You are on page 1of 5

Chapter 1: The World of Network Analysis

DHCP: Dynamic Host Configuration Protocol



DNS: Domain Name System

WAN: Wide Area Network

A Network Packet is a formatted unit of data carried by a packet-switching network
Packet Switching is basically taking data, breaking it up into parts, and transmitting it across a
network.

Here, the Red, Green, and Blue is all one packet. A Network switch (basically packet switching
between two machines) is performed and the data is sent away.
Port Mirroring/Spanning is sending a copy of the packets in one port to another.
MAC: Media Access Control Address is a unique identifier assigned to network interfaces for
communications on the physical network segment (01-23-45-67-89-ab or 01:23:45:67:89:ab).

ICMP: Internet Control Message Protocol is the primary messaging system for the ICP (Internet
Protocol Suite).
Switches dont change the MAC address header; but a router will.
Switches forward packets to Ports; Routers forward the packets to the receiver.
ISO: Open Systems Interconnection Model:

NAT: Network Address Translation will modify packet headers while in the router (for example,
modifying the source IP address of a packet while it is in transit).
PAT: Port Address Translation alters the port information of a packet.
VLAN: Virtual Local Area Network creates an identification tag to the packet and is used to create a
virtual network, a network that operates independently of the hardware running beneath it.
Modularity is having a specific purpose for every component; very similar to Encapsulation.
VPN: Virtual Private Network allows you to connect remotely to several other networks privately.

MPLS: Multiprotocol Label Switching directs data from one network to another based on the short
path labels rather than using long network addresses.
IPv4 is a protocol used to connect devices to the internet. Because there were just over 4 billion
different addresses, they thought that they would run out; so IPv6 was implemented to meet the
growing demand (there were also several other features include in IPv6).
PCAP is a packet capture (in other words, just examining the traffic that you come through).
NetBIOS: Network Basic Input/Output System allows application to communicate over a local area
network via the session layer (this layer allows processes to connect to different machines over a
LAN).
SMB: Server Messages Block provides shared access to files, printers, serial ports, etc. between
nodes on a network).
SNMP: Simple Network Management Protocol manages devices on IP networks (routers, switches,
servers, workstations, printer, etc. all support SNMP)
SSDP: Simple Service Discovery Protocol is a network protocol that advertises and discovers network
services and presence information.

Chapter 2: Introduction to Wireshark
802.11 is a family of specifications developed by the IEEE for WLAN technology that specifies an
over-the-air interface between a wireless client and a base station or between two wireless clients.
UDP: User Datagram Protocol is

SSID: Service Set Identification (802.11)

Chapter 3: Capture Traffic