The Hacker's Encyclopedia 1998

home *** CD-ROM | disk | FTP | other *** search

/ The Hacker's Encyclopedia 1998 / hackers_encyclopedia.iso / zines / phrack2 / phrack33.003 < prev next >

Wrap

Text File | 2003-06-11 | 38.8 KB | 923 lines

==Phrack Inc.== Volume Three, Issue Thirty-Three, File 3 of 13 ______________________________________________________________________________ A Hacker's Guide to the Internet By The Gatsby Version 2.00 / AXiS / July 7, 1991 ______________________________________________________________________________ 1 Index ~~~~~~~~~ Part: Title: ~~~~ ~~~~~ 1 Index 2 Introduction 3 Glossary, Acronyms, and Abbreviations 4 What is the Internet? 5 Where You Can Access The Internet 6 TAC 7 Basic Commands a TELNET command b ftp ANONYMOUS to a Remote Site c Basic How to tftp the Files d Basic Fingering 8 Networks 9 Internet Protocols 10 Host Names and Addresses 2 Introduction ~~~~~~~~~~~~~~~~ The original release of this informative file was in an IRG newsletter, but it had some errors that I wanted to correct. I have also added more technical information. This file is intended for the newcomer to Internet and people (like me) who are not enrolled at a university with Internet access. It covers the basic commands, the use of Internet, and some tips for hacking through Internet. There is no MAGICAL way to hacking a UNIX system. If you have any questions, I can be reached on a number of boards. - The Crypt - - 619/457+1836 - - Call today - - Land of Karrus - - 215/948+2132 - - Insanity Lane - - 619/591+4974 - - Apocalypse NOW - - 2o6/838+6435 - <*> AXiS World HQ <*> Mail me on the Internet: gats@ryptyde.cts.com bbs.gatsby@spies.com The Gatsby *** Special Thanks go to Haywire (a/k/a Insanity: SysOp of Insanity Lane), Doctor Dissector, and all the members of AXiS. 3 Glossary, Acronyms, and Abbreviations ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ACSE - Association Control Service Element, this is used with ISO to help manage associations. ARP - Address Resolution Protocol, this is used to translate IP protocol to Ethernet Address. ARPA - Defense Advanced Research Project Agency ARPANET - Defense Advanced Research Project Agency or ARPA. This is an experimental PSN which is still a sub network in the Internet. CCITT - International Telegraph and Telephone Consultative Committee is a international committee that sets standard. I wish they would set a standard for the way they present their name! CERT - Computer Emergency Response Team, they are responsible for coordinating many security incident response efforts. They have real nice reports on "holes" in various UNIX strands, which you should get because they are very informative. CMIP - Common Management Information Protocol, this is a new HIGH level protocol. CLNP - Connection Less Network Protocol is OSI equivalent to Internet IP DARPA - Defence Advanced Research Project Agency. See ARPANET DDN - Defence Data Network driver - a program (or software) that communicates with the network itself, examples are TELNET, FTP, RLOGON, etc. ftp - File Transfer Protocol, this is used to copy files from one host to another. FQDN - Fully Qualified Domain Name, the complete hostname that reflects the domains of which the host is a part. Gateway - Computer that interconnects networks. Host - Computer that is connected to a PSN. Hostname - Name that officially identifies each computer attached internetwork. Internet - The specific IP-base internetwork. IP - Internet Protocol which is the standard that allows dissimilar host to connect. ICMP - Internet Control Message Protocol is used for error messages for the TCP/IP. LAN - Local Area Network MAN - Metropolitan Area Network MILNET - DDN unclassified operational military network. NCP - Network Control Protocol, the official network protocol from 1970 until 1982. NIC - DDN Network Information Center NUA - Network User Address OSI - Open System Interconnection. An international standardization program facilitate to communications among computers of different makes and models. Protocol - The rules for communication between hosts, controlling the information by making it orderly. PSN - Packet Switched Network RFC - Request For Comments, is technical files about Internet protocols one can access these from anonymous ftp at NIC.DDN.MIL. ROSE - Remote Operations Service Element, this is a protocol that is used along with OSI applications. TAC - Terminal Access Controller; a computer that allow direct access to Internet. TCP - Transmission Control Protocol TELNET - Protocol for opening a transparent connection to a distant host. tftp - Trivial File Transfer Protocol, one way to transfer