Share This
Scroll Down
Back to Resources
//Networking

NetworkingINDEX

Last Updated on : 04 Oct. 2020

01. What is a Computer Network?

Computer Types

Computer Peripherals

Transmission Media

Network Benefits and Services

Basic Network Elements

02. Computer Networks Topologies

Basic Network Topologies

03. Computer Networks Categories

Transmission Mode

Signaling Mode

Geographical Area

Local Area Network (LAN)

Wide Area Network (WAN)

Administration Type

Peer-to-Peer Network

Client/Server Network

Administration Type

04. Computer Networks Devices and Services

Network Interface Card (NIC)

HUB

Collisions

CSMA/CD

Switch

Access Point (AP)

Router

Computer Network (LAN) Services

Computer Network (WAN) Services

05. Computer Networks Transmission Media

Computer Networks Media Types

Coaxial Cables

Shielded Twisted Pair (STP) Cables

Unshielded twisted Pair (Utp) cables

UTP Cables

Fiber Optic Cables

Wireless Media (Air)

06. ISO/OSI Model (7 Layers)

Benefits of ISO/OSI Layered Model

ISO/OSI Layers

Network Protocols

NETBEUI

IPX/SPX

Apple Talk

TCP/IP

07. Application, Presentation and Session Layers

Application Layer

Presentation Layer

Session Layer

Application, Presentation and Session

08. Transport and Network Layers

Transport Layer

Network Layer

Logical Address

Network and Transport layers

09. Data Link and Physical Layers

Data Link Layer

Frame Check Sequence (FCS)

Data Link Layer Sublayers

Physical Layer

10. ISO/OSI Model

11. Computer Networks Protocols

TCP/IP

TCP/IP Protocol Suite

TCP/IP vs ISO/OSI

12. IP Protocol

IP Address

IP Address classes

Public IP Addresses

Private IP Addresses

Reserved IP Addresses

IP Layer Devices

Routing Table

13. TCP and UDP Protocols

Transport Layer

What is Port Number?

Socket Address

Reliable vs Best-Effort

UDP Protocol

UDP Header

TCP Protocol

TCP Header

Mapping Layer 4 to Applications

14. Application Protocols

Application Layer

HTTP

FTP

SMTP, POP3 and IMAP4

DNS

DHCP

15. TCP/IP Tools

IPConfig

PING

ARP

FTP

NSLooKUP

Route

TraceRoute

IPTrace

Netstat

cURL

Wireshark

16. Wireless Networks

Benefits of Wireless Networks

Mobility

Flexibility

Scalability

Enabling Bring Your Own Device (BYOD)

Cost Effectiveness

Wired Vs Wireless

17. Wireless Networks Types

Frequency Ranges

GSM

Bluetooth

Infrared

WIMAX

18. Wireless Networks Protocol

WiFI

802.11 Standard

Infrastructure vs Ad-Hoc Modes

SSID

CSMA/CA

19. Wireless Networks Devices

Wireless Access Point (WAP)

Wireless Access Point (WAP) Security

WAP Configuration

USB Modem

Smart Phones

20. Wireless Networks Drawbacks

21. Security Goals and Concepts

Security Goals : CIA

Assets

Threat

Vulnerability and Exploit

Risk

Impact

Risk Assessment

22. Securing the Network Design

Goals of the Network Design

Network Sections

Firewall Placement

Defense in Depth DID

Virtual LANs VLANs

VLANS

23. TCP/IP Security and Tools

IP Header

IP Protocol Field

Fields to SUSPECT

Think Stateful

Subnetting

UDP Header

TCP Header

TCP Flags

24. Port Scanning and Tools

Port Scanning

Port Scanning Types

Operating System Identification

NMap

25. Sniffing and Tools

Sniffing

TCPDUMP

Wireshark

26. Firewalls

Why Firewalls?

Firewalls benefits

Shortcomings of Firewalls

Firewall Placement

#. More Resources

Source :
Networking

What is a Computer Network?

A group of computers (hosts/nodes) and computer peripherals connected via a transmission media and connecting devices.

Computer Types :



● Personal Computers (PCs)
▸ Desktop Computer
● Laptops
● Tablets
● Smart Mobile Phones
● Embedded Systems in Machines
▸ Internet of Things (IoT)

Computer Peripherals :



Hardware connected to computer : Printers, Scanners, Storage Media
Cloud Computing and Data Center : Servers, Storage Devices, Managing Terminals, Offers several types of services.

Transmission Media :



● Wired (Cables) :
▸ Copper : Coaxial Cables, Twisted Pair Cables (Shielded/Unshielded)
▸ Fiber Optic : Single Mode, Multi-Mode
● Wireless
▸ Air as Transmission Media
▸ Frequency Band
▸ Area of Coverage

Network Benefits and Services :



● Resources Sharing
▸ Hardware Resources
▸ Computer Peripherals
▸ Storage Media
▸ Processors
● Software Resources
▸ File Sharing
▸ Databases
▸ Applications
● Services
▸ Browsing and E-mail
▸ Voice Calls and Video Conferences

Basic Network Elements :



● End Devices
▸ Communicating with each other (Send/Receive)
● Connecting Devices
▸ Switches, Routers, and Access Points
● Medium
▸ How devices connected?
● Messages
▸ Information travelling through network
● Protocols
▸ Rules governing information transfer

What is a Computer Network Topology?

