概要
TryHackMeのIntroductory Networkingルームのwalkthroughです。
Task2
Q1.Which layer would choose to send data over TCP or UDP?
A.4
Q2.Which layer checks received information to make sure that it hasn't been corrupted?
A.2
Q3.In which layer would data be formatted in preparation for transmission?
A.2
Q4.Which layer transmits and receives data?
A.1
Q5.Which layer encrypts, compresses, or otherwise transforms the initial data to give it a standardised format?
A.6
Q6.Which layer tracks communications between the host and receiving computers?
A.5
Q7.Which layer accepts communication requests from applications?
A.7
Q8.Which layer handles logical addressing?
A.3
Q9.When sending data over TCP, what would you call the "bite-sized" pieces of data?
A.segments
Q10.[Research] Which layer would the FTP protocol communicate with?
Hint.FTP is a protocol used to transfer data between computers. It's often accessed with a special program called an FTP Client.
A.7
Q11.Which transport layer protocol would be best suited to transmit a live video?
A.UDP
Task3
Q1.How would you refer to data at layer 2 of the encapsulation process (with the OSI model)?
A.frames
Q2.How would you refer to data at layer 4 of the encapsulation process (with the OSI model), if the UDP protocol has been selected?
A.datagrams
Q3.What process would a computer perform on a received message?
A.de-encapsulation
Q4.Which is the only layer of the OSI model to add a trailer during encapsulation?
A.data link
Q5.Does encapsulation provide an extra layer of security (Aye/Nay)?
A.Aye
Task4
Q1.Which model was introduced first, OSI or TCP/IP?
A.TCP/IP
Q2.Which layer of the TCP/IP model covers the functionality of the Transport layer of the OSI model (Full Name)?
A.Transport
Q3.Which layer of the TCP/IP model covers the functionality of the Session layer of the OSI model (Full Name)?
A.Application
Q4.The Network Interface layer of the TCP/IP model covers the functionality of two layers in the OSI model. These layers are Data Link, and?.. (Full Name)?
A.Physical
Q5.Which layer of the TCP/IP model handles the functionality of the OSI network layer?
A.Internet
Q6.What kind of protocol is TCP?
Hint.In comparison, UDP would be connectionless
A.connection-based
Q7.What is SYN short for?
Hint.British Spelling
A.synchronise
Q8.What is the second step of the three way handshake?
A.SYN/ACK
Q9.What is the short name for the "Acknowledgement" segment in the three-way handshake?
A.ACK
Task5
Q1.What command would you use to ping the bbc.co.uk website?
A.ping bbc.co.uk
Q2.Ping muirlandoracle.co.uk. What is the IPv4 address?
Hint.You may need to answer question 4 first and use that switch to resolve the IPv4 address of the site, rather than the IPv6 address.
対象ドメインにpingコマンドを実行すると確認できる。
$ ping muirlandoracle.co.uk
PING muirlandoracle.co.uk (217.160.0.152) 56(84) bytes of data.
64 bytes from 217-160-0-152.elastic-ssl.ui-r.com (217.160.0.152): icmp_seq=1 ttl=47 time=261 ms
64 bytes from 217-160-0-152.elastic-ssl.ui-r.com (217.160.0.152): icmp_seq=2 ttl=47 time=261 ms
64 bytes from 217-160-0-152.elastic-ssl.ui-r.com (217.160.0.152): icmp_seq=3 ttl=47 time=261 ms
64 bytes from 217-160-0-152.elastic-ssl.ui-r.com (217.160.0.152): icmp_seq=4 ttl=47 time=262 ms
A.217.160.0.152
Q3.What switch lets you change the interval of sent ping requests?
Hint.Look in the man page
man pingコマンド結果をintervalなどの文字列でgrepして確認する。
$ man ping | grep "interval"
ping [-aAbBdCDefhLnOqrRUvV46] [-c count] [-F flowlabel] [-i interval] [-I interface] [-l preload]
Adaptive ping. Interpacket interval adapts to round-trip time, so that effectively not more than one
(or more, if preload is set) unanswered probe is present in the network. Minimal interval is 200msec
backspace is printed. This provides a rapid display of how many packets are being dropped. If interval
is not given, it sets interval to zero and outputs packets as fast as they come back or one hundred
times per second, whichever is more. Only the super-user may use this option with zero interval.
-i interval
Wait interval seconds between sending each packet. Real number allowed with dot as a decimal separator
to wait in flood mode. Only super-user may set interval to values less than 2 ms.
A.-i
Q4.What switch would allow you to restrict requests to IPv4?
man pingコマンドで確認する。
A.-4
Q5.What switch would give you a more verbose output?
A.-v
Task6
Q2.What switch would you use to specify an interface when using Traceroute?
Hint.An interface is provided by your NIC -- common interfaces are things like tunnels for VPN connections, ethernet connections, and wireless connections
A.-i
Q3.What switch would you use if you wanted to use TCP SYN requests when tracing the route?
A.-T
Q4.[Lateral Thinking] Which layer of the TCP/IP model will traceroute run on by default (Windows)?
A.internet
Task7
Q2.What is the registrant postal code for facebook.com?
whoisの実行結果をgrepして確認します。
$ whois facebook.com | grep -i "postal"
Registrant Postal Code: 94025
Admin Postal Code: 94025
Tech Postal Code: 94025
A.94025
Q3.When was the facebook.com domain first registered (Format: DD/MM/YYYY)?
最初に登録された日はCreation Date項目で確認することができます。
$ whois facebook.com | grep -i "creat"
Creation Date: 1997-03-29T05:00:00Z
Creation Date: 1997-03-29T05:00:00Z
A.29/03/1997
Q5.Which city is the registrant based in?
city項目をgrepして確認します。
$ whois microsoft.com | grep -i "city"
Registrant City: Redmond
Admin City: Redmond
Tech City: Redmond
A.Redmond
Q6.[OSINT] What is the name of the golf course that is near the registrant address for microsoft.com?
redmond golf course near microsoftなどの文言で検索し発見することができた。
A.Bellevue Golf Course
Q7.What is the registered Tech Email for microsoft.com?
Tech Email項目を確認する。
$ whois microsoft.com | grep -i "Tech email"
Tech Email: msnhst@microsoft.com
A.msnhst@microsoft.com
Task8
Q1.What is DNS short for?
A.domain name system
Q2.What is the first type of DNS server your computer would query when you search for a domain?
A.Recursive
Q3.What type of DNS server contains records specific to domain extensions (i.e. .com, .co.uk, etc)? Use the long version of the name.
A.Top-Level Domain
Q4.Where is the very first place your computer would look to find the IP address of a domain?
Hint.Read the provided information carefully. This question refers to a system which is older than (and completely separate from) DNS.
A.hosts file
Q5.[Research] Google runs two public DNS servers. One of them can be queried with the IP 8.8.8.8, what is the IP address of the other one?
A.8.8.4.4
Q6.If a DNS query has a TTL of 24 hours, what number would the dig query show?
TTLの単位は秒になります。
A.86400