data from one host to another. UDP - User Datagram _Protocol Unix - This is copyrighted by AT&T, but I use it to cover all the look-alike Unix systems, which you will run into more often. UUCP - Unix-to-Unix Copy Program, this protocol allows UNIX file transfers. This uses phone lines using its own protocol, X.25 and TCP/IP. This protocol also exist for VMS and MS-DOS. uucp - uucp when in lower case refers to the UNIX command uucp. For more information on uucp read files by The Mentor in the Legion of Doom Technical Journals. WAN - Wide Area Network X.25 - CCITTs standard protocol that rules the interconnection of two hosts. In this file I have used several special charters to signify certain things. Here is the key; * - Buffed from UNIX itself. You will find this on the left side of the margin. This is normally "how to do" or just "examples" of what to do when using Internet. # - This means these are commands, or something that must be typed in. 4 What is the Internet? ~~~~~~~~~~~~~~~~~~~~~~~~~ To understand the Internet you must first know what it is. The Internet is a group of various networks, ARPANET (an experimental WAN) was the first. ARPANET started in 1969, this experimental PSN used Network Control Protocol (NCP). NCP was the official protocol from 1970 until 1982 of the Internet (at this time also known as DARPA Internet or ARPA Internet). In the early 80's DARPA developed the Transmission Control Protocol/Internet Protocol which is the official protocol today, but much more on this later. Due to this fact, in 1983 ARPANet split into two networks, MILNET and ARPANET (both are still part of the DDN). The expansion of Local Area Networks (LAN) and Wide Area Networks (WAN) helped make the Internet connecting 2,000+ networks strong. The networks include NSFNET, MILNET, NSN, ESnet and CSNET. Though the largest part of the Internet is in the United States, the Internet still connects the TCP/IP networks in Europe, Japan, Australia, Canada, and Mexico. 5 Where You Can Access Internet ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Internet is most likely to be found on Local Area Networks or LANs and Wide Area networks or WANs. LANs are defined as networks permitting the interconnection and intercommunication of a group of computers, primarily for the sharing of resources such as data storage device and printers. LANs cover a short distance (less than a mile) and are almost always within a single building complex. WANs are networks which have been designed to carry data calls over long distances (many hundreds of miles). You can also access Internet through TymNet or Telenet via gateway. You'll have to find your own NUAs though. 6 TAC ~~~~~~~ TAC (terminal access controller) is another way to access Internet. This is just dial-up terminal to a terminal access controller. You will need to get a password and an account. TAC has direct access to MILNET. One example of a TAC dialup is (800)368-2217, but there are several out there to be found. In fact, CERT has a report circulating about people attempting to find these dialups through social engineering. If you want the TAC manual you can write a letter to: Defense Communications Agency Attn: Code BIAR Washington, DC 2o3o5-2ooo Be sure to write that you want the TAC User Guide, 310-p70-74. In order to logon, you will need a TAC Access Card. You would probably get it from the DDN NIC. Here is a sample logon: Use Control-Q for help... * * PVC-TAC 111: 01 \ TAC uses to this to identify itself * @ #o 124.32.5.82 \ Use ``O'' for open and the internet * / address which yea want to call. * * TAC Userid: #THE.GATSBY * Access Code: #10kgb0124 * Login OK * TCP trying...Open * * 7 Basic Commands ~~~~~~~~~~~~~~~~~~ a: Basic TELNET Commands Situation: You have an account on a UNIX system that is a host on Internet. Now you can access the entire world! Once the UNIX system you should see a prompt, which can look like a '$' or '%' (it also depends on what shell you are in and the type of Unix system). At the prompt you can do all the normal UNIX commands, but when on a Internet host you can type 'telnet' which will bring you to the 'telnet' prompt. * * $ #telnet * ^ ^ | | | the command that will bring you to the telnet prompt | a normal UNIX prompt You should get this: * * telnet> * At this prompt you will have a whole different set of commands which are as follows (This comes from UCSD, so it may vary from place to place). * * telnet> #help * * close close current connection * display display operating parameters * open connect to a site * quit exit telnet * send transmit special character * set set operating parameters * status print