The arrangement (structure) of the various elements of a computer network that depicts both physically and logically

● Physical Topology: the physical way the network is wired (how computers connected to each other)
● Logical Topology: the way messages are sent (how to send a message from machine to another)

Basic Network Topologies :



● Point-to-point : Connection between two machines through a dedicated media link

● Bus :

▸ Single cable functions as a shared communication media bus (Backbone)
▸ Computers attach (tap) with an interface connector
▸ Terminators at each end of the cable.

▸ Advantages : Simple to design, Easy to install, Inexpensive due to using, Coaxial cable, BNC Connectors.
▸ Disadvantages : Less security (Allows sniffing), Slow during high traffic, Lead to collisions.

● Ring :

▸ Cable connects one node to another to form a ring
▸ Messages travel through a ring always in the same direction
▸ Data messages are transmitted in frames that circulates all the machines
▸ Sent frame circulates back to source to acknowledge transmission and set free

▸ Advantages : Simple to design, Easy to install, Inexpensive due to using, Coaxial cable, BNC Connectors.
▸ Disadvantages : The entire network fails If one machine fails, Expansion or reconfiguration affects operation, Slow for big number of machines.

● Star :

▸ Each station is connected directly to a central device
▸ The connection is like a number of point-to-point links
▸ Central device is Hub or Switch
▸ Switch is more recent technology and more secure device than hub

▸ Advantages : Network not affected if one machine fails, Network expansion and reconfiguration is simple, Troubleshooting is easy.
▸ Disadvantages : If the central device fails all the network fails.

● Mesh :

▸ Connect all devices with multiple paths

▸ Offers redundancy
▸ N= n*(n-1)/2 (where N= number of cables and n= number of connected nodes)

▸ Advantages : Fault tolerant, Secure (High availability).
▸ Disadvantages : Expensive due to redundancy.

Computer Networks Categories

● Transmission Mode
● Geographical Area
● Administration Type

Transmission Mode :



● Simplex ● Half-Duplex ● Full-Duplex

Signaling Mode :



● Baseband
▸ One signal at a time on network media
▸ Digital local signal

● Broadband
▸ Divides network media into multiple channels
▸ Allows several signals
▸ Analog modulated signal

Geographical Area :



● Local Area Network (LAN)
● Wide Area Network (WAN)

Local Area Network (LAN) :



● Group of computers connected in small geographical area
● Area less than 3Km (One building)
● Used to share files and services
● High speed of communications
● Under user administrative control
● Technology used
▸ Ethernet
▸ Token Ring

Wide Area Network (WAN) :



● Group of computers connected in large geographical area
● Low speed
● Under ISP administrative control
● Technology used
▸ Dial-up
▸ ISDN
▸ DSL
▸ X.25
▸ Frame Relay
▸ ATM

Administration Type :



● Peer-to-Peer Network
● Client/Server Network

Peer-to-Peer Network :



● Host provides and consumes network services
● Each host has the same administrative privileges

Client/Server Network :



● Some hosts are assigned server roles
● Server is superior in hardware and software
● Servers provide network resources to hosts
● Other hosts are assigned client roles
● Clients consume network resources

Administration Type :



● Local Area Network (LAN)
● Wide Area Network (WAN)

Computer Networks Devices and Services

● Network Interface Card (NIC)
● Hub
● Switch
● Access Point (AP)
● Router

Network Interface Card (NIC) :



● Network adapter
● Interface between PC and the network cable
● Resides in the motherboard of PC
● Communicate with PC through the device driver
● Contain transmitter/receiver (transceiver)
● Wired or wireless (via antenna)

HUB :



● Shares frames between machines
● Number of ports to connect several machines
● Work with full duplex communication
● Mixture of speeds (10M, 100M, 1G,…)
● Allows collisions

Collisions :



● Hub is one collision domain
● Hub is one broadcast domain
● Collisions make the network slow and congested

CSMA/CD :



Carrier-sense multiple access with collision detection is a media access control method used most notably in early Ethernet technology for local area networking. It uses carrier-sensing to defer transmissions until no other stations are transmitting.

Switch :



● Forward and filter frames
● Work with full duplex communication
● Mixture of speeds
● One broadcast domain
● Each port is a separate collision domain
● No collisions
● No Sniffing

Access Point (AP) :



● Connects machines wirelessly in LAN
● Transmits frames in the air media
● Links wireless part to wired infrastructure
● One broadcast domain
● One collision domain
● Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA)

Router :



● Redirects packets between networks
● Works based on a routing table
● Divides network into broadcast domains
● Divides network into collision domains

Computer Network (LAN) Services :



● Software Resources Centralization
▸ Files
▸ Databases
▸ Applications
● Hardware Peripheral Sharing
▸ Printer
▸ Scanner
▸ Processor
▸ Storage

Computer Network (WAN) Services :



● Web Services
▸ Web Browsing
▸ Web Searching
▸ Social Media
● E-mail Exchanging
● File Transfer
● Voice Calls
● Video Conferencing

Computer Networks Transmission Media

Computer Networks Media Types :



