關於
使用條款
隱私政策
聯絡
Apple Services
台灣
Apple Podcasts
Podcast
Apple Services台灣
更新中
CyberCode Academy
CyberCode Academy
發行日期:2025-12-07
© Copyright CyberCode Academy
免費
新
79 Episodes
音訊
免費
新
79 Episodes
音訊
發行日期:2025-12-07
© Copyright CyberCode Academy
最新的單集
Course 13 - Network Forensics | Episode 2: Architecture, Protocols (TCP/UDP), and Evidentiary Value
In this lesson, you’ll learn about: Core networking architectures and componentsThe evidentiary value of network design for forensic investigationsMAC vs. IP addressing, IPv4 vs. IPv6Ports, protocols, and how systems communicateTCP (reliable) vs. UDP
時間長度:15:33
播放
In this lesson, you’ll learn about:
Core networking architectures and componentsThe evidentiary value of network design for forensic investigationsMAC vs. IP addressing, IPv4 vs. IPv6Ports, protocols, and how systems communicateTCP (reliable) vs. UDP (unreliable) communicationEssential protocols: ICMP, DHCP, DNS1. Networking Architecture & Its Forensic Importance
Network forensics requires a solid understanding of how networks operate.The Internet is defined as a collection of interconnected networks using internet protocols to exchange messages.Key network types:LAN – Local Area NetworkWAN – Wide Area NetworkCAN – Campus Area NetworkMAN – Metropolitan Area NetworkDMZ (Demilitarized Zone):Positioned between the internal LAN and the internet.Hosts publicly accessible systems (web servers, mail servers).A critical zone for forensic evidence.Evidentiary Value Across the Architecture When an attacker moves from the internet → DMZ → internal network, evidence is left in multiple locations, including:
Point of originRouters across the internetISP-facing routerFirewallsDMZ switching infrastructureThe compromised server
Understanding these layers allows investigators to reconstruct attacker movement.2. Network Components, Addressing & Infrastructure Network Components
Transmission media: cables, fiber, wirelessNICs (Network Interface Cards)Nodes (any device connected to the network)MAC vs. IP Addresses
MAC AddressLayer 2Physical/hardware identifierTypically permanentIP AddressLayer 3Logical/virtualChanges frequently depending on networkIPv4 vs. IPv6
IPv4 → 32-bit addressingIPv6 → 128-bit addressing with IPSec built in (encryption/authentication)Public vs. Private Addressing
Public = Routable on the internetPrivate = Non-routable (internal networks)NAT (Network Address Translation) is used to map internal private IPs to a public-facing address.IP Address Classes
Class AClass BClass CClass E (experimental)3. Ports & Communication Protocols Ports
Think of ports as "traffic lanes" used for communication.Total: 65,535 ports1–1024 → Well-known ports1025+ → Ephemeral or dynamic portsServices (Windows) / Daemons (Linux) bind to these ports.Protocols
Protocols define communication rules between systems.Governed by RFCs (Request for Comments) standards.4. TCP – The Reliable Protocol Key TCP Header Elements
Source portDestination portSequence numberFlagsConnection Management
Three-Way Handshake (Start of session)SYN → SYN/ACK → ACKFour-Way Combo (End of session)FIN/ACK → ACK → FIN/ACK → ACKTotal overhead: 7 packets for a complete start + close cycle.Important TCP Flags
Urgent Pointer – Marks urgent/priority dataPush (PSH) – Forces buffered data to transmit immediatelyReset (RST) – Abruptly closes a sessionTCP is reliable because it ensures ordered, confirmed delivery. 5. UDP – The Unreliable Protocol
Connectionless, no handshake.Faster, lower overhead.Ideal for short or time-sensitive bursts of data.Common uses:DNS queriesAudio/video streamingVoIPUDP does not guarantee delivery, order, or error correction. 6. Other Essential Protocols ICMP (Internet Control Message Protocol)
Used for error reporting and network diagnostics.Helps identify optimal routing paths.DHCP (Dynamic Host Configuration Protocol)
Automatically assigns IP addresses, subnet masks, and gateways to clients.DNS (Domain Name System)
Translates human-friendly domain names into IP addresses.Essential for both internal and external connectivity.
You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
單集識別碼:
1000740051485
GUID:https://api.spreaker.com/episode/68812607
發佈日期:2025/12/7 下午3:00:07
說明
Welcome to CyberCode Academy — your audio classroom for Programming and Cybersecurity.
🎧 Each course is divided into a series of short, focused episodes that take you from beginner to advanced level — one lesson at a time.
From Python and web development to ethical hacking and digital defense, our content transforms complex concepts into simple, engaging audio learning.
Study anywhere, anytime — and level up your skills with CyberCode Academy.
🚀 Learn. Code. Secure.
來源 URL
https://www.spreaker.com/show/6790974/episodes/feed
Apple Podcasts:評論
無條目