Summary of TryHackMe Introductory Networking Official Walkthrough

00:00:00 - 00:50:00

The "TryHackMe Introductory Networking Official Walkthrough" video provides a comprehensive overview of computer networking and the OSI and TCP/IP models. The video explains each of the seven layers of the OSI model and the four layers of the TCP/IP model, as well as the use of protocols like TCP and UDP. The video also explores the use of tools such as Wireshark, ping, traceroute, and whois, and explains the importance of DNS and recursive DNS servers in networking. Finally, the video offers an extensive reading list for those interested in further expanding their networking knowledge.

• 00:00:00 In this section, the video introduces the basic principles of computer networking and provides a brief overview of the OSI model, which is a standardized model used to demonstrate the theory behind computer networking. The OSI model consists of seven layers: application, presentation, session, transport, network, data link, and physical. The video explains each layer in turn and its functions, such as how the presentation layer translates data into a standardized format and handles encryption, compression, or other transformations to the data. The transport layer is also discussed, and its purpose is to choose the protocol over which the data is to be transmitted, such as TCP or UDP. The differences between TCP and UDP are then explained, with TCP providing reliable transmission while UDP allows for faster transmission but with the potential for lost data.
• 00:05:00 In this section, the video discusses the four layers of the TCP/IP model. These layers are the transport layer, network layer, data link layer, and physical layer. The transport layer is responsible for selecting the protocol used based on whether accuracy or speed is favored. The network layer is responsible for finding the destination of the request, using logical addressing. The data link layer focuses on physical addressing and identifying where to send the information. The physical layer handles the hardware of the computer, converting binary data into signals to transmit across the network. Layer 0 is also mentioned as the human element, with layer 1 or layer 0 being the typical cause of networking problems.
• 00:10:00 In this section, the video discusses the OSI model in relation to networking and summarizes the questions and answers for each layer. The process of encapsulation and de-encapsulation is explained, which refers to the addition and subtraction of information at each layer of the OSI model to standardize data transmission. Finally, the video notes that encapsulation and de-encapsulation are important because they provide a standardized method for sending data.
• 00:15:00 In this section, the video covers the TCP/IP model, which consists of four layers: application, transport, internet, and network interface. The TCP/IP model serves as the basis for real-world networking and covers the same range of functions as the seven layers of the OSI model, but is simpler. The two models match up, but the OSI model tends to be easier for learning the initial theory of networking and troubleshooting. The TCP/IP model is a suite of protocols that define how an action is to be carried out, such as the transmission control protocol (TCP) and the internet protocol (IP). Encapsulation and de-encapsulation work in exactly the same way with the TCP/IP model as they do with the OSI model.
• 00:20:00 In this section, we learn about TCP, which is a connection-based protocol. Before data can be sent via TCP, a stable connection between two computers must be formed through three-way handshake. This handshake involves the client sending a special request to the server to initialize a connection via the syn for synchronized bit. The server responds with a packet containing the syn bit and an acknowledgement bit, called syn ack, and finally, the client sends a packet with the ack bit alone, confirming that the connection has been successfully set up. Any lost or corrupted data on transmission is automatically resent, leading to a reliable, lossless connection. The TCP IP model was introduced by the American Department of Defense to provide a standard for all networking manufacturers to follow, fixing the incompatibility issues that existed before standardization.
• 00:25:00 In this section, the video explains the use of Wireshark, a tool used to capture and analyze packets of data across the network. By using a downloaded PCAP file, viewers get to see how the OSI and TCP/IP models work in real-world situations, with details on captured data and physical layers of the OSI model, transmission medium, and sequence numbers. The video also highlights how the layers of the OSI model play important roles in network communication and control, such as in the case of DNS and the IP layer.
• 00:30:00 In this section of the video, viewers get a brief overview of the ping command and its usage in testing network connections. The ping command uses the ICMP protocol to test network connections, and it can be used to determine the IP address of a server hosting a website. The video outlines the syntax for using the ping command and notes that it is ubiquitous to any network-enabled device, making it a valuable tool in practical applications.
• 00:35:00 In this section, the TryHackMe Introductory Networking Official Walkthrough covers the use of the traceroute command, which allows the user to map the path a request takes to a target machine. Traceroute can be used to see each of the connections between devices as the request travels from the user's computer to the resource requested. The domain registrar is discussed, and the whois command is introduced as a way to query a domain name and see who it is registered to. Personal details may be redacted in Europe, but elsewhere, significant information can be obtained through whois.
• 00:40:00 In this section, the video discusses the use of the 'whois' command, which lets users obtain domain registration information. By inputting the domain name into the command, users can see details such as the date the domain was last renewed and the name server. The video highlights situations where this tool may be useful, such as in pen testing or bug bounty assessment. The video also discusses the Domain Name System (DNS), which translates URLs into IP addresses that computers can understand, and how computers go through a process to obtain the IP address for a website or host.
• 00:45:00 In this section, we learn about recursive DNS servers, which are responsible for automatically knowing where to send requests for information by storing details in the router and maintaining a cache of results for popular domains. If the website requested isn't stored in the cache, the recursive server will pass on the request to an authoritative server. There are 13 root name DNS servers in the world that essentially keep track of DNS servers and the next level down, called top-level domain servers, are split up into extensions. Authoritative name servers are used to store DNS records for domains and are the source of information that sends relevant information back to the user's computer. Troubleshooting DNS is important, and Dig is a useful tool that allows for manual queries to recursive DNS servers.
• 00:50:00 In this section, we learn about the DNS (Domain Name System) and how to use dig to make DNS queries. The Time to Live (TTL) of a DNS record is important to consider when manipulating network settings, and the TTL can be found in the answer section of the dig output. Some basic DNS and dig questions are asked and answered, including what DNS stands for, what the first type of DNS server is that a computer queries when searching for a domain, and where the very first place on a computer is to look to find the IP address of a domain. The final task is to read further about networking, and the video offers the Cisco self-study guide by Steve McQueary as a resource to expand networking knowledge.