Network Foundations - Network Communication

#readwise # Network Foundations - Network Communication ![rw-book-cover](https://readwise-assets.s3.amazonaws.com/static/images/article4.6bc1851654a0.png) ## Metadata - Author: [[Hack The Box]] - Full Title: Network Foundations - Network Communication - URL: https://academy.hackthebox.com/module/289/section/3238 ## Summary A network needs MAC addresses, IP addresses, and ports to communicate effectively. MAC addresses identify devices on a local network, while IP addresses help locate devices across different networks. Ports direct traffic to specific applications on a device. Together, these components ensure data is sent and received correctly. ## Highlights A `Media Access Control (MAC) address` is a unique identifier assigned to the network interface card (NIC) of a device, allowing it to be recognized on a local network. Operating at the `Data Link Layer (Layer 2)` of the OSI model, the MAC address is crucial for communication within a local network segment, ensuring that data reaches the correct physical device. Each MAC address is 48 bits long and is typically represented in hexadecimal format, appearing as six pairs of hexadecimal digits separated by colons or hyphens—for example, `00:1A:2B:3C:4D:5E`. The uniqueness of a MAC address comes from its structure: the first 24 bits represent the `Organizationally Unique Identifier (OUI)` assigned to the manufacturer, while the remaining 24 bits are specific to the individual device. This design ensures that every MAC address is globally unique, allowing devices worldwide to communicate without address conflicts. ([View Highlight](https://read.readwise.io/read/01jnx0xrkkpmz5bysww9gjs5k0)) --- ### Ports A `port` is a number assigned to specific processes or services on a network to help computers sort and direct network traffic correctly. It functions at the `Transport Layer (Layer 4)` of the OSI model and works with protocols such as TCP and UDP. Ports facilitate the simultaneous operation of multiple network services on a single IP address by differentiating traffic intended for different applications. When a client application initiates a connection, it specifies the destination port number corresponding to the desired service. Client applications are those who request data or services, while server applications respond to those requests and provide the data or services. The operating system then directs the incoming traffic to the correct application based on this port number. ([View Highlight](https://read.readwise.io/read/01jnx1141eas53srjr3389915m)) ^itmotj --- Port numbers range from `0` to `65535`, and it is divided into three main categories, each serving a specific function. ([View Highlight](https://read.readwise.io/read/01jnx11c8cfmz08w3ybeq2g94p)) --- #### Well-Known Ports (0-1023): `Well-known ports`, numbered from 0 to 1023, are reserved for common and universally recognized services and protocols, as standardized and managed by the [Internet Assigned Numbers Authority (IANA)](https://www.iana.org/). For instance, HTTP, which is the foundation of data communication for the World Wide Web, uses port 80, although browsers typically do not display this port number to simplify user experience. Similarly, HTTPS uses port 443 for secure communications over networks, and this port is also generally not displayed by browsers. Another example is FTP, which facilitates file transfers between clients and servers, using ports 20 and 21. ([View Highlight](https://read.readwise.io/read/01jnx12smpzn6xrmnfm2mqe8jd)) --- #### Registered Ports (1024-49151): `Registered ports`, which range from 1024 to 49151, are not as strictly regulated as `well-known ports` but are still registered and assigned to specific services by the Internet Assigned Numbers Authority (IANA). These ports are commonly used for external services that users might install on a device. For instance, many database services, such as Microsoft SQL Server, use port 1433. Software companies frequently register a port for their applications to ensure that their software consistently uses the same port on any system. This registration helps in managing network traffic and preventing port conflicts across different applications. ([View Highlight](https://read.readwise.io/read/01jnx13pec6n4qcf6a5jgke72f)) --- #### Dynamic/Private Ports (49152-65535): Dynamic or private ports, also known as ephemeral ports, range from 49152 to 65535 and are typically used by client applications to send and receive data from servers, such as when a web browser connects to a server on the internet. These ports are called `dynamic` because they are not fixed; rather, they can be randomly selected by the client's operating system as needed for each session. Generally used for temporary communication sessions, these ports are closed once the interaction ends. Additionally, dynamic ports can be assigned to custom server applications, often those handling short-term connections. ([View Highlight](https://read.readwise.io/read/01jnx14cp1gvg6rej6g0j1jfcf)) ---