Welcome To Introductory Networking tryhackme room ‘writeup’
-
by : Ahmedhammad
–info
- room name : Introductory Networking
- category : Network
- link : https://www.tryhackme.com/room/introtonetworking
- The topics that we’re going to cover in this room are:
- The OSI Model
- The TCP/IP Model
- How these models look in practice
- An introduction to basic networking tools
Starting Point
task1 : Introduction
Qesution 1 : Let's get started!
Correct Answer : No answer needed
Task 2 : The OSI Model: An Overview
Qesution 1 : Which layer would choose to send data over TCP or UDP?
Correct Answer : 4
Layer 4 Transport : first purpose is to choose the protocol over which the data is to be transmitted. The two most common protocols in the transport layer are TCP (Transmission Control Protocol) and UDP (User Datagram Protocol); with TCP the transmission is connection-based which means that a connection between the computers is established and maintained for the duration of the request.
Qesution 2 : Which layer checks received packets to make sure that they haven't been corrupted?
Correct Answer : 2
The data link layer also serves an important function when it receives data, as it checks the received information to make sure that it hasn’t been corrupted during transmission, which could well happen when the data is transmitted by layer 1: the physical layer.
Qesution 3 : In which layer would data be formatted in preparation for transmission?
Correct Answer : 2
Additionally, it’s also the job of the data link layer to present the data in a format suitable for transmission.
Qesution 4 : Which layer transmits and receives data?
Correct Answer : 1
It’s the job of the physical layer to convert the binary data of the transmission into signals and transmit them across the network, as well as receiving incoming signals and converting them back into binary data
Qesution 5 : Which layer encrypts, compresses, or otherwise transforms the initial data to give it a standardised format?
Correct Answer : 6
The presentation layer translates the data into a standardised format, as well as handling any encryption, compression or other transformations to the data. With this complete.
Qesution 6 : Which layer tracks communications between the host and receiving computers?
Correct Answer : 5
This is what allows you to make multiple requests to different endpoints simultaneously without all the data getting mixed up (think about opening two tabs in a web browser at the same time)! When the session layer has successfully logged a connection between the host and remote computer the data is passed down to Layer
Qesution 7 : Which layer accepts communication requests from applications?
Correct Answer : 7
The application layer of the OSI model essentially provides networking options to programs running on a computer.
Qesution 8 : Which layer handles logical addressing?
Correct Answer : 3
At this stage we’re working with what is referred to as Logical addressing (i.e. IP addresses) which are still software controlled. Logical addresses are used to provide order to networks, categorising them and allowing us to properly
Qesution 9 : When sending data over TCP, what would you call the "bite-sized" pieces of data?
Correct Answer : Segments
the transport layer then divides the transmission up into bite-sized pieces (over TCP these are called segments, over UDP they’re called datagrams), which makes it easier to transmit the message successfully
Qesution 10 : [Research] Which layer would the FTP protocol communicate with?
Correct Answer : 7
FTP runs on the application layer
Qesution 11 : Which transport layer protocol would be best suited to transmit a live video?
Correct Answer : UDP
With UDP, the opposite is true; packets of data are essentially thrown at the receiving computer – if it can’t keep up then that’s its problem (this is why a video transmission over something like Skype can be pixelated if the connection is bad)
Task 3 : Encapsulation
Qesution 1 : How would you refer to data at layer 2 of the encapsulation process (with the OSI model)?
Correct Answer : Frames
Qesution 2 : How would you refer to data at layer 4 of the encapsulation process (with the OSI model), if the UDP protocol has been selected?
Correct Answer : Datagrams
over TCP these are called segments, over UDP they’re called datagrams
Qesution 3 : What process would a computer perform on a received message?
Correct Answer : De-encapsulation
When the message is received by the second computer, it reverses the process – starting at the physical layer and working up until it reaches the application layer, stripping off the added information as it goes. This is referred to as de-encapsulation.
Qesution 4 : Which is the only layer of the OSI model to add a trailer during encapsulation?
Correct Answer : Data Link
Qesution 5 : Does encapsulation provide an extra layer of security (Aye/Nay)?
Correct Answer : Aye
The data link layer also adds a piece on at the end of the transmission, which is used to verify that the data has not been corrupted on transmission; this also has the added bonus of increased security, as the data can’t be intercepted and tampered with without breaking the trailer. This whole process is referred to as encapsulation; the process by which data can be sent from one computer to another.
Task 4 : The TCP/IP Model
Qesution 1 : Which model was introduced first, OSI or TCP/IP?
Correct Answer : TCP/IP
Qesution 2 : Which layer of the TCP/IP model covers the functionality of the Transport layer of the OSI model (Full Name)?
Correct Answer : Transport
Qesution 3 :Which layer of the TCP/IP model covers the functionality of the Session layer of the OSI model (Full Name)?