status information * toggle toggle operating parameters * ? to see what you are looking at now * close - this command is used to 'close' a connection, when multitasking or jumping between systems. display - this set the display setting, commands for this are as follow. ^E echo. ^] escape. ^H erase. ^O flushoutput. ^C interrupt. ^U kill. ^\ quit. ^D eof. open - type 'open [host]' to connect to a system * * $ #telnet ucsd.edu * or * * telnet> #open 125.24.64.32.1 * quit - to get out of telnet and back to UNIX send - send files set - set echo - character to toggle local echoing on/off escape - character to escape back to telnet command mode The following need 'localchars' to be toggled: erase - character to cause an Erase Character flushoutput - character to cause an Abort Output interrupt - character to cause an Interrupt Process kill - character to cause an Erase Line quit - character to cause a Break eof - character to cause an EOF ? - display help information b: ftp ANONYMOUS to a remote site ftp or file transfer protocol is used to copy files from a remote host to the one that you are on. You can copy anything. Security has really clamped down on the passwd file, but it will still work here and there (always worth a shot). This could be useful when you see a Internet CuD (Computer Underground Digest) site that accepts a anonymous ftps, and you want to read the CuDs, but do not feel like wasting your time on boards downloading them. The best way to start out is to ftp a directory to see what you are getting. Example: The CuD archive site has an Internet address of 192.55.239.132 and my account name is "gats". * * $ #ftp * ^ ^ | | | ftp command | UNIX prompt * * ftp> #open 192.55.239.132 * Connected to 192.55.239.132 * 220 192.55.239.132 FTP Server (sometimes the date, etc) * Name (192.55.239.132:gats): #anonymous * ^ ^ ^ | | | | | This is where you type 'anonymous' unless | | you have a account on 192.55.239.132. | | | This is the name of my account or [from] | This is the Internet address or [to] * * Password: #gats * ^ | For this just type your username or anything you feel like typing in at that time. It doesn't matter. * * % ftp 192.55.239.132 * Connected to 192.55.239.132 * ftp> #ls * ^ | You are connected now, thus you can ls it. Just move around like you would in a normal unix system. Most of the commands still apply on this connection. Here is a example of me getting a copy of the Electronic Frontier Foundation's Effector (issue 1.04) from Internet address 192.55.239.132. * * % #ftp * ftp> #open 128.135.12.60 * Trying 128.135.12.60... * 220 chsun1 FTP server (SunOS 4.1) ready. * Name (128.135.12.60:gatsby): anonymous * 331 Guest login ok, send ident as password. * Password: #gatsby * 230 Guest login ok, access restrictions apply. * ftp> #ls * 200 PORT command successful. * 150 ASCII data connection for /bin/ls (132.239.13.10,4781) * (0 bytes). * .hushlogin * bin * dev * etc * pub * usr * README * 226 ASCII Transfer complete. * 37 bytes received in 0.038 seconds (0.96 Kbytes/s) * ftp> _________________________________________________________________________ | | This is where you can try to 'cd' the "etc" dir or just 'get' | /etc/passwd, but grabbing the passwd file this way is a dieing art. |_________________________________________________________________________ * ftp> #cd pub * 200 PORT command successful. * ftp> #ls * ceremony * cud * dos * eff * incoming * united * unix * vax * 226 ASCII Transfer cmplete. * 62 bytes received in 1.1 seconds (0.054 Kbytes/s) * ftp> #cd eff * 250 CWD command successful. * ftp> #ls * 200 PORT command successful. * 150 ASCII data connection for /bin/ls (132.239.13.10,4805) (0 bytes). * Index * eff.brief * eff.info * eff.paper * eff1.00 * eff1.01 * eff1.02 * eff1.03 * eff1.04 * eff1.05 * realtime.1 * 226 ASCII Transfer complete. * 105 bytes received in 1.8 seconds (0.057 Kbytes/s) * ftp> #get * (remote-file) #eff1.04 * (local-file) #eff1.04 * 200 PORT command successful. * 150 Opening ASCII mode data connection for eff1.04 (909 bytes). * 226 Transfer complete. * local: eff1.04 remote: eff1.04 * 931 bytes received in 2.2 seconds (0.42 Kbytes/s) * ftp> #close * Bye... * ftp> #quit * % * To read the file you can just 'get' the file and buffer it. If the files are just too long, you can 'xmodem' it off the host you are on. Just type 'xmodem' and that will make it much faster to get the files. Here is the set up (as found on ocf.berkeley.edu). If you want to: type: send a text file from an apple computer to the ME xmodem ra <filename> send a text file from a non-apple home computer xmodem rt <filename> send a non-text file from a home computer