Welcome to this tutorial series on working with raw TCP/IP packets. No matter where in the Infosec or IT industry you are working, knowledge on TCP/IP is key for a solid understanding of our current networks. This series is about basic low-level networking and learning on how to manually create network packets by hand, without the need of any advanced tools.
In case you are very familiar with the TCP/IP network layer, protocols and three-way handshake you can skip the first part and dive directly into the analysis of raw TCP/IP packets. However, I would recommend to at least have a short look into the recap on network layers and protocols to refresh your knowledge.
This series consists out of the following parts:
- Recap on network layers and protocols
- Analysis of a raw TCP/IP packet
- Manually create and send raw TCP/IP packets
- Creating a SYN port scanner
Setup
To follow along the examples the only thing you going to need is an easy setup as shown below.
Tools you might need:
- Text editor ?
- Packet analyzer (e.g. Wireshark)
- Python
- Two hosts
My example setup:
- Two virtual machines in the same network:
- Kali Linux ?Client Host?: 10.10.10.2
- Wireshark installed
- Ubuntu ?Server Host?: 10.10.10.1
- Kali Linux ?Client Host?: 10.10.10.2