Copyright Goodheart-Willcox Co., Inc. 262 Principles of Cybersecurity Quick Look 8.1.3 Continued 8. Close the Properties dialog box and the Control Panel. 9. Open the Command Line. 10. Enter the ipconfig command. Locate the network adapter in the list, and make note of the IP addresses assigned. In addition to an IPv4 address, you should see a link-local IPv6 address. 11. If there are double colons (::) in the address, how many sections of zeros were omitted? 12. Compare your link-local address to that of your classmates. Everyone should have the same network address. 13. Enter ping ::1 on the command line to test a connection to the local host. 14. Get a link-local address from a classmate. Ping that computer. Omit any % entries. Packets Recall from the OSI model that information is often too large to travel as one unit of data. The data are separated into multiple pieces and encapsulated inside packets and frames. Refer to Figure 8-12. This is similar to how an online order you placed is shipped in multiple packages. Generally, as data travel across the network, they are usually referred to as packets of data. It is important to under- stand the type of data contained in the packets. It is also important to know which packets are part of the same transmission. This knowledge could help identify packets that have been modifi ed or placed on the network by malware or hackers. Dissecting IP Packets It is important to understand the construction of IPv4 and IPv6 packets, including header information. There is much information contained in a packet. This can be used by administrators to analyze traffi c, track packets, and search for unusual activity. Packets will be constructed with either Transmission Control Protocol (TCP) or User Datagram Protocol (UDP). There are signifi cant differences in the amount and type of information found in each of these packets. TCP packets are called connection-oriented packets. They contain information that helps ensure reliability of the transmission. These are the most common types of packets used on the Internet. The data are broken up into a series of transmis- sions and identifi ed by tracking properties, such as a checksum. Checksum is a value computed based on the data in the transmission that is verifi ed when the packets are received at the destination. This allows TCP packets to track various pieces of information to ensure data are received at the client. UDP packets are known as connectionless protocol packets. UDP packets can be transmitted much faster than TCP packets. Part of the reason for this is that UDP does not acknowledge receipt of packets. There is less emphasis placed on reliability and more on speed. A common example of UDP transmissions occurs with streaming media, such as video or audio. When data are sent, they are packaged or encapsulated into layers, as shown in Figure 8-13. Initially, the data are packaged into either a TCP or UDP packet. The appropriate settings in the header are created. This is called a segment. The seg- ment is then placed into an IP packet. The IP packet handles the network address- ing. Finally, the encapsulated packet is placed into a frame. This is where MAC addresses are identifi ed and other information, such as a cyclical redundancy check (CRC) value, is established. Media Access Control (MAC) addresses are physical addresses embedded into the hardware of network cards. The cyclical redundancy check (CRC) is for error checking of the frame. CRC is used on the MAC addresses are unique and assigned to manufacturers by the Institute of Electrical and Electronics Engineers (IEEE) for setting in the network interface controller. FYI Single Unit of Data Packet 01 Packet 02 Packet 03 Packet 04 Packet 05 Packet 06 Goodheart-Willcox Publisher Figure 8-12. A single unit of data is broken into mul- tiple packets for transmis- sion, but all of the packets are considered part of the same transmission.