● Wired Media (Cables)
▸ Copper Cables
- Coaxial cables
- Twisted Pair cables
- Shielded (STP)/Unshielded (UTP)
▸ Fiber Optic Cables
- Single Mode/Multi-Mode
● Wireless Media (Air)

Coaxial Cables :



● High capacity cables
● Used for video transfer
● Two types
▸ Thick coaxial cable (Thicknet)
- ½ inch diameter
- 10base5
▸ Thin coaxial cable (Thinnet)
- ¼ inch diameter
- 10base2
● Use BNC connector

Shielded Twisted Pair (STP) Cables :



● Protected
● Hard to install
● RJ45 Connector
● Crimper Tool

Unshielded twisted Pair (Utp) cables :



● Most commonly used type
● Easy to install
● Less expensive
● Electromagnetic interference
● RJ45 Connector
● Crimper Tool

UTP Cables :



● Category 1 - Used for telephone communications. Not suitable for transmitting data.
● Category 2 - Capable of transmitting data at speeds up to 4 megabits per second (Mbps).
● Category 3 - Used in 10BASE-T networks. Can transmit data at speeds up to 10 Mbps.
● Category 4 - Used in Token Ring networks. Can transmit data at speeds up to 16 Mbps.
● Category 5 - Can transmit data at speeds up to 100 Mbps.
● Category 5e - Used in networks running at speeds up to 1000 Mbps (1 gigabit per second [Gbps]).
● Category 6 - Typically, Category 6 cable consists of four pairs of 24 American Wire Gauge (AWG) copper wires. Category 6 cable is currently the fastest standard for UTP.

Fiber Optic Cables :



● Faster than twisted pair and coaxial
● Send data as light pulses over glass medium
● Free of electromagnetic interference
● Expensive
● Hard to install
● Used in submarine connections
● More secure

● Fiber Optic Cables Modes :
▸ Single Mode : Transfer data through the core using a single light ray, The core diameter is around 9 microns, Supports a large amount of data and Cable length can extended a great distance
▸ Multi-Mode : Transfers the data through the core using multiple light rays, The core diameter is around 50 microns and Cable length are limited in distance compared to single mode.

▸ Advantages - Total immune to the EMI, Highly resistance to Eavesdropping, Support extremely high data transfer rate and Allow grater cable distances without repeater.
▸ Disadvantages - Very expensive and Difficult to work with.

Wireless Media (Air) :



● Wi-Fi Wireless Fidelity
● Uses frequencies 2.4GHz or 5GHz
● Standards: a,b,g, and n
● Access Point (AP) connecting devices
● Mobility
● Flexibility
● Less secure

ISO/OSI Model (7 Layers)

● ISO : International Standardization Organization
● OSI : Open System Interconnection
▸ Primary architectural model for networks
▸ Developed in 1983
▸ Group of concepts
▸ Describes how devices send/receive data
- hop-to-hop
- end-to-end

Benefits of ISO/OSI Layered Model :



● Divides the network communication process into layers to be easier to troubleshoot
● Allows multiple-vendor development through standardization of network components
● Various types of network hardware and software can communicate
● Layer separation makes changes in one layer do not affect other layers
● Layers can interact with each other

ISO/OSI Layers :



7. Application
6. Presentation
5. Session
4. Transport
3. Network
2. Data Link
1. Physical

Network Protocols :



● NetBEUI
● IPX/SPX
● Apple Talk
● TCP/IP

NETBEUI :



● NetBIOS Extended User Interface
● LAN Protocol
● Limited Performance
● Almost obsolete

IPX/SPX :



● Standard
● Supports WAN
● Vendor Oriented
● Poor performance if used with other vendors

Apple Talk :



● Standard
● Supports WAN
● Vendor Oriented
● Poor performance if used with other vendors

TCP/IP :



● Standard
● Supports WAN
● Not vendor oriented
● Most widely used over Internet
● Mapped to OSI 7 Layers

5. Application (OSI Layer Equivalent - Application, Session, Presentation) [NFS, NIS+, DNS, telnet, ftp, rlogin, rsh, rcp, RIP, RDISC, SNMP etc.]
4. Transport (OSI Layer Equivalent - Transport) [TCP, UDP]
3. Internet (OSI Layer Equivalent - Network) [IP, ARP, ICMP]
2. Data Link (OSI Layer Equivalent - Data Link) [PPP, IEEE 802.2]
1. Physical Network (OSI Layer Equivalent - Physical) [Ethernet (IEEE 802.3) Token Ring, RS-232 etc.]

