# CYBER SECURITY (Penetration Testing Prerequisites) 1.7 TCP and UDP


![tcp-vs-udp.jpeg](https://cdn.hashnode.com/res/hashnode/image/upload/v1647840728045/CRceKLdA4.jpeg)

How Do TCP and UDP support my pentesting career? 

it will allow me to perform the TCP session Attacks, advanced DOS attacks, and network scanning  

- The Transmission control protocol **(TCP)** and the user datagram protocol **(UDP) **are the most common transport protocols used on the internet. 

- before we dive deeper into the different services that the transport layer protocol can offer to the application layer let's consider that, a computer network can be unreliable, this means that some packets can be lost during their tri from the source to the destination, a packet can be lost because of the network congestion, temporary loss of connection and other Technical issues.


![no-disconnect.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1647841345277/ZX65VXXGO.png)

when designing a transport layer protocol, the Designer must choose how to deal with  these limitations, for example  : 
TCP : 
- Grants packet delivery: Because the application needs a guaranteed delivery will use TCP as the transport protocol.
- also connection-oriented, it must establish a connection before transferring data. 

- > keep in mind these facts.

TCP is the most transported protocol on the internet, the vast majority of applications use it, and the IP protocol suite is often called TCP/IP.


![udp.jpeg](https://cdn.hashnode.com/res/hashnode/image/upload/v1647842208977/v8KuwSkm8.jpeg)


+ On the other hand, UDP is much more simple than TCP : 
- it doesn't guarantee packet delivery and its connectionless.


-> UPD is faster than TCP, as it provides better throughput, it is used by multimedia applications that can tolerate packet loss.

Ex: UDP is used for VOIP and video streaming.


![TCP-vs-UDP-1024x687.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1647842525580/jHmRBZIcf.png)

-----------------------------------------------------------------------------------------
# PORTS 

Applications and their processes use TCP and UDP  to send and receive data over the network, when an IP datagram reaches a host, how can the transport layers know what the destination process is? 
**-> here ports role come 
**

ports are used to identify a single network process on a machine

-> let me explain it more in the following example : 


### assume that we have a PC that uses different ports  :


![Untitled-1.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1647843334435/_3hvOaQuN.png)


- the browser uses local port 3028 to connect to the webserver.
- While the mail client uses local port 1022.
- all communication from the web browser to the web server will have 3028 as the source port and 80 as the destination port. 
- all the communication back from the webserver to the browser will have 80 as the source port and 3028 as the destination port.



**Well-known ports 
**

* Each common protocol has a well know ports in the 1023 range, common server process or daemons, well-known ports most of the time.
* ports are assigned by IANA and referenced in this [link](http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml) 

**TCP and UDP Headers 
**

How can server and client applications know which port to use : 
they use two fields in the TCP or UDP header: the source and destination ports :


## TCP Header : 


![Snip20220321_2.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1647844376296/-XAASumv8.png)


 ## UDP Header : 


![Snip20220321_3.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1647844473140/J271OoPRC.png)



-----------------------------------------------------------------------------------------
In the next article, I will write about Firewall and Network Defense.

Written by : Mohamed Abdalla Ibrahim

PMP | CISM | ITIL | CEH | Azure Architect | Azure Security Engineer | IBM Cybersecurity Analyst### 
