DNS servers are connected to the Internet. DNS servers are responsible for
translating domain names into TCP/IP addresses.
When a new domain
name is registered together with a TCP/IP address, DNS servers all over the
world are updated with this information.
TCP - Transmission
Control Protocol
TCP is used for
transmission of data from an application to the network.
TCP is responsible
for breaking data down into IP packets before they are sent, and for assembling
the packets when they arrive.
IP - Internet
Protocol
IP takes care of the
communication with other computers.
IP is responsible for
the sending and receiving data packets over the Internet.
HTTP - Hyper Text
Transfer Protocol
HTTP takes care of
the communication between a web server and a web browser.
HTTP is used for
sending requests from a web client (a browser) to a web server, returning web
content (web pages) from the server back to the client.
HTTPS - Secure HTTP
HTTPS takes care of
secure communication between a web server and a web browser.
HTTPS typically
handles credit card transactions and other sensitive data.
SSL - Secure Sockets
Layer
The SSL protocol is
used for encryption of data for secure data transmission.
SMTP - Simple Mail
Transfer Protocol
SMTP is used for
transmission of e-mails.
MIME - Multi-purpose
Internet Mail Extensions
The MIME protocol
lets SMTP transmit multimedia files including voice, audio, and binary data
across TCP/IP networks.
IMAP - Internet
Message Access Protocol
IMAP is used for
storing and retrieving e-mails.
POP - Post Office
Protocol
POP is used for
downloading e-mails from an e-mail server to a personal computer.
FTP - File Transfer
Protocol
FTP takes care of
transmission of files between computers.
NTP - Network Time
Protocol
NTP is used to
synchronize the time (the clock) between computers.
DHCP - Dynamic Host
Configuration Protocol
DHCP is used for
allocation of dynamic IP addresses to computers in a network.
SNMP - Simple Network
Management Protocol
SNMP is used for
administration of computer networks.
LDAP - Lightweight
Directory Access Protocol
LDAP is used for
collecting information about users and e-mail addresses from the internet.
ICMP - Internet
Control Message Protocol
ICMP takes care of
error-handling in the network.
ARP - Address
Resolution Protocol
ARP is used by IP to
find the hardware address of a computer network card based on the IP address.
RARP - Reverse
Address Resolution Protocol
RARP is used by IP to
find the IP address based on the hardware address of a computer network card.
BOOTP - Boot Protocol
BOOTP is used for
booting (starting) computers from the network.
PPTP - Point to Point
Tunneling Protocol
PPTP is used for
setting up a connection (tunnel) between private networks.
When you write an
email, you don't use TCP/IP.
When you write an
email, you use an email program like Lotus Notes, Microsoft Outlook or Netscape
Communicator.
Your Email Program
Does
Your email program
uses different TCP/IP protocols:
- It sends your emails using
SMTP
- It can download your emails
from an email server using POP
- It can connect to an email
server using IMAP
SMTP - Simple Mail
Transfer Protocol
The SMTP protocol is
used for the transmission of e-mails. SMTP takes care of sending your email to
another computer.
Normally your email
is sent to an email server (SMTP server), and then to another server or
servers, and finally to its destination.
SMTP can only
transmit pure text. It cannot transmit binary data like pictures, sounds or
movies.
SMTP uses the MIME
protocol to send binary data across TCP/IP networks. The MIME protocol converts
binary data to pure text.
POP - Post Office
Protocol
The POP protocol is
used by email programs (like Microsoft Outlook) to retrieve emails from an
email server.
If your email program
uses POP, all your emails are downloaded to your email program (also called
email client), each time it connects to your email server.
IMAP - Internet
Message Access Protocol
The IMAP protocol is
used by email programs (like Microsoft Outlook) just like the POP protocol.
The main difference
between the IMAP protocol and the POP protocol is that the IMAP protocol will
not automatically download all your emails each time your email program
connects to your email server.
The IMAP protocol
allows you to look through your email messages at the email server before you
download them. With IMAP you can choose to download your messages or just
delete them. This way IMAP is perfect if you need to connect to your email
server from different locations, but only want to download your messages when
you are back in your office.
For Check Your IP
Address..
http://whatismyip.com/
for see another IP
address
http://whatismyip.com/tools/ip-address-lookup.asp
IP Tracer and IP Locator :
http://www.ip-adress.com/ip_tracer/
 |
||
|
Ping
Lookup
Trace
Whois (IDN Conversion Tool)
|
Express
DNS Records (Advanced Tool)
Network Lookup
Spam Blacklist Check
Convert Base-10 to IP
|
URL Decode
URL Encode
HTTP Headers SSL
Email Verification
|
http://network-tools.com/
Why it works?
IP-Spoofing works because trusted services only rely on network address based authentication. Since IP is easily duped, address forgery is not difficult.