Application, Presentation and Session Layers

Application Layers :



● User interface to lower layers
● Preparation of data for each service
● End-to-end communication on both sides
● Software applications reside in it
● Sends requests and receives reply

▸ HTTP (Hyper Text Transfer Protocol)
▸ FTP (File Transfer Protocol)
▸ SMTP (Simple Mail Transfer Protocol)
▸ POP3 (Post Office transfers Protocol)
▸ IMAP (Internet Message Access Protocol)
▸ Telnet/SSH (Secure Shell)
▸ DNS (Domain Name Server)
▸ RTP (Real-time Protocol)

Presentation Layers :



● Responsible for common representation of data between source and destination
● Provides transformation of data
● Supports standardized application interface
● Coding of data syntax
● Data encryption/decryption
● Data compression/decompression

Session Layers :



● Establishing Session
● Managing Session
● Controlling Session
● Terminating Session

▸ Making sure the connection is active during session
▸ Securing the connection
▸ Dialogue synchronization
▸ Checking for connection failure
▸ Reconnecting if connection cuts off
▸ Terminating communication
▸ Defining node communication order and timing

Application, Presentation and Session :



● Closely connected
● Related in function
● Forms application layer in TCP/IP
● Content formatting
● Preparing for network process

Transport and Network Layers

Transport Layer :



● Organize data into segments
● Reliable end-to-end transport
▸ Loss recovery
▸ Flow control
▸ Data ordering
▸ Data Deduplication
● Or just Best Effort delivery

● Functionality of Transport Layer :

▸ Segmentation
▸ Dividing data in small fragments that can be transmitted over network
▸ Different networks have different Maximum Transmission Unit (MTU)
▸ MTU defines maximum size of one data piece carried through the network
▸ Data is being divided and transmitted to recipient via transport layer
▸ The MTU size is being acknowledged by transport layer
▸ MTU acknowledgment is during discovering routine and while establishing connection with the recipient
▸ Reassembly
▸ Done at the receiving end
▸ Transport layer protocols reconstruct data to its initial form
▸ Data can be received in different order
▸ Transport layer rearranges pieces of data in the correct order
▸ Sequencing
▸ Using sequencing identifiers
▸ Avoids losses and duplication
▸ Fixes the issue of following data different paths
▸ Organizing data in groups of subdivided data segments
▸ Identifying the order of groups of data sending and interpretation

● Communication in Transport Layer :

▸ Connectionless Oriented
▸ Not Reliable
▸ Best-effort delivery
▸ No connection establishment prior to data transmission
▸ Less security
▸ Allows data flooding
▸ Used with delay-sensitive data (Real Time)
- Audio Calls
- Video Streaming

Network Layer :



● Organize data into packets
● Responsible of end-to-end addressing and routing
● Identifies unique logical address for machines
● Selects the best path for destination
● Routers work in the network layer
● Performs fragmentation if segmentation is not enough

● Network Layer at the Receiver Side :

▸ Receives the segments of data from Transport layer
▸ Converts them to packets by adding addressing information
- Source address
- Destination address
▸ Finds a route for data to be delivered to the receiver
▸ Routes may differ because it is being determined based on the following :
- Network overload
- Quality of Service (QoS)
- Cost of alternative routes
- Delivery priorities

Logical Address :



● Unique identifier
● Bound to geographical location
● Used for end-to-end routing
● Can be changed
● Not vendor oriented
● Common example is the IP address in TCP/IP

Network and Transport layers :



● Network layer defines the following :
▸ Source Machine
▸ Destination Machine
● Transport Layer guarantees either of the following according to the used protocol :
▸ End-to-End Reliable Delivery
▸ End-to-End Best-Effort Delivery

Data Link and Physical Layers

Data Link Layer :



● Reliable data transfer across physical link
● Responsible of physical addressing
● Organize the data into frames
● Puts frames on the physical medium
● Check frames for errors
● Hop-to-hop addressing

● Physical Address :

▸ Unique identifier
▸ Not bound to geographical location
▸ Used for hop-to-hop addressing
▸ Burned on the NIC
▸ Can not be changed
▸ Vendor oriented
▸ Common example is the MAC address
▸ Sometimes called Hardware Address

● Receives data packages from network layer
● Convert data into the frames including the following :
▸ Data packages
▸ Sender and the receiver physical addresses
▸ Error checking and control information
● Checking and control ensures the frame has been delivered without troubles
● If part of the frame is lost during transmission then :
▸ Data Link layer protocols of the receiver would see that
▸ Data Link layer at the receiver requests data retransmit from the sender
● Switches and Bridges devices work in Data Link layer

Frame Check Sequence (FCS) :



● Error checking mechanism is creating the unique frame check sequence (FCS)
● FCS number based on the values of all of the preceding fields in the frame
● The receiver’s end receives data with the FCS value
● Receiver compares FCS to the data fields in frame
● In unlucky scenario of failed comparison the following is done :
▸ Data is assumed corrupted
▸ Receiver requests data resend

● If the comparison is a success, receiver sends the message of successful data transmission back to the sender
● If receiver did not receive the “success” message during specified time, automatically the sender resends the data frames

Data Link Layer Sublayers :



● Another function of Data Link layer protocols is to control the flow when many different nodes are sending data at the same time
● The Data Link layer has been divided into two sublayers by the IEEE as follows :
● The top sublayer is called Logical Link Control (LLC) communicating only with Network layer and providing the following functions :
▸ Hop-to-Hop Reliability
▸ Hop-to-Hop Flow control
● The bottom sublayer is Media Access Control (MAC) responsible for the following :
▸ Adding physical address to the frame
▸ Communication with the Physical layer

Physical Layer :



● Transmits bit stream over the physical link
● Sends data signals to media and receives it
● Adapts to the transmission media
▸ Cables
- Copper (Coaxial, Twisted Pair)
- Fiber Optic (Single Mode, Multi Mode)
▸ Wireless
● Responsible for the representation of 1s and 0s
● NIC, Hub, and Repeater work in Physical Layer