Correct Answer : Application
Qesution 4 : The Network Interface layer of the TCP/IP model covers the functionality of two layers in the OSI model. These layers are Data Link, and?.. (Full Name)?
Correct Answer : Physical
Qesution 5 : Which layer of the TCP/IP model handles the functionality of the OSI network layer?
Correct Answer : Internet
Qesution 6 : What kind of protocol is TCP?
Correct Answer : Connection-based
TCP is a connection-based protocol.
Qesution 7: What is SYN short for?
Correct Answer : Synchronise
When you attempt to make a connection, your computer first sends a special request to the remote server indicating that it wants to initialise a connection. This request contains something called a SYN (short for synchronise) bit.
Qesution 8 : What is the second step of the three way handshake?
Correct Answer : SYN/ACK
client send SYN — server will replay SYN/ACK
Qesution 9 : What is the short name for the "Acknowledgement" segment in the three-way handshake?
Correct Answer : ACK
acknowledgement bit called ACK
Task 5 : Networking Tools Ping
Qesution 1 : What command would you use to ping the bbc.co.uk website?
Correct Answer : ping bbc.co.uk
Qesution 2 : Ping muirlandoracle.co.uk What is the IPv4 address??
Correct Answer : 217.160.0.152
ping muirlandoracle.co.uk PING muirlandoracle.co.uk (217.160.0.152) 56(84) bytes of data. 64 bytes from 217-160-0-152.elastic-ssl.ui-r.com (217.160.0.152): icmp_seq=1 ttl=55 time=122 ms 64 bytes from 217-160-0-152.elastic-ssl.ui-r.com (217.160.0.152): icmp_seq=2 ttl=55 time=122 ms
Qesution 3: What switch lets you change the interval of sent ping requests?
Correct Answer : -i
open terminal the type man ping
Qesution 4 : What switch would allow you to restrict requests to IPv4?
Correct Answer : -4
open terminal and type ping –help
Qesution 5 : What switch would give you a more verbose output?
Correct Answer : -v
open terminal and type ping –help
Task 6 : Networking Tools Traceroute
Qesution 1: use traceroute on tryhackme.com / Can you see the path your request has taken?
Correct Answer : No answer needed
Qesution 2: What switch would you use to specify an interface when using Traceroute?
Correct Answer : -i
open terminal and type traceroute –help
Qesution 3: What switch would you use if you wanted to use TCP SYN requests when tracing the route?
Correct Answer : -T
open terminal and type traceroute –help
Qesution 4: [Lateral Thinking] Which layer of the TCP/IP model will traceroute run on by default (Windows)?
Correct Answer : Internet
Task 7 : Networking Tools WHOIS
Qesution 1: Perform a whois search on facebook.com / Can you see the path your request has taken?
Correct Answer : No answer needed
Qesution 2: What is the registrant postal code for facebook.com?
Correct Answer : 94025
i will use whois and grep Postal
whois facebook.com | grep Postal
Qesution 3: When was the facebook.com domain first registered?
Correct Answer : 29/03/1997
whois facebook | grep Date
Qesution 4: Perform a whois search on microsoft.com
Correct Answer : No answer needed
Qesution 5: Which city is the registrant based in?
Correct Answer : Redmond
Qesution 6: [OSINT] What is the name of the golf course that is near the registrant address for microsoft.com?
Correct Answer : Bellevue Golf Course
google redmond golf course microsoft one way
Qesution 7: What is the registered Tech Email for microsoft.com?
Correct Answer : msnhst@microsoft.com
whois microsoft.com | grep Tech
msnhst@microsoft.com
Task 8 : Networking Tools Dig
Qesution 1: What is DNS short for?
Correct Answer : Domain Name System
Qesution 2: What is the first type of DNS server your computer would query when you search for a domain?
Correct Answer : Recursive
Assuming the address hasn’t already been found, your computer will then send a request to what’s known as a recursive DNS server. These will automatically be known to the router on your network.
Qesution 3: What type of DNS server contains records specific to domain extensions (i.e. .com, .co.uk*, etc)*? Use the long version of the name.
Correct Answer : Top-Level Domain
The root name servers essentially keep track of the DNS servers in the next level down, choosing an appropriate one to redirect your request to. These lower level servers are called Top-Level Domain servers.
Qesution 4: Where is the very first place your computer would look to find the IP address of a domain?
Correct Answer : Local Cache
You make a request to a website. The first thing that your computer does is check its local cache to see if it’s already got an IP address stored for the website; if it does, great. If not, it goes to the next stage of the process.
Qesution 5: [Research] Google runs two public DNS servers. One of them can be queried with the IP 8.8.8.8, what is the IP address of the other one?
Correct Answer : 8.8.8.8
open google search for
google Public dns ipv4