CHPT 3-NetworkFundamentals
CHPT 3-NetworkFundamentals
2. IP Addresses
3. MAC Addresses
7. Subnetting
Types of IP Addresses:
IPv4 IPv6
2. IP Addresses
Classes of IP Addresses : IP addresses are generally put into three classes, and the ranges are:
•Class A: 0.0.0.0 - 127.255.255.255
•Class B: 128.0.0.0 - 191.255.255.255
•Class C: 192.0.0.0 - 223.255.255.255
Public vs. Private IP Addresses
It's important to note that our IP address system has its limitations. The biggest limitation is that there are not enough IP addresses to cover all of the devices
that need to connect to the internet.
The IPv4 system that we are working with now has only 4.3 billion IP addresses.
s a result, a system was developed to reuse a group of IP addresses to be used within a LAN—and are not usable over the internet.
A
These addresses can be used over and over again within each local area network, but not over the internet, thereby conserving the number of IP addresses
necessary to keep the world going 'round.
These private addresses include:
•192.168.0.0 - 192.168.255.255
•10.0.0.0 - 10.255.255.255
•172.16.0.0 - 172.16.255.255
3. MAC Addresses
Each time you connect to the LAN, you are likely to receive a different
(dynamic) IP address, but usually in the same range. For instance,
192.168.0.0 - 192.168.255.255.
4. NAT
Network Address Translation (NAT) is protocol whereby internal private IP addresses
are "translated" to an external public IP address that can be routed through the internet
to its destination.
Remember, private IP addresses of the systems inside the LAN cannot use their IP
addresses on the internet because they are not unique (every LAN uses basically the
same IP addresses inside their network).
The NAT device accepts requests to traverse the internet from an internal machine. It
then records that machine's IP address in a table and converts the IP address to the
external IP address of the router.
When the packet returns from its destination, the NAT device looks into its saved table
of the original request and forwards on the packet to the internal IP address of the
system that made the original request within the LAN. When working properly, the
individual systems and users don't even realize this translation is taking place.
4. The Three-Way Handshake
TCP (Transmission Control Protocol) lies between the Application and Network Layers which are used in providing reliable delivery
services. It is a connection-oriented protocol for communications that helps in the exchange of messages between different devices
over a network. The Internet Protocol (IP), which establishes the technique for sending data packets between computers, works with
TCP.
Features of TCP
•TCP keeps track of the segments being transmitted or received by
assigning numbers to every single one of them.
•Flow control limits the rate at which a sender transfers data. This
is done to ensure reliable delivery.
•TCP implements an error control mechanism for reliable data
transfer.
•TCP takes into account the level of congestion in the network.
4. TCP, UDP
User Datagram Protocol (UDP) is a Transport Layer protocol. UDP is a part of the Internet Protocol suite, referred to as the UDP/IP suite. Unlike TCP,
it is an unreliable and connectionless protocol. So, there is no need to establish a connection before data transfer. The UDP helps to establish low-
latency and loss-tolerating connections establish over the network. The UDP enables process-to-process communication.
Features of UDP
• Used for simple request-response communication when the size of data is less and hence there is lesser concern about flow and error control.
• It is a suitable protocol for multicasting as UDP supports packet switching.
• Normally used for real-time applications which can not tolerate uneven delays between sections of a received message.
5. Common Ports and Protocols
A port is a logical form to identify system activities or various network services used to create local or network-based communications.
Port number is a 16-bit numerical value that ranges from 0 to 65535. Well-known port (0-1023), registered port (1024-49151), and
dynamic port is three types of port number space. (49152-65535).
These ports can be opened and used by software applications and operating system services to send and receive data over networks (LAN
or WAN) that employ certain protocols (eg TCP, UDP).
For example, we use 80 for HTTP-web-based plain-text surfing and 443 for HTTPS-web-based encrypted websites in our daily work.
•OSI stands for Open System Interconnection is a reference model that describes
how information from a software application in one computer moves through a
physical medium to the software application in another computer.
•OSI consists of seven layers, and each layer performs a particular network
function.
•OSI model divides the whole task into seven smaller and manageable tasks. Each
layer is assigned a particular task.
6. The OSI Model
7. Application Layer
The application layer is used by end-user software such as web browsers and email clients. It provides protocols that
allow software to send and receive information and present meaningful data to users.
Application layer protocols are the Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Post Office
Protocol (POP), Simple Mail Transfer Protocol (SMTP),Domain Name System (DNS).
6. Presentation Layer
The presentation layer prepares data for the application layer.
It defines how two devices should encode, encrypt, and compress data so it is received correctly on the other end. The
presentation layer takes any data transmitted by the application layer and prepares it for transmission over the session
layer.