ISO/OSI Model

● Conceptual model that characterizes and standardizes the communication functions of a telecommunication or computing system
● Regardless of the underlying internal structure and technology
● Goal is the interoperability of diverse communication systems with standard protocols
● Partitions a communication system into abstraction layers
● The original version of the model defined seven layers
● Each layer serves the layer above it and is served by the layer below it
● A layer that provides error-free communications across a network provides the path needed by applications above it
● This layer calls the next lower layer to send and receive packets that comprise the contents of that path
● Two instances at the same layer are visualized as connected by a horizontal connection in that layer

● Summary : The Open System Interconnection (OSI) model defines a networking framework to implement protocols in seven layers

Computer Networks Protocols

● Set of rules and agreements governing the communication process
● Includes addressing, routing, session management, and error recovery processes
● The traditional mail network as an example of a network with a protocol
● The PSTN telephone network as another example
● The mobile phone network
● The layered model and its benefits
● Computer networks protocols :
▸ NetBEUI, IPX/SPX, Apple Talk, and the TCP/IP

TCP/IP :



● Standard protocol over Internet
● ISO/OSI compatible
● Provides interoperability between different hardware and software systems
● Open for development and not vendor oriented
● Provides reliability as well as best-effort delivery when needed
● Composed of a number of protocols built over each other
● Offers web browsing, file transfer, and e-mail exchange
● Versions 4 and Version 6 are running

TCP/IP Protocol Suite :



● Image Here

TCP/IP vs ISO/OSI :



● Merging of some layers to be 4 instead of 7
● Merging the physical and data link into one layer called physical or network access layer
● Keeping both the network and transport layers separate as they are
● Merging the upper 3 layers into one layer called the application layer
● TCP/IP is now the default protocol for any Microsoft, Linux, and many other operating systems

IP Protocol

● The principal communication protocol in the TCP/IP protocol suite
● Defines addressing to label the datagram with source and destination IP addresses
● Relaying datagrams (packets) across network boundaries
● Routing function enables internetworking and essentially establishes the Internet
● Delivers packets solely based on the IP addresses in the packet headers
● Structures packet that encapsulates the data to be delivered

IP Address :



● Unique
● Logical address
● Bounded to the geographical location
● Length: 32 Bits (4 Bytes/Octets) for version 4
● Each byte ranges from 0 to 255
● Categorized into classes: A, B, C, D, and E
● Identifies single machine on the Internet
● Used for routing from source to destination

IP Address Classes :



● Image Here

● *127 (01111111) is a Class A address reserved for loopback testing and cannot be assigned to a network

Public IP Addresses :



● Image Here

Private IP Addresses :



● Image Here

Reserved IP Addresses :



● Image Here

IP Layer Devices :



● Router and Layer 3 Switch work in IP layer
● Device redirects packets between networks
● Routers forward packets based upon the destination IP address
● Router searches the Routing Table for the destination network ID
● Network ID = IP Address & Subnet Mask
● Routers are protocol dependent
● Layer 3 switches are super fast routers

Routing Table :



● Composed of rows that are read sequentially
● Destination Network
● Subnet Mask
● Interface
● Gateway
● Cost/Metric
● Can be built statically or dynamically
● RIP and OSPF are dynamic routing protocols

TCP and UDP Protocols

Transport Layer :



● Session Multiplexing
● Flow Control
● Reliability
● Segmentation
● Uses TCP or UDP
● Adds Port Number
● Socket to Socket

What is Port Number? :



● Service Identifier
● Length: 16 bits
● Ranges from 0 to 65,535
● Well-known Ports: 0 → 1024
▸ HTTP: 80
▸ FTP: 21
▸ DNS: 53
▸ SMTP: 25
▸ HTTPS: 443
● Ephemeral Ports >1024

Socket Address :



● Image Here

Reliable vs Best-Effort :



● Image Here

UDP Protocol :



● Best-effort delivery (Unreliable)
● Provides applications with access to the network layer
● Saves the overhead of reliability mechanisms
● Connectionless protocol
● Limited error checking
● Data Loss due to :
▸ Routing Error
▸ Duplication
● No data-recovery features

UDP Header :



● Image Here

TCP Protocol :



● Reliable protocol
● Provides access to the network layer for applications
● Connection-oriented protocol
● Error checking
● Data-recovery features
● Sequencing of data packets
● Acknowledgement of receipt
● More commonly used than UDP

TCP Header :



● Image Here

Mapping Layer 4 to Applications :



● Image Here

Application Protocols

Application Layer :



● Web Services
▸ HTTP
▸ HTTPS
● File Sharing Services
▸ FTP
▸ TFTP
● Mail Services
▸ SMTP
▸ POP3/IMAP
▸ DNS Services

HTTP :



● Hyper Text Transfer Protocol
● Supports Web Services
● Uses Port Number 80
● The Secure Version is HTTPS
● HTTPS uses Port Number 443
● Transfers Text, Images, and Hyper Links

FTP :



