Network fundamantal ( free CCNA 200-301 Course class 1 )

-

Network Fundamentals

What is Network ?

A Network consists of TWO or more computers That are connected in order to share resources (such as printers) exchange files or allow electronic communications. the computer on a network may be linked through cable, telephone lines, radio waves, satellites, or infrared light beams.


Who's in charge of  the Internet or TCP/IP?


You're in charge. Or, you might say that everyone is, and no one is, in charge of the internet and TCP/IP. No one person, organization, corporation, or government owns or controls the internet or TCP/IP. Moreover, no one person, organization, corporation, or government finances the internet or TCP/IP. To say that no one controls TCP/IP and the internet doesn't mean, however, that protocols magically appear with no control or that the internet just does whatever it wants.



This list describes some of the important organizations and committees that steer TCP/IP and internet Policies :


Internet Society (ISOC) : The Internet Society (www.isoc.org) guides
the future of the Internet by overseeing Internet standards, public policy,
education, and training. ISOC members include corporations, interna-
tional and governmental organizations, and individuals. The Internet
Activities Board (refer to third bullet), the Internet Engineering Task
Force (refer to fourth bullet), and the Internet Research Task Force are
all part of the ISOC.

 

Internet Corporation for Assigned Names and Numbers (ICANN): The
nonprofit corporation ICANN, at www.icann.org, is in charge of assign-
ing Internet addresses. ICANN, pronounced “eye can,” is run by an inter-
national board of directors and funded by the Internet community.

 

Internet Activities Board (IAB): IAB, at www.iab.org, defines the
architecture for the Internet. The IAB — just say its letters, “i-a-b” — also
oversees the Internet’s protocols (TCP/IP). The IAB contains subcom-
mittees of volunteers who set standards and work on new solutions to
Internet growth problems.

 

Internet Engineering Task Force (IETF): IETF, at www.ietf.org, is a
community of more than 70 informal committees responsible for keep-
ing the Internet up and running every day. The IAB supervises the IETF,
which is pronounced simply “i-e-t-f.” You can join the IETF working
groups to help draft and develop standards for TCP/IP protocols.



Network Type :

Network come in different shapes and sizes. Two main type of network lan and wan - are usually based on these factors:

 

  • The distance the network covers
  • Architecture and connection media
  • Speed
  • Purpose

        (For example, does the network connect a city, a campus, or just a bunch of             storage devices)


1. LAN (Local area network)

        The computers and other devices in a LAN communicate over small geographical areas, such as these :

  •  Your home office
  •  One wing of one floor in a building
  •  Maybe the entire floor, if it's a small building
  •  Several buildings on a small campus

2. WAN (wide area network)

Imagine a company that has several buildings in different towns and provinces, or even in different countries. Does that mean that all the people who work in the company can't be on the same network because a LAN is limited by distance? Of course not. The internet is world wide and beyond, so you can even bounce data off satellites in outer space, to create a WAN.


source wikipedia



Network Devices

let's take a moment to talk about network devices


  • NIC
  • Hub 
  • Switch
  • Router
  • Bridge
  • Modem
  • Repeater
  • Access point
  • Firewall  
  • IPS / IDS


1. NIC(Network Interface card) :

 The most important connection device is the network interface card (or NIC,
also known as a network adapter or a network card). This computer circuit
board (or card, for short) lets your computer be connected to a network by
cables or air. The NIC converts data into electrical signals. Most computers
come with a NIC, either wireless or wired or both, already installed inside
the case. The NIC’s manufacturer hardcodes on every NIC a unique hardware
address known as the Media Access Control (MAC). Some protocols access
this address.

 

  

 

What is a MAC address?

 • MAC addresses are primarily assigned by device manufacturers,
    and are therefore often referred to as the burned-in address, or as
    an Ethernet hardware address, hardware address, and physical
    address.
•  Each address can be stored in hardware, such as the card's read-
    only memory, or by a firmware mechanism. Many network
    interfaces, however, support changing their MAC address.
•  The address typically includes a manufacturer's organizationally
    unique identifier (OUI). MAC addresses are formed according to
    the principles of two numbering spaces based on Extended
    Unique Identifiers (EUI) managed by the Institute of Electrical and
    Electronics Engineers (IEEE): EUI-48.



2. HUB :

                 Hubs are Layer-1 devices that physically connect network devices together for communication. Hubs can also be referred to as repeaters.


Hubs provide no intelligent forwarding whatsoever. Hubs are incapable of processing either Layer-2 or Layer-3 information, and thus can't make decision based on hardware or logical addressing.


Hubs will always forward every frame out every port, excluding the port originating the frame.Hubs do not differentiate between frame types,
and thus will always forward unicasts, multicasts, and broadcasts out every
port but the originating port. 


Ethernet hubs operate at half-duplex, which allows a host to either transmit or receive data, but not simultaneously. Half-duplex Ethernet utilizes
Carrier Sense Multiple Access with Collision Detect (CSMA/CD) to
control media access. Carrier sense specifies that a host will monitor the
physical link, to determine whether a carrier (or signal) is currently being
transmitted. The host will only transmit a frame if the link is idle.


If two hosts transmit a frame simultaneously, a collision will occur. This
renders the collided frames unreadable. Once a collision is detected, both
hosts will send a 32-bit jam sequence to ensure all transmitting hosts are
aware of the collision. The collided frames are also discarded. Both devices
will then wait a random amount of time before resending their respective
frames, to reduce the likelihood of another collision.


