### The ifconfig command.
The ifconfig command on kali-linux brings up your ip address, version 4 and 6 (i.e ipv4 and ipv6).

Note that in place of ifconfig, you can use `ip a` which shows us the same thing.

Here's how it looked:
![image.png](attachment:image.png)

the bit that says inet is my IPv4 address, and the inet6 is my IPv6 address. 

IPv4 uses 32 bit values and we've used them up, because there can only be around 2<sup>32</sup> values, that's around 4.3 Billion. That's why we have IPv6, which uses 128 bit values, that's 2<sup>128</sup> which is very, **very** big. We still use IPv4 though.

Here's how the IPv4 problem was solved (Credits to Copilot).

The IPv4 address exhaustion problem was addressed through several key strategies:

1. **Classless Inter-Domain Routing (CIDR)**: Introduced in 1993, CIDR allowed for more efficient allocation of IP addresses by eliminating the rigid class-based system. This helped slow down the depletion of IPv4 addresses.

2. **Network Address Translation (NAT)**: NAT allows multiple devices on a local network to share a single public IP address. This significantly reduced the number of public IP addresses needed.

3. **IPv4 Transfer Market**: Organizations can buy and sell IPv4 addresses, allowing for more efficient use of the existing address space.

4. **IPv6**: The long-term solution to IPv4 exhaustion is the adoption of IPv6, which provides a vastly larger address space. IPv6 addresses are 128-bit, compared to IPv4's 32-bit, allowing for a virtually unlimited number of unique addresses.

These strategies collectively helped mitigate the IPv4 exhaustion issue and ensure the continued growth and functionality of the internet. 

Note that IPv4 and IPv6 are Layer 3 and deal with routing. (We'll have to make more research on that).

Network Address Translation (NAT) is a method used in networking to modify network address information in the IP header of packets while they are in transit across a traffic routing device. This technique is commonly used to improve security and decrease the number of IP addresses an organization needs.

### Key Functions of NAT:

1. **IP Address Conservation**:
   - NAT allows multiple devices on a local network to share a single public IP address. This is particularly useful given the limited number of IPv4 addresses.

2. **Security**:
   - By hiding internal IP addresses from the external network, NAT adds a layer of security. External devices only see the public IP address, not the internal IP addresses of individual devices.

3. **Network Flexibility**:
   - NAT enables the use of private IP addresses within a local network, which can be reused in different networks without conflict.

### How NAT Works:

1. **Translation Table**:
   - The NAT device maintains a translation table that maps internal private IP addresses to the public IP address and port numbers.

2. **Outbound Traffic**:
   - When a device on the internal network sends a packet to an external network, the NAT device replaces the internal IP address with its own public IP address and records this mapping in the translation table.

3. **Inbound Traffic**:
   - When a response packet returns from the external network, the NAT device uses the translation table to determine the correct internal IP address and port number to forward the packet to.

### Types of NAT:

1. **Static NAT**:
   - Maps a single private IP address to a single public IP address. This is often used for servers that need to be accessible from the outside.

2. **Dynamic NAT**:
   - Maps a private IP address to a public IP address chosen from a pool of available public addresses. This is used when there are fewer public IP addresses than devices needing access to the external network.

3. **Port Address Translation (PAT)**:
   - Also known as "NAT overload," PAT maps multiple private IP addresses to a single public IP address by using different port numbers. This is the most common form of NAT used in home routers.

NAT is a crucial technology that helps manage IP address allocation and enhances network security.

## Mac Adresses.

Mac Adresses are Layer 2 (switching), and refer to a physical address.
Mac stands for *Media Access Control.*

It's the address with the label `ether` in the image above.
It's the way we communicate when we're using `switches`.
Any device with a network interface is gonna have a Mac Address.

This is the mac address of the device I'm currently using: ether 00:15:5d:88:6a:a9
The first 3 pairs are actually an identifier, and if you look it up with some sort of mac lookup, you can get the creator of the device in this case, plugging in `00:15:5d`  gave me Microsoft Cooperation - Accurate.


### TCP, UDP, and the three-way handshake. 

This is Layer 4, the transport Layer of the OSI Model.

#### TCP
- This stands for transmission control protocol.
- This is reliable and things like HTTP and FTP make use of it.
- TCP works on a three-way handshake.