● File Transfer Protocol
● Uses Port Number 21
● Built-in in MS Windows Operating Systems
● Many 3rd Party Programs
● Web Browser works as FTP Client

SMTP, POP3 and IMAP4 :



● SMTP
▸ Common language used by the majority of Mail Servers
▸ Send messages back and forth to other Mail Servers or Email Clients
● POP3 “Post Office Protocol version 3”
▸ Collects email messages from the mail server
▸ Download messages on the machine
▸ User can work offline
▸ Saves quota on the server
● IMAP4 “Internet Message Access Protocol version 4”
▸ Retrieves the message header only

DNS :



● Domain Name System DNS resolves Domain Name into IP Address

DHCP :



● Dynamic Host Configuration Protocol
● Image Here

TCP/IP Tools

IPConfig/IfConfig :



● IMAGE
● ipconfig stands for Internet Protocol Configuration and ifconfig stands for Interface Configuration
● ipconfig (windows)
● ifconfig (linux)

PING :



● IMAGE

ARP :



● IMAGE

FTP :



● IMAGE

NSLooKUP :



● IMAGE

Route :



● IMAGE

TraceRoute :



● IMAGE

IPTrace :



● IMAGE

Netstat :



● IMAGE

cURL :



● IMAGE

Wireshark :



● IMAGE
https://www.wireshark.org/download.html

Wireless Networks

Computer networks that are not connected by cables are called wireless networks. They generally use radio waves for communication between the network nodes. They allow devices to be connected to the network while roaming around within the network coverage.

Benefits of Wireless Networks :



● Mobility
● Flexibility
● Scalability
● Enabling BYOD Bring Your Own Device
● Cost Effectiveness

Mobility :



● The biggest attraction towards wireless is mobility
● So many Mobile Devices
▸ Laptops
▸ Mobile Phones
▸ Tablets
● Enabling Access Anywhere
▸ Corners
▸ Corridors
▸ Meeting Rooms
● Mobile VoIP Phones

Flexibility :



● Ease of setup and change
● Saving the wiring hassle
● Enabling guest access
● Allowing to work remotely
● Freedom of operations

Scalability :



● Simplicity of expansion
▸ Saves cabling
▸ Saves connecting devices
▸ Saves outlets in the wall
▸ Ease of adding and removing machines
● Capability of relocation inside the building
● Less planning overhead
● Scalable speed of connection
● Connecting hard to reach areas

Enabling Bring Your Own Device (BYOD) :



● Variety of devices
▸ Laptops
▸ Mobile Phones
▸ Tablets
● Ease of network establishment
▸ Meeting Rooms
▸ Training Centers
▸ Offices
▸ Canteen

Cost Effectiveness :



● Saving the cost of
▸ Cables
▸ Connecting devices
▸ Outlets
● Saving the labor cost
● Saving building civil work
▸ Walls
▸ Floors
▸ Ceilings
● Enabling BYOD is cost effective

Wired vs Wireless :



● Mixing both technologies
● Wired core and wireless access
● Wired infrastructure must exist
● Wireless offers better
▸ Healthy environment
- Avoids EMI
- Electrical shock
▸ Safe premises
- Falling over cables
- Cables mixing with water

Wireless Networks Types

● Frequency Range (Bandwidth)
● Covered Area (Distance)
▸ Radio and Television
▸ Satellite
▸ GMDSS
▸ Police and Army
▸ Aero planes (Civil/Military)
▸ GSM
▸ Bluetooth
▸ Infrared
▸ WiMax (WAN)
▸ WiFi (LAN)

Frequency Ranges :



● Licensed band
● ISM band
▸ Industrial
▸ Scientific
▸ Medical
● Regulatory Authority
▸ Spectrum Management
▸ Quality Monitoring
▸ Rules and Regulations
▸ R&D

GSM :



● Stand for Global System Mobile

● Image Here

● Generations :
▸ 1G
▸ 2G
▸ 3G
▸ 4G and LTE
▸ 5G

Bluetooth :



● Wireless technology standard for short distances
● Uses short wavelength UHF in ISM band
● Personal area network PAN technology
● Managed by Bluetooth Special Interest Group SIG
● IEEE Standard 802.15
● Susceptible to barriers and walls

Infrared :



● Electromagnetic radiation (EMR)
● Longer wavelengths than visible light
● Short range communication
● Used by Remote Controls
● Susceptible to barriers and walls

WIMAX :



● Worldwide Interoperability for Microwave Access
● WAN technology
● IEEE 802.16
● Last mile wireless broadband
● Competing with LTE
● Managed by WIMAX forum
● Provides triple play communication

Wireless Networks Protocol

WiFI :

● Wireless Fidelity
● LAN Protocol
● IEEE 802.11
● Standards: a,b,g, and n
▸ Frequency
▸ Speed
● Works in ISM band
● Uses 2.4 GHz and 5GHz
● Frequency band divided into channels
● Governed by Wi-Fi Alliance

802.11 Standard :

● WLAN standard
● Uses air as transmission media
● Concerned with the 2 lower layers of the OSI model
● Data Link Layer
▸ Logical Link Control (LLC)
▸ Medium Access Control (MAC)
● Physical Layer
▸ Physical Layer Convergence Procedure (PLCP)
▸ Physical Medium Dependent (PMD)