5. Session Layer
The session layer creates communication channels, called sessions, between devices.
It is responsible for opening sessions, ensuring they remain open and functional while data is being transferred, and
closing them when communication ends. The session layer can also set checkpoints during a data transfer—if the
session is interrupted, devices can resume data transfer from the last checkpoint.
4. Transport Layer
The transport layer takes data transferred in the session layer and breaks it into “segments” on the transmitting end. It is
responsible for reassembling the segments on the receiving end, turning it back into data that can be used by the session
layer.
The transport layer carries out flow control, sending data at a rate that matches the connection speed of the receiving
device, and error control, checking if data was received incorrectly and if not, requesting it again.
6. The OSI Model
3. Network Layer
The network layer has two main functions. One is breaking up segments into network packets, and
reassembling the packets on the receiving end. The other is routing packets by discovering the best path
across a physical network.
The network layer uses network addresses (Internet Protocol addresses) to route packets to a destination
node.
1. Physical Layer
The physical layer is responsible for the physical cable or wireless connection between network nodes. It
defines the connector, the electrical cable or wireless technology connecting the devices, and is
responsible for transmission of the raw data, which is simply a series of 0s and 1s, while taking care of bit
rate control.
Subnet:
•In a large network, like a company's or an internet service provider's, there are
many devices (computers, printers, etc.).
• Subnetting is like dividing this vast network into smaller, more manageable
chunks. Each chunk, or subnet, can be treated as a mini-network on its own.
Execute Command :
netsh interface ipv4 show config
8. SNMP (Simple Network Management Protocol)
SNMP is a protocol used for managing and monitoring devices on a
computer network. It's like a language that network devices (routers,
switches, servers, etc.) use to communicate their status and performance
metrics.
Components of SNMP:
•SNMP Manager:
• This is the "manager" or the system that collects and analyzes
information from network devices. It could be a software
application or a dedicated device.
•SNMP Agents:
• These are programs or components embedded in network
devices that collect and store information about the device.
Agents respond to requests from the SNMP manager and send
alerts when predefined thresholds are crossed.
8. SNMP (Simple Network Management Protocol)
How SNMP Works:
•GET Requests:
• The SNMP manager sends a GET request to an SNMP agent,
asking for specific information about a device. For example, it
might request the current CPU usage of a server.
•SET Requests:
• The manager can also send SET requests to agents, instructing
them to change certain settings on a device. For instance,
adjusting the temperature threshold on a network switch.
•TRAPs (Alerts):
• SNMP agents can independently send TRAPs to the SNMP
manager. These are alerts triggered by predefined events like a
sudden increase in network traffic or a device reaching its
storage capacity.
9. SMB (Server Message Block) and Samba
SMB is a network protocol that enables shared access to files, printers,
and other resources between computers on a network. It's a common
protocol used in Windows environments.
Key Features:
•Authentication:
• SMB provides a mechanism for user authentication, ensuring
that only authorized users can access shared resources. This
helps in maintaining the security and privacy of files and data.
9.1 SMB (Server Message Block)
Use Cases:
•File Sharing:
• In an office network, employees can use SMB to share
documents and collaborate on projects. It simplifies the process
of accessing shared files on a centralized server.
•Printer Sharing:
• SMB allows multiple users to print documents on a shared
printer. This is common in office environments where several
users need access to a single printer.
•Access to Network Resources:
• SMB enables users to access not only files and printers but also
other network resources, fostering efficient communication and
collaboration.
9.2 SAMBA
Samba is an open-source implementation of the SMB protocol. It allows
non-Windows operating systems, like Linux and Unix, to communicate
seamlessly with Windows-based systems using SMB.
Key Features:
•Cross-Platform Compatibility:
• Samba enables interoperability between different operating
systems, making it possible for non-Windows systems to share
files and resources with Windows systems.
•Authentication:
• Samba includes its own authentication system, allowing non-
Windows systems to participate in a network where user
authentication is required.
9.4 SAMBA
•Cross-Platform Integration:
• Samba bridges the gap between Windows and non-Windows systems. It is crucial for organizations or
networks where both Windows and non-Windows systems coexist, providing seamless communication.
•Cost-Efficiency:
• As an open-source solution, Samba is cost-effective and provides a way for organizations to integrate
different systems without the need for expensive proprietary solutions.
•Flexible Deployment:
• Samba allows for the deployment of file and print services on a variety of platforms, offering flexibility in
choosing the underlying operating system for servers.
10. Tracerouting
A traceroute provides a map of how data on the internet travels from its source to its
destination. When you connect with a website, the data you get must travel across multiple
devices and networks along the way, particularly routers.