Remember, if any two devices connected to a hub send a frame
simultaneously, a collision will occur. Thus, all ports on a hub belong to the
same collision domain. A collision domain is simply defined as any
physical segment where a collision can occur.


Multiple hubs that are uplinked together still all belong to one collision
domain. Increasing the number of host devices in a single collision domain
will increase the number of collisions, which will degrade performance.


Hubs also belong to only one broadcast domain – a hub will forward both
broadcasts and multicasts out every port but the originating port. A broadcast
domain is a logical segmentation of a network, dictating how far a broadcast
(or multicast) frame can propagate.



 

3. Switch :   

Layer-2 devices build hardware address tables, which at a minimum contain the following :

    • Hardware addressed for hosts
    • The port each hardware address is associated with           

Using this information, Layer-2 devices will make intelligent forwarding decisions based on the frame (or data-link) headers. A frame can then be forwarded out only the appropriate destination port, instead of all ports.


Layer-2 forwarding was originally referred to as bridging. bridging is a largely deprecated term and layer-2 forwarding is now commonly referred to as switching.

 

There are some subtle technological differences between bridging and switching. Switches usually have a higher port-density, and can perform forwarding decisio-ns at wire speed, due to specialized hardware circuits called ASICs (Application - specific Integrated Circuits). Otherwise, bridges and switches are nearly ide-
ntical in function.


Ethernet Switches build MAC Address Tables through a dynamic learning process. A switch behaves much like a hub when first powered on. The switch will flood every frame, including unicasts, out every port but the originating port.


The switch will then build the MAC address table by examining the source MAC address of each frame. Consider the following diagram:


NOTE : When PC1 sends a frame to PC2, the switch will add PC1 MAC address to its table, associating it with port fa0/1. however the switch will not learn PC2 MAC address until PC2 send a frame to PC1, or to another device connected to the switch. Switches always learn from the source MAC address in a frame.

 

While hubs were limited to half-duplex communication, switches can operate in full-duplex. each individual port on a switch belongs to its own collision domain. thus, switches create more collision domains, which results in fewer collision.

 

 

 3. Router :


Routers are networking devices operating at layer-3 or network layer of the OSI model. the router route a packet from one network to another network, based on the address (IP address). Routers use routing tables to make data forwarding decisions, Which contain the following :

  •     The destination network and subnet mask
  •     The  Next hop  router to get to the destination network 
  •     Routing metrics and Administrative Distance

Note that Layer-3 forwarding is based on the destination network, and not the destination host. it is possible to have host routes, but this is less common.



 



4. Firewall


A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.

 

 

 

5. IPS/IDS

                                            * Source : VARONIS.com

 IDS :

  • An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. 
  • Any intrusion activity or violation is typically reported either to an administrator orcollected centrally using a security information and event management (SIEM)system.

 

 IPS :

  •  Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network security appliances that monitor network or system activities for malicious activity.
  • The main funcations of intrusion prevention systems are to identify malicious activity, log information about this activity, report it and attempt to block or stop it.

Comments

Post a Comment

Popular posts from this blog

What is OSINT in cyber security | how to use OSINT techniques

-
Image
 What is OSINT ?             OSINT ( Open Source Intelligence ) and it is the one of the key aspects in the cyberSecurity. NOTE :  “ OS ” (from OSINT ) means OPEN SOURCE . In this case, it is not related to the               Open source movement             The term OSINT come from US military agencies the started using the term OSINT  in late               1980’s  as they re-evaluating the nature of information requirements in tactical levels under               battlefields.In 1992  the intelligence Reorganization Act determined that there is main goals               of intel gathering included key concepts like: Must be objective intelligence free. Data must be available on public  and may be non-public sources             The key word Behind OSINT concept is information, and most importantly, information that can                be obtained for free and information that Publicly available and it doesn’t matter if it located inside                newspapers, blogs, web pages, twee
Read more

What is OSI Model | How OSI Model works ?

-
Image
INTRO TO OSI Model      [ Open Systems Interconnection ] In the early 1980s , the development of networks was chaotic. Each vendor had its own proprietary solution(PC). The bad part was that one vendor’s solution(PC) was not compatible with another vendor’s solution (PC) ex. IBM and Microsoft both are developing they own standard so only Microsoft can communicate with Microsoft computer and IBM can communicate with IBM computer. This is where  I nternational Organization for Standardization (ISO) come in action and ISO  developed an Open model called OSI Model ( Open System Interconnection ) ,OSI comes with a Layering approach to the network or hardware vendors would design hardware for network, and others could develop software for the application for this hardware or network. Using an open model which everyone agrees so means we can build a network that is compatible with each other.        The OSI Model is a conceptual Model ,  Nowadays most vendors build networks based on the
Read more

50+ Best Ethical hacking free resources and Tools, lab

-
Image
    Online Penetration testing Resources and Tools Penetration Testing Resources Metasploit Unleashe – Free Offensive Security Metasploit course The Metasploit Unleashed (MSFU) course is provided free of charge by Offensive Security in order to raise awareness for underprivileged children in East Africa. PTES  – Penetration Testing Execution Standard The penetration testing execution standard consists of seven (7) main sections. Pre-engagement Interactions Intelligence Gathering Threat Modeling Vulnerability Analysis Exploitation Post Exploitation Reporting OWASP  – Open Web Application Security Project Open Web Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software PENTEST-WIKI  – A free online security knowledge library for pentesters / researchers. pentest-wiki is a free online security knowledge library for pentesters / researchers. Vulnerability Assessment Framework  – Penetration Testing Framework. The Pentes ters Framew
Read more