Infrastructure vs Ad-Hoc Modes :

● Infrastructure
▸ Uses Access Point
▸ Star topology
▸ More commonly used

● Ad-Hoc
▸ Direct communication
▸ Exists for short period
▸ Suitable for meetings and conferences
▸ More flexible in setup
▸ Point-to-point

SSID :

● Service Set Identifier
● Used to identify wireless LAN
● Can be broadcasted or hidden
● Length: 32 alphanumeric characters
● Can be composed of several access points
● Single access point can connect to several SSIDs

CSMA/CA :

● Carrier Sense Multiple Access Collision Avoidance
● Uses Request to Send RTS and Clear to Send CTS to avoid collisions
● Possibility of collisions still exists
● Lead to slower performance
● Recovered by resending

Wireless Networks Devices

Wireless Access Point (WAP) :

● Networking hardware device
● Connects mobile devices to the wired infrastructure
● Has Ethernet interfaces RJ45 and antennae
● Layer 2 device works in physical and data-link layers
● Coverage area depends on the antennae
● Many known vendors manufactures WAP
● May contain a DSL and a router in the same box for wireless home connections
● Supports multiple standards a,b,g, and n
● Divided into several radio channels to avoid interference
● Connects multiple SSIDs broadcasted and hidden
● Speed and coverage depends on brand and model
● Obstructed by walls and long distances
● Configured through firmware directly or web based
● May work with Power over Ethernet PoE

Wireless Access Point (WAP) Security :

● Hidden SSIDs
● Filtering based on :
▸ MAC addresses
▸ IP addresses
▸ Port Numbers (Services)
▸ Domain Names
● Encryption
▸ WEP
▸ WPA
▸ AES

WAP Configuration :

IMAGE

USB Modem :

● Connects PCs/Laptops to the GSM network via mobile operator
● Depends on the network generation 3G/4G
● Needs no wired infrastructure
● Charging fees according to subscription
● Less network speed than Wi-Fi
● Allows more flexibility and mobility

Smart Phones :

● Spreading fast over the world
● Wi-Fi
● GSM
● Bluetooth
● Can act as Hot Spot
● WiFi is less battery consuming than GSM
● Charges for GSM depends on subscription
▸ Monthly subscription
▸ Pay as you go

Wireless Networks Drawbacks

● Limitations in coverage
▸ Walls
▸ Long distances
▸ Weather conditions
● Higher bit error rate than wired
● Less security in general
▸ Open communications media for sniffing
● Costs charging fees like GSM
● Can not fully replace the wired infrastructure

Security Goals and Concepts

Network administrators seek to find a balance between access and security.

Security Goals - CIA :

● Confidentiality
▸ Ensuring that information is not revealed to unauthorized persons
▸ Data transmitted or stored should only be revealed to an intended audience
● Integrity
▸ Ensuring consistency of data
▸ Possible to detect any modification of data
● Availability
▸ Ensuring that legitimate users are not denied access to information and resources

Assets :

● Everything that have value for an organization or impact its business continuity
● This includes people, data, hardware, software, physical devices, and documents
▸ Bank: Clients accounts
▸ Hospital: Medical records
▸ Software: Patents and Source Codes
▸ University: Teaching materials and Grades
● Assets should be identified to create information security system
● An asset is what we are trying to protect
● Security specialist must be fully aware of the assets he/she is protecting

Threat :

● A person, thing, event or idea which poses danger to an asset
● A breach to the following :
▸ Confidentiality
▸ Integrity
▸ Availability
▸ Legitimate use
● A possible means of breaching a security policy
● Exploiting a vulnerability, intentionally or accidentally
● Obtain, damage, or destroy an asset
● A threat is what we are trying to protect against

Vulnerability and Exploit :

● Vulnerability
▸ Weakness or absence of safeguards
▸ Holes or gaps in a security program
▸ Can be exploited by threats to gain unauthorized access to an asset
▸ A vulnerability is a backdoor in our protection efforts
● Exploit
▸ An exploit is a program, script, or code
▸ Aims to perform unauthorized operations
▸ An example is a backdoor Trojan used to grant unauthorized access to a machine
▸ The way or tool by which an attacker uses a vulnerability to damage the target system

Risk :

● A measure of the cost of realized vulnerability
● The potential for loss, damage, or destruction of an asset
● Result of a threat exploiting a vulnerability
● Risk exists when our systems have a vulnerability that a given threat can attack
● Security deals with managing risk to your critical assets
● Security is basically an exercise in loss reduction
● Impossible to eliminate risk totally
● Risk is the probability of a threat crossing or touching a vulnerability

Impact :

● The result of an exploited vulnerability
● Deleted files
● Loss of information
● Loss of company image
● Loss of privacy

Risk Assessment :

● Vulnerability
▸ Password is vulnerable for dictionary or exhaustive key attacks
● Threat
▸ Intruder can exploit the password weakness to break into the system
● Risk
▸ Resources within the system are prone for illegal access/modify/damage by the intruder.

