2,0 Networking Flashcards
1
Q
A series of moving vans(IP)
* Efficiently move large amounts of data
– Think of this as like a :
- The network topology is the road
– _____ system - The truck is the Internet Protocol (IP)
– Hint: roads - The boxes hold your data
– Boxes of ____and ___ - Inside the boxes are more things
– ___ information
A
-a shipping truck
*
-Ethernet, DSL, cable system
*
-We’ve designed the roads for this truck
*
-TCP, UDP
*
-Application information
2
Q
TCP and UDP
* Transported inside of IP
– Encapsulated by the ____
* Two ways to move data from place to place
– Different _____ for different ____
* OSI Layer 4
– The ____ layer
* Multiplexing
– Use many different _____ at the same time
– __P and __P
A
-IP protocol
*
-features, applications
*
-transport
*
-applications
-TCP, UDP
3
Q
TCP – Transmission Control Protocol
* Connection-oriented
– A formal connection ___and ___
* “Reliable” delivery
– Recovery from ____
– Can manage out-of-order ____ or ____
* Flow control
– The receiver can manage how much ____ is sent
A
- A formal connection setup and close
*
-Recovery from errors
-Can manage out-of-order messages or retransmissions
*
-The receiver can manage how much data is sent
4
Q
UDP – User Datagram Protocol
* Connectionless - No formal open/close to the connection
* “Unreliable” delivery
– No ___ recovery
– No reordering of ___ or ____
* No flow control
– Sender determines the amount of data ____
A
– No error recovery
– No reordering of data or retransmissions
*
– Sender determines the amount of data transmitted
5
Q
Why would you ever use UDP?
* Real-time communication
– There’s no way to ___ and ___ the data
– Time doesn’t stop for your ___
* Connectionless protocols
– DHCP (_____)
– TFTP (____)
A
– There’s no way to stop and resend the data
– Time doesn’t stop for your network
*
– DHCP (Dynamic Host Configuration Protocol)
– TFTP (Trivial File Transfer Protocol)
6
Q
Communication using TCP
* Connection-oriented protocols prefer a “return receipt”
– HTTPS (Hypertext Transfer Protocol Secure)
– SSH (Secure Shell)
* The application doesn’t worry about out of order
frames or missing data
– TCP handles all of the ________ overhead
– The application has ____ job
A
-Hypertext Transfer Protocol Secure
-Secure Shell
*
-communication
-one
7
Q
Speedy delivery
* The IP delivery truck delivers from one _____ address to
another (IP) address
– Every house has an address, every computer
has an IP address
* Boxes arrive at the house / IP address
– Each box has a ___ name
* Port is written on the outside of the box
– Drop the box into the right ____
A
-Every house has an address, every computer
has an IP address
*
-Each box has a room name
*
-Drop the box into the right room
8
Q
Lots of ports
* IPv4 sockets
– Server IP address, _____l,
server application ___ number
– Client IP address, protocol, client ____ number
Lots of ports
* Non-ephemeral ports – permanent port numbers
– Ports 0 through 1,023
– Usually on a server or service
Lots of ports
* Ephemeral ports – temporary port numbers
– Ports ____ through ____
– Determined in _____ by the client
A
– Server IP address, protocol,
server application port number
– Client IP address, protocol, client port number
*
-Ports 0 through 1,023
– Usually on a server or service
*
– Ports 1,024 through 65,535
– Determined in real-time by the client
9
Q
Port numbers
* TCP and UDP ports can be any number between
0 and 65,535
* Most servers (services) use non-ephemeral
(not-temporary) port numbers
– This isn’t ___ the case
– It’s just a ___.
* Port numbers are for communication, not security
* Service port numbers need to be “well known”
* TCP port numbers aren’t the same as UDP port numbers
A
– This isn’t always the case
– It’s just a number.
10
Q
Port numbers
* Well-known port number
– Client and server need to ____
- Important for firewall rules - Port-based security
- A bit of rote memorization
– Becomes second nature after a while - Make sure you know port number, protocol,
and how the protocol is used
A
– Client and server need to match
*
– Becomes second nature after a while
11
Q
FTP - File Transfer Protocol
* tcp/20 (active mode data), tcp/21 (control)
– Transfers files ___ systems
* Authenticates with a username and password
– Some systems use a _______ login
* Full-featured functionality - List, add, delete, etc
A
– Transfers files between systems
*
– Some systems use a generic/anonymous login
12
Q
SSH - Secure Shell
- Encrypted communication link - tcp/22
* Looks and acts the same as Telnet
A
- Encrypted communication link - tcp/__
13
Q
Telnet
- Telnet – Telecommunication Network - tcp/__
* Login to devices remotely
– ____ access
Telnet
* In-the-clear communication
– Not the best choice for ___ systems
A
- Telnet – Telecommunication Network - tcp/23
*
– Console access
*
– Not the best choice for production systems
14
Q
SMTP - Simple Mail Transfer Protocol
* SMTP - Simple Mail Transfer Protocol
– Server to server email transfer - tcp/25
* Also used to send mail from a device to a mail server
– Commonly configured on mobile devices and email clients
* Other protocols are used for clients to receive email
– I___, P___
A
– Server to server email transfer - tcp/25
*
-Commonly configured on mobile devices and email clients
*
-IMAP, POP3
15
Q
DNS - Domain Name System
* Converts names to IP addresses - udp/53
– www.professormesser.com = 162.159.246.164
* These are very critical resources
– Usually multiple ___ servers are in production
A
- www.____.com = __.__
*
– Usually multiple DNS servers are in production
16
Q
DHCP - Dynamic Host Configuration Protocol
* Automated configuration of IP address, subnet mask and
other options - udp/67, udp/68
– Requires a ___ server
– Server, appliance, integrated into a ___ router, etc.
DHCP - Dynamic Host Configuration Protocol
* Dynamic / pooled
– IP addresses are assigned in ___-____ from a pool
– Each system is given a lease and must renew at __ intervals
DHCP - Dynamic Host Configuration Protocol
* DHCP reservation
– Addresses are assigned by ___ address in the ___ server
– