Networking Fundamentals

whoami

cat team.md

cat agenda.md

cd networking/foundations

cat osi-model.md

cat tcpip-model.md

cat osi-vs-tcpip.md

cat ethernet-frame.md

cat encapsulation.md

cat data-flow.md

cd networking/ip-addressing

cat ipv4.md

cat ipv6.md

cat subnetting.md

cat public-vs-private.md

cat ipv6-benefits.md

cd transport/tcp

cat handshake.md

cat seq-ack.md

cat windowing.md

cat flow-control.md

cat keepalive.md

cat reliability.md

diff tcp udp

cat tcp-vs-udp.md

cat speed-overhead.md

cat use-cases.md

cd services/dhcp-dns

cat dhcp-purpose.md

cat dora.md

cat dhcp-lease.md

cat dns-purpose.md

cat dns-resolution.md

cat dns-records.md

cd networking/packets

cat packet-build.md

cat headers-payload.md

cat fragmentation.md

cat mtu.md

cd app-layer/protocols

cat protocols.md

cat ftp.md

cat ftp-commands.md

cat http.md

cat http-methods.md

cat pop3.md

cat imap.md

cat pop3-vs-imap.md

cat protocol-security.md

sudo wireshark &

cat demo-plan.md

cat capture-setup.md

wireshark: filter "bootp"

[ SCREENSHOT TO ADD ]

Wireshark, packet list filtered to "bootp".
Show the 4 DHCP packets in order:
  DHCP Discover  (0.0.0.0 -> 255.255.255.255)
  DHCP Offer     (server -> client)
  DHCP Request   (broadcast)
  DHCP ACK       (lease confirmed)
Expand one packet's detail pane to show the
Ethernet / IP / UDP / DHCP layers and the
offered IP address + lease time.

wireshark: filter "dns"

[ SCREENSHOT TO ADD ]

Wireshark filtered to "dns".
Show two packets:
  Standard query   A  ftp.example.com
  Standard query response  -> 93.184.216.34
Expand the response packet to show the
"Answers" section with the A record and the
resolved IP address. Note UDP port 53.

wireshark: filter "tcp.flags.syn==1"

[ SCREENSHOT TO ADD ]

Wireshark showing the 3 handshake packets:
  [SYN]      client -> server  (port 21)
  [SYN, ACK] server -> client
  [ACK]      client -> server
Expand one packet's TCP layer to show the
flag bits set and the Sequence / Acknowledgment
numbers. Source/destination IP + ports visible
in the columns.

wireshark: filter "ftp"

[ SCREENSHOT TO ADD ]

Wireshark filtered to "ftp" (control channel).
Show the command/response exchange:
  USER demo
  PASS p@ssw0rd     (!) visible in PLAINTEXT
  230  Login successful
  RETR sample.txt
  150  Opening data connection
  226  Transfer complete
Highlight the visible password to make the
security point. Use "Follow TCP Stream" for a
clean readable view.

wireshark: filter "ftp-data || tcp.flags.fin==1"

[ SCREENSHOT TO ADD ]

Two things to capture:
 (a) FTP-DATA packets carrying the file's bytes
     on the separate data connection.
 (b) Connection teardown: the FIN / ACK
     exchange (FIN, ACK, FIN, ACK) that closes
     both directions of the TCP connection.
Show the [FIN, ACK] flags in the Info column.

cat layers-in-action.md

cat summary.md

cat takeaways.md

cat real-world.md

cat references.md

exit