xmodem rb <filename> send a text file to an apple computer from the ME xmodem sa <filename> send a text file to a non-apple home computer xmodem st <filename> send a non-text file to a home computer xmodem sb <filename> xmodem will then display: * * XMODEM Version 3.6 -- UNIX-Microcomputer Remote File Transfer Facility * File filename Ready to (SEND/BATCH RECEIVE) in (binary/text/apple) mode * Estimated File Size (file size) * Estimated transmission time (time) * Send several Control-X characters to cancel * Hints- File transfer can be an iffy endeavor; one thing that can help is to tell the annex box not to use flow control. Before you do rlogin, type stty oflow none stty iflow none at the annex prompt. This works best coming through 2-6092. Some special commands used during ftp session are cdup (same as cd ..) and dir (gives a detailed listing of the files). c: How to tftp the Files tftp (Trivial File Transfer Protocol, the command is NOT in caps, because UNIX is case sensitive) is a command used to transfer files from host to host. This command is used sometimes like ftp, in that you can move around using UNIX commands. I will not go into this part of the command, but I will go into the basic format, and structure to get files you want. Moreover, I will be covering how to flip the /etc/passwd out of remote sites. There is a little trick that has been around a while. It helps you to "flip" the /etc/passwd file out of different sites, which gets you the passwd file without out breaking into the system. Then just run Brute Hacker (the latest version) on the thing and you save time and energy. This 'hole' (not referring to the method of obtaining Unix superuser status) may can be found on SunOS 3.X, but has been fixed in 4.0. It has sometimes appeared in System V, BSD and a few others. The only problem with this 'hole' is that the system manager will often realize what you are doing. The problem occurs when attempts to tftp the /etc/passwd is happen too many times. You may see this (or something like this) when you logon on to your account. This was buffered off of plague.berkeley.edu. I guess they knew what I was doing. * * DomainOS Release 10.3 (bsd4.3) Apollo DN3500 (host name): * This account has been deactivated due to use in system cracking * activities (specifically attempting to tftp /etc/passwd files from remote * sites) and for having been used or broken in to from <where the calls are * from>. If the legitimate owner of the account wishes it reactivated, * please mail to the staff for more information. * * - Staff * The tftp is used in this format: tftp -<command> <any name> <Internet Address> /etc/passwd <netascii> Command -g is to get the file, this will copy the file onto your 'home' directory, thus you can do anything with the file. Any Name If your going to copy it to your 'home' directory, it needs a name. Internet This is the address that you want to snag the passwd file from. Address There are hundreds of thousands of them. /ETC/PASSWD THIS IS THE FILE THAT YOU WANT. You do not want John Smith's even though it would be trivial to retreive it. netascii This how you want the file to be transferred. & Welcome to the power of UNIX, it is multitasking, this little symbol place at the end will allow you to do other things (such as grab the passwd file from the UNIX that you are on). Here is the set up: We want to get the passwd file from sunshine.ucsd.edu. The file in your 'home' directory is going to be named 'asunshine'. * * $ #tftp -g asunshine sunshine.ucsd.edu /etc/passwd & * d Basic Fingering Fingering is a real good way to get an account on remote sites. Typing 'who' or just 'finger <account name> <CR>' you can have names to "finger". This will give you all kinds information on the person's account. Here is a example of how to do it: * * % #who * joeo ttyp0 Jun 10 21:50 (bmdlib.csm.edu) * gatsby ttyp1 Jun 10 22:25 (foobar.plague.mil) * ddc crp00 Jun 10 11:57 (aogpat.cs.pitt.edu) * liliya display Jun 10 19:40 /and fingering what you see * % #finger bbc * Login name: ddc In real life: David Douglas Cornwall * Office: David C. Co * Directory: //aogpat/users_local/bdc Shell: /bin/csh * On since Jun 10 11:57:46 on crp00 from aogpat Phone 555-1212 * 52 minutes Idle Time * Plan: I like to eat apples and bananas. * % * Now you could just call (or Telnet to) 'aogpat.cs.pit.edu' and try to hack out an account. Try the last name as the password, the first name, the middle name, and try them all backwards. The chances are real good that you WILL get in because people are stupid. If there are no users online for you to type "who" you can just type "last" and all of the users who logged on will come rolling out. Now "finger" them. The only problem with using the "last" command is aborting it. You can also try telephoning individual users and tell them you are the system manager (i.e. social engineer them). However, I have not always seen phone numbers in everyone's ".plan" file (the file you see when you finger the user). 