What is TCP & UDP? How do they work?

TCP vs UDP

When we talking about TCP and UDP we actually talking about layer three of the OSI model which is the Transport layer.

What is TCP: Transmission Control Protocol is one of the main protocols of the Internet protocol suite. it is a connection-oriented protocol.

What is UDP: User Datagram Protocol is one of the core members of the Internet protocol suite. it a connectionless protocol.

Now when we come to high-reliability one is best suited that is TCP its connection-oriented protocol we can look at something like website (http, https), SSH, or FTP these all utilize TCP.

When we think about UDP you may think about something like streaming service, video call, VoIP, or DNS.

As pentester the most common protocol that going to be scanning is TCP.

TCP is work in somewhat is called 3-way handshake, if we look at that will be something like below

How is that work?

we can think of this as an interaction, Let's say you have a neighbor, you say Hello to your neighbor that is [SYN], now when your neighbor response by Hello man/How are you that is [SYN/ACK], and then you will respond by I’m good that is [ACK].

If we think about this in terms of ports, the post is a way to communicate with certain protocols for example if you think about HTTP that is over port 80 and HTTPS is over 443, there is a lot of different protocols and there are 65000+ ports that can utilize these protocols.

Now let's say you want to connect to port 443 in the website, you going to send out a [SYN] packet to that website and if 443 port open and available for a connection there going to say Hi go ahead and connect me [SYN/ACK] and when you want actually establish that connection you going to send [ACK] packet back.

The screenshot below giving a clear idea about what actually happening.