#### UDP
- This Stands For User Datagram protocol.
- Not as reliable, thinking of services like Streaming.

#### The Threeway handshake works as follows:
The three-way handshake is a fundamental process used in the TCP/IP protocol suite to establish a reliable connection between a client and a server. This process ensures that both parties are ready to communicate and that the connection is established correctly. Here’s how it works:

### Steps of the Three-Way Handshake:

1. **SYN (Synchronize)**
   - The client sends a SYN packet to the server. This packet contains a sequence number that the client will use to start the communication. This step indicates that the client wants to establish a connection.

2. **SYN-ACK (Synchronize-Acknowledge)**
   - The server responds with a SYN-ACK packet. This packet acknowledges the client's SYN packet by incrementing the sequence number and also includes its own sequence number. This step indicates that the server is ready to establish a connection and acknowledges the client's request.

3. **ACK (Acknowledge)**
   - The client sends an ACK packet back to the server. This packet acknowledges the server's SYN-ACK packet by incrementing the server's sequence number. This step completes the handshake, and a reliable connection is established.

### Visual Representation:

```
Client          Server
  |               |
  |---- SYN ----->|
  |               |
  |<--- SYN-ACK --|
  |               |
  |---- ACK ----->|
  |               |
```

### Purpose:
- **Reliability**: Ensures that both the client and server are ready to communicate.
- **Synchronization**: Synchronizes sequence numbers for data transmission.
- **Connection Establishment**: Confirms that both parties agree to establish a connection.

The three-way handshake is crucial for establishing a reliable and synchronized communication channel in TCP/IP networks. 

![image.png](attachment:image.png)



### TCP (Transmission Control Protocol) 
A core internet protocol that provides reliable, ordered, and error-checked data transmission between applications. (No specific port)

- **FTP (File Transfer Protocol)** - A standard network protocol used for transferring files between computers over a network. **Ports: 20 (Data), 21 (Control)**

- **SSH (Secure Shell)** - A cryptographic network protocol for secure communication and remote access to computers and servers. **Port: 22**

- **Telnet** - An older network protocol that provides a text-based interface for interacting with remote computers and servers. **Port: 23**

- **SMTP (Simple Mail Transfer Protocol)** - The standard protocol used for email transmission between mail servers on the internet. **Port: 25**

- **DNS (Domain Name System)** - The hierarchical and decentralized naming system that translates domain names to IP addresses. **Port: 53**

- **HTTP (Hypertext Transfer Protocol)** / **HTTPS (HTTP Secure)** - The primary application-level protocols used on the World Wide Web for transferring web pages and content. HTTPS adds encryption for secure web communications. **Ports: 80 (HTTP), 443 (HTTPS)**

- **POP3 (Post Office Protocol version 3)** - A standard mail retrieval protocol that allows email clients to download messages from a mail server. **Port: 110**

- **SMB (Server Message Block)** - A network file sharing protocol that allows applications to access files, printers, and other network resources. **Port: 445**

- **IMAP (Internet Message Access Protocol)** - An email retrieval protocol that allows clients to access and manage email messages stored on a remote server. **Port: 143**

### UDP (User Datagram Protocol) 
A connectionless, unreliable transport layer protocol often used for applications that don't require ordered data delivery. (No specific port)

- **DHCP (Dynamic Host Configuration Protocol)** - A protocol that automatically assigns IP addresses and network configuration to devices on a network. **Ports: 67 (server), 68 (client)**

- **TFTP (Trivial File Transfer Protocol)** - A simple, connectionless file transfer protocol, often used for booting diskless workstations. **Port: 69**

- **SNMP (Simple Network Management Protocol)** - A standard protocol for managing and monitoring network devices and their functions. **Ports: 161 (Agent), 162 (Manager)**


**Note:** **The Open Systems Interconnection model (OSI model)** has 7 layers:

Layer 1: Physical layer (data cables, cat6), 

Layer 2: Data link layer (Switching, MAC addresses), 

Layer 3: Network layer (IP addresses, routing), 

Layer 4: Transport layer (TCP/UDP),

Layer 5: Session layer (SESSION MANAGEMENT), 

Layer 6: Presentation layer (.JPEG, .MOV), 

Layer 7: Application layer (HTTP, SMTP)

(PLEASE DO NOT THROW SUSSAGE PIZZA AWAY);
P
D
N
T
S
P
A