8 Other Networks ~~~~~~~~~~~~~~~~~ AARNet - Australian Academic and Research Network. This network supports research for various Australian Universities. This network supports TCP/IP, DECnet, and OSI (CLNS). ARPANET - We've already discussed this network. BITNET - Because It's Time NETwork (BITNET) is a worldwide network that connects many colleges and universities. This network uses many different protocols, but it dose use the TCP/IP. CREN CSNET - Corporation for Research and Educational Network (CREN) or Computer + Science research NETwork (CSNET). This network links scientists at sites all over the world. CSNET providing access to the Internet, CREN to BITNET. CREN is the name more often used today. CSUNET - California State University Network (CSUNET). This network connects the California State University campuses and other universities in California. This network is based on the CCITT X.25 protocol, and also uses TCP/IP, SNA/DSLC, DECnet, and others. The Cypress Net - This network started as a experimental network. The use of this network today is as a connection to the TCP/IP Internet as a cheap price. DRI - Defense Research Internet is a WAN that is used as a platform from which to work from. This network has all kind of services, such as multicast service, real-time conference and more. This network uses the TCP/IP (also see RFC 907-A for more information on this network). ESnet - This is the new network operated by the Department of Energy's Office of Energy Research (DoE OER). This net is the backbone for all DoE OER programs. This network replaced the High Energy Physics DECnet (HEPnet) and also the Magnetic Fusion Energy network (MFEnet). The protocols offered are IP/TCP and also DECnet service. JANET - JANET is a Joint Academic NETwork based in the UK, connected to the Internet. JANET is a PSN (information has pass through a PAD) using the protocol X.25 though it does support the TCP/IP. This network also connects PSS (Packet Switched Service is a PSN that is owned and operated by British telecom). JUNET - Japan's university message system using UUCP, the Internet as its backbone, and X.25 (see RFC 877). This network is also a part of USENET (this is the network news). Los Nettos - Los Nettos is a high speed MAN in the Los Angeles area. This network uses the IP/TCP. MILNET - When ARPANET split, the DDN was created and MILNET (MILitary NETwork) is also a part of the network. MILNET is unclassified, but there are three other classified networks that make up the DDN. NORDUNet - This net is the backbone to the networks in the Nordic Countries, Denmark (DENet), Finland (FUNET), Iceland (SURIS), Norway (UNINETT), and Sweden (SUNET). NORDUnet supports TCP/IP, DECNet, and X.25. NSN - NASA Science Network (NSN). This network is used by NASA to send and relay information. The protocols used are TCP/IP. NSN has a sister network called Space Physics Analysis Network (SPAN) for DECNet. ONet - Ontario Network is a TCP/IP network used for research. NSFNet - National Science Foundation Network, this network is in the IP/TCP family, but in any case it uses UDP (User Diagram Protocol) and not TCP. NSFnet is the network for the US scientific and engineering research community. Listed below are all the NSFNet Sub-networks: BARRNet - Bay Area Regional Research Network is located in the San Francisco area. This network uses TCP/IP. CERFnet - California Education and Research Federation Network is a research based network supporting Southern California Universities communication services. This network uses TCP/IP. CICNet - Committee on Institutional Cooperation. This network services the BIG 10, and University of Chicago. This network uses TCP/IP. JvNCnet - John von Neumann National Supercomputer Center. This network uses TCP/IP. Merit - Merit connects Michigan's academic and research computers. This network supports TCP/IP, X.25 and Ethernet for LANs. MIDnet - MIDnet connects 18 universities and research centers in the midwest United States. The support protocols are TELNET, FTP and SMTP. MRNet - Minnesota Regional Network, this network services Minnesota. The network protocols are TCP/IP. NEARnet - New England Academic and Research Network, connects various research/educational institutions. You can get more information about this net by mailing 