Cybersecurity Basics

What is Networking?

According to Wikipedia, A computer network is a group of computers that use a set of common communication protocols over digital interconnections for the purpose of sharing resources located on or provided by the network nodes. The interconnections between nodes are formed from a broad spectrum of telecommunication network technologies, based on physically wired, optical, and wireless radio-frequency methods that may be arranged in a variety of network topologies.

What is Internet?

The Internet is one giant network that consists of many, many small networks within itself. 

How to Identify devices on a Network?

In order To communicate and maintain operation, devices must be both identifying and identifiable on a network. 

So we use these in order to maintain communication between devices:

  • An IP Address
  • A Media Access Control (MAC) Address — think of this as being similar to a serial number.

IP Address:

  • Two Versions of Addressing Scheme
    • IP version 4 – 32 bit addressing
    • IP version 6 – 128 bit addressing

IP address Classes

  • CLASS A Range
    • 0.0.0.0  – 127.255.255.255
  • CLASS B Range
    • 128.0.0.0 – 191.255.255.255
  • CLASS C Range
    • 192.0.0.0 – 223.255.255.255
  • CLASS D Range
    • 224.0.0.0 – 239.255.255.255
  • CLASS E Range
    • 240.0.0.0 – 255.255.255.255
  • Private IP Address
    • CLASS  A 10.0.0.0 – 10.255.255.255
    • CLASS  B 172.16.0.0 – 172.31.255.255
    • CLASS  C 192.168.0.0 – 192.168.255.255
  • Public  IP Address
    • Apart from the above specified IP addresses all other IP addresses are  Public IP’s

Assigning IP address via Command Prompt Example

        Netsh interface ipv4 set address name=“Ethernet” source=static addr=10.0.0.1 mask=255.0.0.0

MAC Addresses

Devices on a network will all have a physical network interface, which is a microchip board found on the device’s motherboard.

This network interface is assigned a unique address at the factory it was built at, called a MAC (Media Access Control ) address.

The MAC address is a sixteen-character hexadecimal number (a base sixteen numbering system used in computing to represent numbers) split into two’s and separated by a colon, for example, a4:c3:f0:85:ac:2d.

The first six characters represent the company that made the network interface, and the last six is a unique number.

However, an interesting thing with MAC addresses is that they can be faked or “spoofed” in a process known as spoofing.

This spoofing occurs when a networked device pretends to identify as another using its MAC address. When this occurs, it can often break poorly implemented security designs that assume that devices talking on a network are trustworthy.

Take the following scenario: A firewall is configured to allow any communication going to and from the MAC address of the administrator. If a device were to pretend or “spoof” this MAC address, the firewall would now think that it is receiving communication from the administrator when it isn’t.

PING(ICMP)

Ping is one of the most fundamental network tools available to us.

Ping uses ICMP (Internet Control Message Protocol) packets to determine the performance of a connection between devices, for example, if the connection exists or is reliable.

The syntax to do a simple ping is ping IP address or website URL

Extending Your Network

 Introduction to Port Forwarding

Port forwarding is an essential component in connecting applications and services to the Internet. Without port forwarding, applications and services such as web servers are only available to devices within the same direct network.

In comparison, firewalls determine if traffic can travel across these ports (even if these ports are open by port forwarding).

While the standard rule for web data is port 80, a few other protocols have been allocated a standard rule. Any port that is within and 1024 (1,024) is known as a common port. Let’s explore some of these other protocols below:

ProtocolPort NumberDescription
File Transfer Protocol (FTP)21This protocol is used by a file-sharing application built on a client-server model, meaning you can download files from a central location.
Secure Shell (SSH)22This protocol is used to securely login to systems via a text-based interface for management.
HyperText Transfer Protocol (HTTP)80This protocol powers the World Wide Web (WWW)! Your browser uses this to download text, images and videos of web pages.
HyperText Transfer Protocol Secure (HTTPS)443This protocol does the exact same as above; however, securely using encryption.
Server Message Block (SMB)445This protocol is similar to the File Transfer Protocol (FTP); however, as well as files, SMBallows you to share devices like printers.
Remote Desktop Protocol (RDP)3389This protocol is a secure means of logging in to a system using a visual desktop interface (as opposed to the text-based limitations of the SSH protocol).

 Firewalls

A firewall is a device within a network responsible for determining what traffic is allowed to enter and exit. 

Firewall CategoryDescription
StatefulThis type of firewall uses the entire information from a connection; rather than inspecting an individual packet, this firewall determines the behaviour of a device based upon the entire connection.T
StatelessThis firewall type uses a static set of rules to determine whether or not individual packets are acceptable or not. For example, a device sending a bad packet will not necessarily mean that the entire device is then blocked.Whilst these firewalls use much fewer resources than alternatives, they are much dumber.

Layer 3, Layer 5 of the OSI model are the layers where the firewalls operate at.

VPN

Virtual Private Network (or VPN for short) is a technology that allows devices on separate networks to communicate securely by creating a dedicated path between each other over the Internet (known as a tunnel). Devices connected within this tunnel form their own private network.

VPN technology has improved over the years. Let’s explore some existing VPN technologies below:

VPN TechnologyDescription
PPPThis technology is used by PPTP (explained below) to allow for authentication and provide encryption of data. VPNs work by using a private key and public certificate (similar to SSH). A private key & certificate must match for you to connect.This technology is not capable of leaving a network by itself (non-routable).
PPTPThe Point-to-Point Tunneling Protocol (PPTP) is the technology that allows the data from PPP to travel and leave a network. PPTP is very easy to set up and is supported by most devices. It is, however, weakly encrypted in comparison to alternatives.
IPSecInternet Protocol Security (IPsec) encrypts data using the existing Internet Protocol (IP) framework.IPSec is difficult to set up in comparison to alternatives; however, if successful, it boasts strong encryption and is also supported on many devices.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

error: Content is protected !!