Risk = Threat x Vulnerability x Impact

Securing the Network Design

IMAGE

Goals of the Network Design :

● Publish separate mail, Web, and DNS servers to the Internet
● Provide appropriate access from the internal network to the Internet
● Protect the internal network from external attacks

Network Sections :

● Public
▸ Internet
● Semi-public (DMZ)
▸ Web server
▸ Mail server
▸ DNS server
● Private
▸ Internal Systems

Firewall Placement :

● Between the Internet and the other networks
● Between the semi-public and private network paths
▸ From private systems to the Internet
▸ From private systems to semi-public servers
▸ From semi-public servers to the Internet
▸ From the Internet to semi-public servers

Defense in Depth (DID) :

● Protect the firewall
▸ Border Router
● Limit the visibility of traffic between systems
▸ If one of our systems is compromised, minimize the consequences as much as possible

Virtual LANs VLANs :

● Segment physical switches into two or more virtual switches
● VLANs can span multiple switches
▸ Sometimes vendor-specific
● Need some form of routing to tie VLANs together for connectivity
▸ Router
▸ Layer 3 Switch

VLANS :

IMAGE

TCP/IP Security and Tools

IP Header :

IP Header

IP Protocol Field :

IP Protocol Field

Fields to SUSPECT :

● VER
▸ Why pass if not version 4 or 6?
● Length
▸ Why pass if more than 5, are there options?
● TTL
▸ How long has this packet been alive?
● Protocol
▸ Why other than TCP, UDP, or ICMP?

Think Stateful :

● Fragmentation
▸ ID and Offset
▸ What if the last fragment is never sent?
▸ What if overlapping offset numbers?

Subnetting :

● Consider who are on the same subnet with each other
● NAT and private addressing are sometimes good
▸ NAT is Network Address Translation
▸ One Real IP communicating a group of Private IPs
● One Subnet is a broadcast domain same as VLAN

UDP Header :

UDP Header

● Same port concept as TCP (trusted port and ephemeral ports)
● Some common applications that use UDP
▸ DNS (53)
▸ NTP (123)
▸ Bootp (67 and 68)
● Why UDP if not used in Audio or Video Real-time traffic?

TCP Header :

TCP Header

● Well-known ports less than 1024
▸ FTP: 21
▸ Telnet: 23
▸ SMTP: 25
▸ DNS: 53
▸ HTTP: 80
● Why Destination port greater than 1024 for incoming traffic to DMZ?

TCP Flags :

TCP Flag

● Control data flow and signal information to receiving host.

● Why SYN + FIN?
● Why ACK + FIN?
● Why SYN + ACK without SYN?
● Why ACK without SYN+ACK?
● Why RST with anything?

Port Scanning and Tools

Port Scanning :

● Passive way of attacking
● Introduces to active attacks
● Common backdoor is to open a port
● Scan 1-65,535 twice :
▸ Once for TCP
▸ Once for UDP
● Various tools available :
▸ Nmap
▸ Zenmap

Port Scanning Types :

● Ping Scan
● TCP Full-open Scan (SYN, SYN ACK, ACK)
● TCP Half-open Scan (SYN Scan, ACK Scan, FIN Scan)

Operating System Identification :

● Looks for subtle differences in target responses
● Develops a fingerprint
● Compares the fingerprint against a pre-build database of OS fingerprints

NMap :

● Port Scanning Software
● Used on MS Windows and Linux
● ZENMAP with GUI
● https://nmap.org

Sniffing and Tools

Sniffing :

● Allows to capture data as it is transmitted over a network
● Used by network professionals to diagnose network issues
● Used also by malicious users to capture unencrypted data
● Way of passive attacking
● Breaching confidentiality
● Introduces to active attacks

TCPDUMP :

TCPDUMP

● Free to download from Internet
● Used with the libpcap packet capture library
● TCPdump has also been ported to Windows as Windump
● Simple protocol analyzer
● Tells you whether a DNS packet is :
▸ a query to resolve an A record
▸ or a name server response
● Command Line Interface CLI
● Requests more packet information with the switches :
▸ –v, –vv, or –vvv
● By default only reads the first 68 bytes
● You can specify –s followed by the number of bytes
● It is usually a good idea to use –s 1500 if you want to capture the entire packet

Wireshark :

Wireshark

Firewalls

Firewall

● Firewall is one of the most effective security tools
● Protects internal network users from external threats
● Resides between two or more networks
● Controls the traffic between networks
● Helps prevent unauthorized access

Why Firewalls? :

A firewall is an essential part of your business' security system. Without it, your network is open to threats. A firewall keeps destructive and disruptive forces out, and controls the incoming and outgoing network traffic based on security parameters that you can control and refine.

Firewalls benefits :

● Protect internal/external systems from attack
● Filter communications based on content
● Perform NAT (Network Address Translation)
● Logging to aid in intrusion detection and forensics

Shortcomings of Firewalls :

● Attacks at the application layer may sneak through
● Some connections may bypass firewalls like :
▸ Dial-up
▸ Virtual Private Network (VPN)
▸ Extranet
● Organizations may let down their guard in other security areas such as :
▸ Passwords
▸ Patches
▸ Encryption

Firewall Placement :

Firewall Placement

More Resources :

More Networking Resources will be updated soon

>_ Terminal
Updating....

Want To Ask Anythink ?

© Hacktronian / All Rights Reserved / Policy
Get in Touch
Close