'nearnet-staff@bbn.com'. NCSAnet - The National Center for Supercomputing Applications supports the whole IP family (TCP, UDP, ICMP, etc). NWNet - North West Network provides service to the Northwestern United States and Alaska. This network supports IP and DECnet. NYSERNet - New York Service Network is a autonomous nonprofit network. This network supports the TCP/IP. OARnet - Ohio Academic Resources Network gives access to the Ohio Supercomputer Center. This network supports TCP/IP. PREPnet - Pennsylvania Research and Economic Partnership is a network operated and managed by Bell of Pennsylvania. It supports TCP/IP. PSCNET - Pittsburgh Supercomputer Center serving Pennsylvania, Maryland, and Ohio. It supports TCP/IP, and DECnet. SDSCnet - San Diego Super Computer Center is a network whose goal is to support research in the field of science. The Internet address is 'y1.ucsc.edu' or call Bob at (619)534-5060 and ask for a account on his Cray. Sesquinet - Sesquinet is a network based in Texas. It supports TCP/IP. SURAnet - Southeastern Universities Research Association Network is a network that connects institutions in the Southeast United States. THEnet - Texas Higher Education Network is a network that is run by Texas A&M University. This network connects to hosts in Mexico. USAN/NCAR - University SAtellite Network (USAN)/National Center for Atmospheric Research is a network for information exchange. Westnet - Westnet connects the western part of the United States, but not including California. The network is supported by Colorado State University. USENET - USENET is the network news (the message base for the Internet). This message base is quite large with over 400 different topics and connecting to 17 different countries. 9 Internet Protocols ~~~~~~~~~~~~~~~~~~~~~ TCP/IP is a general term relating to the whole family of Internet protocols. The protocols in this family are IP, TCP, UDP, ICMP, ROSE, ACSE, CMIP, ISO, ARP and Ethernet for LANs. If if you want more information, get the RFCs. TCP/IP protocol is a "layered" set of protocols. In this diagram taken from RFC 1180 you will see how the protocol is layered when connection is made. Figure is of a Basic TCP/IP Network Node: ----------------------------------- | Network Application | | | | ... \ | / .. \ | / ... | | ------- ------- | | | TCP | | UDP | | | ------- ------- | | \ / | % Key % | ------- --------- | ~~~~~~~ | | ARP | | IP | | UDP User Diagram Protocol | ------- ------*-- | TCP Transfer Control Protocol | \ | | IP Internet Protocol | \ | | ENET Ethernet | ------------- | ARP Address Resolution | | ENET | | Protocol | -------@----- | O Transceiver | | | @ Ethernet Address -------------- | ------------------ * IP address | ========================O================================================= ^ | Ethernet Cable TCP/IP: If connection is made is between the IP module and the TCP module the packets are called a TCP datagram. TCP is responsible for making sure that the commands get through the other end. It keeps track of what is sent, and retransmits anything that does not go through. The IP provides the basic service of getting TCP datagram from place to place. It may seem like the TCP is doing all the work, this is true in small networks, but when connection is made to a remote host on the Internet (passing through several networks) this is a complex job. Say I am connected from a server at UCSD to LSU (SURAnet) the data grams have to pass through a NSFnet backbone. The IP has to keep track of all the data when the switch is made at the NSFnet backbone from the TCP to the UDP. The only NSFnet backbone that connects LSU is the University of Maryland, which has different circuit sets. The cable (trunk)/circuit types are the T1 (a basic 24-channel 1.544 Md/s pulse code modulation used in the US) to a 56 Kbps. Keeping track of all the data from the switch from T1 to 56Kbs and TCP to UDP is not all it has to deal with. Datagrams on their way to the NSFnet backbone (at the University of Maryland) may take many different paths from the UCSD server. All the TCP does is break up the data into datagrams (manageable chunks), and keeps track of the datagrams. The TCP keeps track of the datagrams by placing a header at the front of each datagram. The header contains 160 (20 octets) pieces of information about the datagram. Some of this information is the FQDN (Fully Qualified Domain Name). The datagrams are numbers in octets (a group of eight binary digits, say there are 500 octets of data, the numbering of the datagrams would be 0, next datagram 500, next datagram 1000, 1500 etc. UDP/IP: UDP is one of the two main protocols of