Sites:
Home > Technical Library > Networking and Communication Equipment > Overview of Network Protocols

Overview of Network Protocols

By Eoghan Casey (ed)
From Handbook of Computer Crime Investigation: Forensic Tools and Technology

Overview of Network Protocols [1]

To communicate on a network, computers must use the same protocol. For example, many computers run standard Ethernet (IEEE 802.3) at the data-link layer [2] to communicate with their default router and other computers on the same physical network (Comer 1995). Ethernet provides a method for conveying bits of data over network cables, using the unique hardware identifiers associated with network cards (a.k.a. MAC addresses or Ethernet addresses) to direct the data to their destination. The format of a standard Ethernet frame is shown in Figure 9.1. [3]


Figure 9.1: Classic Ethernet frame.

The preamble and start-of-frame fields are functional components of the protocol, and are of little interest from an investigative or evidentiary standpoint. The source and destination Ethernet addresses are 6 bytes that are associated with the network cards on each computer. The length field contains the number of bytes in the data field each frame must be at least 64 bytes long to allow network cards to detect collisions accurately (Held 1998). The padding in the Ethernet frame ensures that each datagram is at least 64 bytes long and the cyclic redundancy check (CRC) is used to verify the integrity of the datagram at the time it is received. [4]

To communicate with machines on different networks, computers must run higher level protocols such as Internet Protocol (IP) at the network layer and Transport Control Protocol (TCP) at the transport layer. TCP/IP provides a method for conveying datagrams of data...

Copyright ACADEMIC PRESS 2002 under license agreement with Books24x7
Products & Services
Domain Registration Services
Domain registration services register URLs as well as transferring and auctioning registered domains.
Network and Protocol Analyzers
Network analyzers and protocol analyzers are test equipment used to troubleshoot and analyze network problems.
Bit Error Rate Testers
Bit error rate testers are devices or procedures that measure the bit error rate (BER) for a specific transmission.
Packet Generators
Packet generators create a discrete chunk of communication in a pre-defined format.
Wireless Network Components
Wireless network components are used to build or replace worn out devices within a wireless network.
Topics of Interest

Collecting and Documenting Evidence on a Network Prime Directive: Keeping in mind that examining or collecting one part of the system will disturb other components, strive to capture as accurate...

8.1 Internet Protocol (IP) The IP resides within layer 3 (network layer) of the OSI model. It provides end-to-end transport of data units through internets using connectionless services. Being...

Section 4.3: Internet Protocol The IP resides within layer 3 (network layer) of the OSI Model. It provides end-to-end transport of data units through internets using connectionless services. Being...

User Datagram Protocol (UDP) In the interest of thoroughness in a discussion about IPs, we need to mention User Datagram Protocol (UDP). It also is Transport Layer Protocol, but does not create...

This chapter shows how embedded systems can use the User Datagram Protocol (UDP) and the Transmission Control Protocol (TCP) to send messages over a network. The messages can contain any type of data.