The main reason is security weakness in the TCP protocol known as sequence number prediction.
|
Ping and Traceroute
All data sent over the internet is sent in
packets. Consider the following analogy. The idea behind packets is very
similar to the idea of the capsules used to send checking and savings
information from your vehicle to tellers inside the bank via vacuum tubes.
The emails you send and the files you download are all broken down into raw
data and inserted into little packets. These packets are piped through your
Internet connection. When a packet arrives at a destination computer, the
data is extracted and reassembled into a file.
Ping and Traceroute are two programs that
can be used to send packets of information to remote computers for the
purpose of retrieving information. These programs are useful for testing your
internet connection.
To use Ping and Traceroute you will need a
command prompt:
Windows
Macintosh OS X
Macintosh OS 8-9 does not have a
terminal/command prompt application available with the operating system. You
will need to use a third-party network diagnostics program. We
recommend WhatRoute. Download WhatRoute from Tucows .
PING
Ping can test the speed of your connection,
"distance" to target, and whether or not your connection is even up
and running. It tells you how long a packet of data takes to travel from your
computer to a specified host, and back again(in this case, the packet is 32
bytes in size).
To use Ping, type ping followed
by a destination host (server name such as www.expedient.net) or a host IP
address (e.g., 209.166.161.121).
Note for Macintosh OS X users: use the command ping -c 4 followed by the destination host to ping only 4 times. If you
do not use the -c 4, he command will continue pinging until
your break the connection (CTRL+C on the keyboard).
Ping Tests
Once you have your command prompt (or
WhatRoute) open, enter ping 127.0.0.1 and press Enter.
You should receive 4 responses similar to the lines below. This ping test
verifies the operation of the base TCP/IP stack. If TCP/IP is working
correctly, there will be no problems with the ping. If you receive a timeout
or error message, there is a problem with TCP/IP in which case you may have
to uninstall and reinstall TCP/IP.
Ping your IP* and
press Enter. The "XXX" indicates your IP address and
can be found by using the ipconfig /all command. Pinging your IP verifies that
the physical network device can be addressed. If you cannot ping your own IP
address, make sure the IP is correctly entered in the Network Control Panel
(NCP). If it is correct, replace TCP/IP. If this does not work, the network
card may not be properly installed or 'bad' in which case you may need to
reinstall the NIC.
Enter ping 209.166.161.121 and
press Enter. This test checks that your connection to the
Internet is active and that the network can be accessed. You should receive 4
responses similar to the lines below.
Now enter ping www.expedient.net or
another server name (e.g., www.yahoo.com) and press Enter. This
test checks that your computer is able to translate name addresses (like
www.expedient.net or www.yahoo.com) to numbers (like 209.166.165.174 or
64.58.76.224) - DNS resolution. You should receive 4 responses similar to the
lines below. If you do not receive responses, check your DNS configuration
settings. Click here for DNS Servers.
UNDERSTANDING THE
OUTPUT
The first line is the command we typed:
"ping www.expedient.net". Note the space between the command
"ping" and the host computer "www.expedient.net."
The next line shows the full name of the
host, as found by the ping program. The number 208.40.175.241 is the IP
address of the host. An IP address is similar to your zip code. You may live
in Pittsburgh, PA; but to the Post office, you are 15222-xxxx. The same goes
for the internet, "www.expedient.net" is
"208.40.175.241".
The next four lines show whether or not the
host replied, with how many bytes (size of packet), round trip time (in
milliseconds), and the TTL is how many routers the packet will go through
before giving up trying to find the host.
The last lines show the statistics from
pinging the host. They include how many packets were sent, received, and
lost. Also shown are round trip times and averages.
INTERPRETING THE
RESULTS
If all 4 packets sent are received, then the
connection is working fine. Any lost packets may indicate slow connection
problems. If no packets are received, you'll see like that say something like
"Destination Host unreachable" or "Request Timed Out".
This can indicate that your connection is not routing properly.
Note: For security
reasons, some servers do not allow you to ping them - you will get
"Request Timed Out" errors. You should try multiple servers if you
are testing your connection.
If you can not ping a domain name (i.e.
www.expedient.net), try the IP address (i.e. 208.40.175.241). If pinging an
IP address generates replies, but the domain name doesn't, then there is
probably a DNS issue.
Read the story of how PING was
created: http://ftp.arl.mil/~mike/ping.html
.
TRACEROUTE :
Traceroute tracks the path that a packet
takes from your computer to a destination address. A traceroute also shows
how many times your packets are being rebroadcast by other servers until it
gets to the final destination. For windows users, the command is tracert.
For Macintosh OS X users, its traceroute.
