Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

TCP Book Recommendation (advanced) 1

Status
Not open for further replies.
Hi everyone,

I'm looking for a book recommendation, or reading material recommendation more generally.

I am interested in learning about TCP/IP and everything else that is common, like UDP and ICMP.

The purpose is, I want to learn exactly how ping, traceroute, and all the different kinds of spoofing and man-in-the-middle work.

Right now I do understand how ping works, sending ICMP packages with progressively higher time-to-live, but I'd like to dig deeper and see what's really going on at a byte level - how the packet is actually built up.

If the book would show me some source code of how to build a TCP protocol from scratch, that in my mind would be the ultimate TCP book. I can't imagine a better way to learn than to take something apart and put it back together, and in this case doing so with code would be the equivalent.

I plan on becoming a security analyst (right now I'm in the IT field and I have every book on every certification for free through my employer and they also pay for my certs) and I'm way too curious to learn TCP right now.

Any recommendations?

Thanks

P.S.: right now if you go to youtube and search for "tcp three way handshake" without the quotes you can see that the first video ("TCP/IP 3 way handshake") is WAY too basic of an explanation of how that works. The second video ("TCP Three-way Handshake"), however, digs deeper by showing what's really going on. That's the kind of book I wanted - the kind that peeks into what's REALLY going on instead of just staying at the surface of the theory side of things and neglecting the reality of things.
 
Click to expand...
Thanks for the recommendations. Have you read those books?
I haven't yet, of course, but they do seem kind of basic upon reading the back cover and the reviews.
I was looking for something that would enable me to understand things like "how can a person spoof their own IP to pretend to be a router or gateway and make all the traffic in the network go through them first?" or "how does traceroute work exactly (I think the example I gave befora was traceroute, not ping)" or "how do DNSs really work and why are they also susceptible to spoof attacks" or "why am I able to find geographical information by querying an Ip and how I can stop my server from broadcasting that kind of information" and so on.

Do those books cover those topics? If not, does anyone know of any that does?

I'm currently a programmer so I can and in fact I want to go as deep on the details of TCP as I can. Let's make it gory!
 
Apparently TCP/IP Illustrated by Stevens is what I'm looking for... Anyone has anything to say on it comparing to what I'm looking for?
 
The books go into detail about the 3-way handshake, etc. You may want to supplement your learning by some sort of security material,like something along the lines of Ethical Hacker or CISSP material. Manipulating packets like changing sequence numbers, ip headers, etc. is something along the lines of keywords you'd want to use in a search for books/software/pen testers. Cisco security books show how to block most thwarts, but the blocks are general, blocking many different attempts with one or a few commands, stopping the thwart at the first level.
For example, TCP Intercept is a feature that thwarts DoS/DDoS attacks by proxy-answering bogus TCP SYN packets, and tuning the TCP timers (max-connections, open connections, etc) wll all stop many DoS/DDoS attacks. This simple feature stops things before they start,so the explanation will not go into detail about window size manipulation, Ping of Death, etc.

I have read most, but not all of what I have recommended. I would also maybe look into CCIE Security labs, books, learning material, etc. That would really help your understanding a LOT. So...

In summary, you want to know the foundations of TCP/IP, and in ADDITION, security vulnerabilities, pen testing, thwarts, etc. CONCERNING those concepts (CISSP, CCIE Security, Ethical Hacker). Get the CCIE Security cert, and you have just written your own check for 6 figures, easy (look at salary starting averages for your area for CCIE Security, CISSP, Ethical Hacker).

HTH

Burt
 
Status
Not open for further replies.

Similar threads

robocat
  • Locked
  • Question
Yet another TCP RST flag problem
Replies
0
Views
293
robocat
robocat
CryptoTuke
  • Locked
  • Question
Maximum buffer size on Winsock for sending one block of data over TCP / IP
Replies
1
Views
435
maybeimaleo
maybeimaleo
uuunnniiixxx
  • Locked
  • Question
Fieldbus vs TCP/IP
Replies
2
Views
339
meneerB
meneerB
TheFaz_
  • Locked
  • Question
Sending udp packets from fpga to the computer using Lwip tcp/ip stack using C programming
Replies
0
Views
286
TheFaz_
TheFaz_
F_Ionut
  • Locked
  • Question
TCP-IP over GPRS with Modbus
Replies
1
Views
129
robertjo24
robertjo24

Part and Inventory Search

Sponsor

Back
Top