Hi there!
How are you doing? More on, how is your internet doing? What about LAN?
Are you exchanging traffic with domains you'd not want to? Are there any open ports on your network that can be attacked? Most importantly (and somewhat not related to the post) have you changed your router's default credentials?
If you are not sure about the majority of the questions asked above, congrats, you have landed on the correct post! Please follow along.
Networks is a very broad concept to understand and explore. There are just way too many exciting things in this single concept! So, let's begin with the basics: The initial things that'll get you started with learning more about the networks and getting hang of the awesome tool: NMAP
Sneak peek into (somewhat applicable history):
OSI Layer:
Even if you have bunked the Computer Networks lectures in your school/college, if you are remotely associated with engineering, there are high chances you'd have heard of this term. Let me throw a diagram out here:
Presenting OSI Seven Layers:
Source: https://community.fs.com/blog/tcpip-vs-osi-whats-the-difference-between-the-two-models.html
These layers are responsible for handling everything that happens behind the scenes when you make that new network connection (say, open a new tab on your browser and go to https://www.aditi.fyi/home ), and in here are a bunch of protocols.
In the attempt to keep this post away from surpassing its limits to be called a post, let's discuss briefly one of these layers, L4 => Transport layer
One of the most prominent protocols in this layer is TCP [Transmission Control Protocol]
If you want to learn the philosophy behind TCP && need a book to read on weekends check out this masterpiece dated September 1981! And that's what is fascinating about networks, the protocols we are using today are exactly the same as were defined decades ago with very few alterations, if at all.
TCP is a connection-oriented protocol, which means a connection is established and maintained until the application programs at each end have finished exchanging messages. It determines how to break application data into packets that networks can deliver, sends packets to and accepts packets from the network layer, manages flow control and handles re-transmission of dropped or garbled packets, and acknowledges all packets that arrive.
The connection is established, using the well-known THREE-WAY HANDSHAKE
This is how a TCP connection is established and data starts to get across, but wait what is SYN, ACK ?
These are "flags", just bits that are set to 1 while crafting the corresponding TCP packet.
A TCP packet is made up of header and data. Where Header has a fixed set of fields:
[Source: WikiPedia]
A TCP segment consists of a segment header and a data section. The segment header contains 10 mandatory fields, and an optional extension field (Options, pink background in table).
Source port (16 bits): Identifies the sending port.
Destination port (16 bits): Identifies the receiving port.
Sequence number (32 bits): The accumulated sequence number of the first data byte of this segment for the current session.
Acknowledgment number (32 bits): If the ACK flag is set then the value of this field is the next sequence number that the sender of the ACK is expecting. This acknowledges receipt of all prior bytes (if any). The first ACK sent by each end acknowledges the other end's initial sequence number itself, but no data.
Data offset (4 bits): Specifies the size of the TCP header in 32-bit words. The minimum size header is 5 words and the maximum is 15 words thus giving the minimum size of 20 bytes and a maximum of 60 bytes, allowing for up to 40 bytes of options in the header. This field gets its name from the fact that it is also the offset from the start of the TCP segment to the actual data.
Reserved (3 bits): For future use and should be set to zero.
Flags (9 bits)Contains 9 1-bit flags (control bits) as follows:
NS (1 bit): ECN-nonce - concealment protection
CWR (1 bit): Congestion window reduced (CWR) flag is set by the sending host to indicate that it received a TCP segment with the ECE flag set and had responded in congestion control mechanism.