•Packet Hopping:
• Traceroute works by sending a series of packets toward the target destination with each packet carrying a Time-to-
Live (TTL) value. The TTL value is decremented at each hop, and when it reaches zero, the packet is discarded.
C:\Users\adity>tracert google.com
10. Tracerouting
Why Tracerouting is Needed:
•Network Troubleshooting:
• Traceroute is an essential tool for troubleshooting network issues. By showing the path a packet takes, network administrators
can identify where problems, such as delays or outages, might be occurring.
•Performance Analysis:
• It helps in analyzing the performance of a network by providing information on the time it takes for data to travel between
different points. This is crucial for optimizing network efficiency.
•Path Verification:
• Traceroute verifies the actual route that data takes, which may not always be the most direct path. This information is valuable
for understanding the topology of a network and ensuring that data is flowing as intended.
•Security Analysis:
• Tracerouting can be used to analyze the security of a network. It helps identify potential points of vulnerability or unauthorized
diversions in the data path.
Use case :
•Imagine you're sending an email from your computer to a server across the globe. Traceroute would show you each intermediate step
(or hop) the email takes, including routers, switches, and servers. If there's a delay or if the email isn't reaching its destination, traceroute
would highlight where the issue might be occurring.
11. Analyzing Network Traffic – Wireshark, Tcpdump
Filtering :
sudo tcpdump -i any -c5 icmp #get only ICMP
packets
sudo tcpdump -i any -c5 -nn port 80 #get port 80
packets
sudo tcpdump -i any -c5 -nn src 192.168.122.98 #get packets with source ip = 192.168.122.98
A forward proxy will first check if the user's requested information is cached
before retrieving it from the server. The proxy stores cached information itself,
eliminating the need to request it from the server. If the requested information is
cached, the proxy will send it directly to the user.
If the proxy denies the user's request, it sends the user an error or redirect
message.
12. Proxy & Proxy Servers
2. Reverse Proxy Server
A reverse proxy is a type of proxy server that typically passes requests
from the Internet through to users in an internal network via a
firewall; essentially, a forward proxy in ‘reverse'.
If the proxy allows the user's request, it retrieves this information from
the web server and responds to the user.
If the proxy denies the user's request, it sends the user an error or
redirect message.
12. Proxy & Proxy Servers
To check if you're using a forward proxy:
If you see output like http_proxy=http://proxy.example.com:port, it means you're configured to use a forward proxy.
If you see a proxy server listed, it indicates that you're using a forward proxy.
Use curl or wget to make an HTTP request to a website and examine the response headers.
curl -I https://example.com
curl –I https://nasa.gov
https://example.onion
13.1 TOR : What is the Tor browser?
3.Accessing the Dark Web: The TOR network also hosts websites and
services that are not indexed by traditional search engines and are only
accessible through TOR. This part of the internet is known as the Dark
Web.
14 Introduction to VPN
VPN (Virtual Private Network): A Virtual Private Network, or VPN, is a
service that encrypts your internet connection and routes it through a
server operated by the VPN provider. This server can be located in a
different country or region from where you are, effectively masking your
IP address and making it appear as if you're accessing the internet from
the location of the VPN server.
Here's a brief overview of VPN and its functionality:
2. Due to its lack of security, Telnet is rarely used for remote access over the
internet today. However, it may still be used in some local network environments
where security concerns are minimal.
2.SSH (Secure Shell):
1. SSH is a secure remote login protocol designed to address the security
vulnerabilities of Telnet. It provides a secure encrypted connection between the
client and the server, protecting the confidentiality and integrity of the data
transmitted.
2. SSH encrypts all data, including login credentials, commands, and data
exchanged between the client and server. This encryption ensures that even if the
data is intercepted, it cannot be read by unauthorized parties.
3. SSH is widely used for remote administration, file transfer, and tunneling over
untrusted networks such as the internet. It has become the standard for secure
remote access to servers and network devices.
16. HTTP and Web Technologies
•It is a protocol used to access the data on the World Wide Web (www).
•The HTTP protocol can be used to transfer the data in the form of plain text,
hypertext, audio, video, and so on.
•The URL defines four parts: method, host computer, port, and
path. Port part is optional
The back end portion is built by using some languages which are discussed below:
• PHP
• Python
• Java
• JavaScript
• Node.js
• C#
• DBMS : The software which is used to manage database is called
Database Management System (DBMS). Eg : SQL , NOSQL ,
Postgresql .
16. Web Server Structure
/
Root Folder
Functionality 1 Functionality 1
(HTML Files) (HTML Files)
Private Data
Page1.html Page1.html
Page2.html Page2.html
Page3.html