CHAPTER 6

Protocol Analysis and Network Programming

Networking, network administration, and programming are considered the three essential prerequisites to becoming a hands-on cybersecurity professional. In this chapter I cover networking and programming which are necessary to know for vulnerability assessment (Chapter 7), pen testing (Chapter 8), network defense, and cyber investigations (Chapter 9).

Chapters 4 and 5 cover practical network setup and getting operating systems (OSes) and virtual machines (VMs) up and running on the network. This chapter takes a close look at major network protocols and deep dives into network programming using command-line scripting languages. Surprisingly, you do not need much networking theory to empower you to set up networks, only the practical aspects of how IPv4 and IPv6 networks operate.

As hands-on security professionals, however, you need to know more about protocols and how they operate so that you can use network analysis tools to inspect traffic.

Malware is software. In order to analyze it you need to understand programming. Security testing and analysis requires repetitive operations, which an ability to program command-line scripts (scripting) makes faster and less tedious. Pen testers operate on remote machines at raw-shell command lines; they need to be fluent in command-line scripting to craft useful tools from scratch.

After introducing networking theory, I delve into how security professionals interpret network packets covering ...