In this example we will trace the hops from
a computer to yahoo.com:
UNDERSTANDING THE
OUTPUT
The first line is the command we typed:
tracert yahoo.com. Note the space between the command "ping" and
the host computer "yahoo.com."
The next line shows the traceroute program
acquiring the ip address from the domain. "Maximum of 30 hops" is
how many routers the packet will go through before giving up trying to find
the host.
The next lines show each server the packets
traveled through to get to the destination yahoo.com. These show both the IP
address and domain name of the actual servers that the packets passed
through.
INTERPRETING THE
RESULTSTC
Traceroutes allow you to see the path your
packets take over the Internet. Sometimes, they will also allow you to
"see" how your information traveled over the world: Many companies
will name their servers based on where the server is located. From our
example above, our information passed from our computer to servers in
Washington DC then through servers in San Jose before reaching its
destination (yahoo.com).
Traceroutes can show where there is a break
in your connection. This allows you to determine exactly where your packets
are being dropped or lost. Dropped or lost packets on a traceroute will
usually show as asterisks (*).
Note: Just like ping, some
servers do not allow you to traceroute all the way to them - you will get
timeouts and sometimes errors. You should try multiple servers if you are
testing your connection.
Ping and Traceroute allow you to diagnose
problems with your Internet connection. These utilities allow you to
determine if a problem is on your computer, out on the network, or at the
server you're trying to reach.
|
Traceroute is a command which can show you the path a packet of
information takes from your computer to one you specify. It will list all the
routers it passes through until it reaches its destination, or fails to and is
discarded. In addition to this, it will tell you how long each 'hop' from
router to router takes.
In Windows, select Start > Programs
> Accessories > Command Prompt. This will give you a window like the
one below.
Enter the word tracert, followed by
a space, then the domain name.
The following is a successful traceroute from a
home computer in New Zealand to mediacollege.com:
Firstly it tells you that it's tracing the route to mediacollege.com, tells you the IP address of that domain, and what the maximum number of hops will be before it times out.
Next it gives information about each router it passes through on the way to its destination.
·
1 is the internet gateway on the network
this traceroute was done from (an ADSL modem in this case)
2 is the ISP the origin computer is connected to (xtra.co.nz)
3 is also in the xtra network
4 timed out
5 - 9 are all routers on the global-gateway.net.nz network (the domain that is the internet gateway out of New Zealand)
10 - 14 are all gnaps.net in the USA (a telecom supplier in the USA)
15 - 17 are on the nac network (Net Access Corporation, an ISP in the New York area)
18 is a router on the network mediacollege.com is hosted on
and finally, line 19 is the computer mediacollege.com is hosted on (sol.yourhost.co.nz)
2 is the ISP the origin computer is connected to (xtra.co.nz)
3 is also in the xtra network
4 timed out
5 - 9 are all routers on the global-gateway.net.nz network (the domain that is the internet gateway out of New Zealand)
10 - 14 are all gnaps.net in the USA (a telecom supplier in the USA)
15 - 17 are on the nac network (Net Access Corporation, an ISP in the New York area)
18 is a router on the network mediacollege.com is hosted on
and finally, line 19 is the computer mediacollege.com is hosted on (sol.yourhost.co.nz)
·
Each of the 3 columns
are a response from that router, and how long it took (each hop is tested 3
times). For example, in line 2, the first try took 240ms (240 milliseconds),
the second took 421 ms, and the third took 70ms.
You will notice that line 4 'timed out', that is, there was no response from the router, so another one was tried (202.50.245.197) which was successful.
You will also notice that the time it took quadrupled while passing through the global-gateway network.
You will notice that line 4 'timed out', that is, there was no response from the router, so another one was tried (202.50.245.197) which was successful.
You will also notice that the time it took quadrupled while passing through the global-gateway network.
This is extremely useful when trying to find out
why a website is unreachable, as you will be able to see where the connection
fails. If you have a website hosted somewhere, it would be a good idea to do a traceroute to it when it is working, so that when it fails, you can do
another traceroute to it (which will probably time out if the website is
unreachable) and compare them. Be aware though, that it will probably take a different
route each time, but the networks it passes through will generally be very
similar.
If the example above had continued to time out after line 9, you could suspect that global-gateway.co.nz was the problem, and not mediacollege.com.
If it timed out after line 1, you would know there was a problem connecting to your ISP (in this case you would not be able to access anything on the internet).
If the example above had continued to time out after line 9, you could suspect that global-gateway.co.nz was the problem, and not mediacollege.com.
If it timed out after line 1, you would know there was a problem connecting to your ISP (in this case you would not be able to access anything on the internet).
( It is generally recommended that if you have a
website that is unreachable, you should use both the traceroute and ping commands
before you contact your ISP to complain. More often that not, there will be
nothing to your ISP or hosting company can do about it. )
No comments:
Post a Comment