new creators

NEW CREATERS

Team members:

Naveen Kumar

Murgesh Kalyani

Faculty Incharge:

Rajaram Sir

Network Protocol Analysis

2

INDEX: Title……………………………………………………3 Abstract………………………………………..……..4 What is Network…………………………………….5 Types of Topology…………………………………...6 The tool’s Utility…………………………………….7 List of other tools……………………………………8 What is Protocol? Types of Protocol………………9 How ICMP Protocol works………………………..13 ICMP General Operation…………………………15 Acknowledgment…………………...…………...…19 Reference…………………………………………….20

3

ABSTRACT:

Decode network protocol headers and trailers.

Understand the data and information inside the packet encapsulated by the protocol. (Dawn of the Net)

A brief intro on various protocol types. Implementation via “Colasoft Caspa”

tool.

4

WHAT IS NETWORK?

Series of points or nodes interconnected by communication paths.

5

MOST COMMONLY USED NETWORK TOPOLOGIES ARE

6

The tool Colasoft Caspa is mainly employed to:

Analyze network problems Gain information for effecting a network

instruction Monitor network usage Gather and report network statistics Filter suspect content from network traffic Spy on network Debug client/server communications Debug network protocol implementations

7

Other than Caspa: Carnivore dSniff Ettercap Fluke Lanmeter Microsoft Network Monitor OPNET Technologies ACE Analyst NetScout Sniffer Global Analyzer NetScout Sniffer Portable Professional Analyzer Network Instruments Observer NetworkMiner packet analyzer PacketTrap pt360 Tool Suite snoop (part of Solaris) tcpdump WildPackets OmniPeek (old name AiroPeek, EtherPeek) Wireshark (formerly known as Ethereal) NetworkActiv PIAFCTM Cain and abel Clarified Analyzer

8

WHAT IS PROTOCOL? TYPES OF NETWORK PROTOCOLS Rules determining the format and

transmission of data.There are mainly five network protocols: IPv4: internet protocol version 4. IPv6: internet protocol version 6 (next

generation protocol). Advantages of IPv6 over IPv4 a) Large address spaceb) Better header formatc) Provision for extensiond) Resource allocation (“flow label”)e) Security features 9

Continued…. CLNP: connectionless network protocol. IPsec: internet protocol security,this

enables encryption and authentication of every IP packet that moves in the data stream.

ICMP: internet control message protocol.

10

IPsec authentication header (AH) AH provides authentication of contents of

datagrams by adding header. The calculation of header is based on values

in datagram. Operation of AH protocol: Uses hashing algorithm & specific key A security association between two devices is

set up. On tne source side AH performs computation,

calculated result Integrity Check Value (ICV). Puts the ICV into a special header with other

fields for transmission. Destination does the same calculation to

retrieve data.11

12

HOW ICMP PROTOCOL WORKS???

Step 1: understanding the ICMP protocola) Can u imagine a world with no traffic signal

no stop signal to control daily life? No rightb) Same way, just imagine internet without

ICMP protocol, it will become unwieldy mess without it.

Step 2: what is ICMP and what it stands for? well ICMP stands for “internet control

message protocol”. It is unheralded hero of the four core

protocol. 13

ICMP general operation

14

consider a client host A sending a message to server host B,

with a problem detected in the datagram by router R3.

Even if R3 suspects that the problem was caused by one of the preceding routers that handled the message, such as R2.

it cannot send a problem report to R2. It can only send an ICM

Because it is only A's address in the datagram. Thus, R3 must send a problem report back to A

and A must decide what to do with it. Device A may decide to change the route it uses, or to

generate an error report that an administrator can use to troubleshoot the R2 router. P message back to host A.

15

ICMP Message Classes At the highest level, ICMP messages are

divided into two classes:i. Error Messages: These messages are

used to provide feedback to a source device about an error that has occurred.

ii. Informational (or Query) Messages: These are messages that are used to let devices exchange information, implement certain IP-related features, and perform testing.

16

ICMP Message Types: Each individual kind of message in ICMP is given its

own unique Type value, which is put into the field of that name in the ICMP common message format.

This field is 8 bits wide, so a theoretical maximum of 256 message types can be defined.

A separate set of Type values is maintained for each of ICMPv4 and ICMPv6.

In ICMPv4, Type values were assigned sequentially, to both error and informational messages, on a “FCFS” basis (sort of)

In IPv6, errormessages have Type values from 0 to 127, and informational messages have values from 128 to 255.

17

Message ClassType Value

Message NameSummary Description of Message Type

Defining RFC

Number

ICMPv4 Error Messages

3 Destination UnreachableIndicates that a datagram could not be delivered to its destination.

792

4 Source QuenchLets a congested IP device tell a device that is sending it datagram's .

792

5 RedirectAllows a router to inform a host of a better route to use for sending datagram's.

792

ICMPv4 Informational

Messages(part 1 of 2)

0 Echo Reply Sent in reply to an Echo . 792

8 Echo (Request)Sent by a device to test connectivity to another device on the internetwork.

792

9 Router AdvertisementUsed by routers to tell hosts of their existence and capabilities.

1256

ICMPv6 Error Messages

1 Destination UnreachableIndicates that a datagram could not be delivered to its destination. 

2463

2 Packet Too BigSent when a datagram cannot be forwarded .

2463

3 Time ExceededSent when a datagram has been discarded .

2463

ICMPv6 Informational

Messages

128 Echo RequestSent by a device to test connectivity to another device on the internetwork.

2463

129 Echo ReplySent in reply to an Echo (Request) message; used for testing connectivity.

2463

18

ACKNOWLEDGMENT:

Firstly we would like to thank “Mydili Ma’am” for giving us a great opportunity to represent our skills.

Secondly to “Rajaram sir” who supported us in doing this project.

Thirdly to “All OUR DEAR FRIENDS” who listened to this seminar quietly.

19

REFERENCES:

http://www.youtube.com/watch?v=mn6A0Y5aroc

http://www.colasoft.com/help/Capsa6.9help.html

http://www.javvin.com/protocolanalysis.html http://www.chappellseminars.com/ http://www.dodear.com/images/

TorrentOperation.gif

20

Thank you…

Any Questions?

21