-
The IP address and MAC address of the device can be viewed using
ifconfig. -
IP address - Layer 3; MAC address - Layer 2.
-
The first three pairs in a MAC address act as identifiers, can be used in lookup to identify the vendor.
-
In layer 4, TCP (connection-oriented) and UDP (connection-less) would be used as protocols.
-
TCP three-way handshake - SYN packet is sent first, then SYN ACK is received, and then ACK is sent.
-
Common ports and protocols -
- TCP - FTP(21), SSH(22), Telnet(23), SMTP(25), DNS(53), HTTP(80), HTTPS(443), POP3(110), SMB(139,445), IMAP(143)
- UDP - DNS(53), DHCP(67,68), TFTP(69), SNMP(161)