the IP. In other words the UDP works the same as TCP, it places a header on the data you send, and passes it over to the IP for transportation throughout the Internet. The difference is that it offers service to the user's network application. It does not maintain an end-to-end connection, it just pushes the datagrams out. ICMP: ICMP is used for relaying error messages. For example you might try to connect to a system and get a message back saying "Host unreachable", this is ICMP in action. This protocol is universal within the Internet, because of its nature. This protocol does not use port numbers in it's headers, since it talks to the network software itself. Ethernet: Most of the networks use Ethernet. Ethernet is just a party line. When packets are sent out on the Ethernet, every host on the Ethernet sees them. To make sure the packets get to the right place, the Ethernet designers wanted to make sure that each address is different. For this reason 48 bits are allocated for the Ethernet address, and a built in Ethernet address on the Ethernet controller. The Ethernet packets have a 14-octet header, this includes address "to" and "from." The Ethernet is not too secure, it is possible to have the packets go to two places, thus someone can see just what you are doing. You need to take note that the Ethernet is not connected to the Internet. A host on both the Ethernet and on the Internet has to have both an Ethernet connection and an Internet server. ARP: ARP translates the IP address into an Ethernet address. A conversion table is used (the table is called ARP Table) to convert the addresses. Therefore, you would never even know if you were connected to the Ethernet because you would be connecting to the IP address. The following is a real sketchy description of a few Internet protocols, but if you would like to get more information you can access it via anonymous ftp from several hosts. Here is a list of RFCs that deal with the topic of protocols. |~~~~~~~~~~~~~~~|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| | RFC: | Description: | | | | |~~~~~~~~~~~~~~~|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| | rfc1011 | Official Protocols of the Internet | | rfc1009 | NSFnet gateway specifications | | rfc1001/2 | netBIOS: networking for PC's | | rfc894 | IP on Ethernet | | rfc854/5 | telnet - protocols for remote logins | | rfc793 | TCP | | rfc792 | ICMP | | rfc791 | IP | | rfc768 | UDP | | | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 10 Host Name and Address ~~~~~~~~~~~~~~~~~~~~~~~~~ Internet addresses are long and difficult hard to remember (i.e., 128.128.57.83) so we use host names. All hosts registered on the Internet must have names that reflect them domains under which they are registered. Such names are called Fully Qualified Domain Names (FQDNs). Lets dissect a name and see the domains: lilac.berkeley.edu ^ ^ ^ | | | | | |____ "edu" shows that this host is sponsored by an | | education related organization. This is a top-level | | domain. | | | |___________ "berkeley" is the second-level domain. This shows | that it is an organization within University of | Calironia at Berkeley. | |__________________ "lilac" is the third-level domain. This indicates the local host name is 'lilac'. Common Top-Level Domains COM - commercial enterprise EDU - educational institutions GOV - nonmilitary government agencies MIL - military (non-classified) NET - networking entities ORG - nonprofit intuitions A network address is the numerical address of a host, gateway, or TAC. The addresses are made up of four decimal numbered slots, which are separated by a period. There are three classes that are used most, these are Class A, Class B, and Class C. Class A - from '0' to '127' Class B - from '128' to '191' Class C - from '192' to '223' Class A - Is for MILNET net hosts. The first part of the address has the network number. The second is for the physical PSN port number. The third is for the logical port number, since it is on MILNET, it is a MILNET host. The fourth part is for which PSN it is on. On 29.34.0.9. '29' is the network it is on. '34' means it is on port '34'. '9' is the PSN number. Class B - This is for the Internet hosts, the first two "clumps" are for the network portion. The second two are for the local port. 128.28.82.1 \_/ \_/ | |_____ Local portion of the address | |___________ Potation address. Class C - The first three "clumps" are the network portion and the last one is the local port. 193.43.91.1 \_|_/ |_____ Local Portation Address | |__________ Network Portation Address _______________________________________________________________________________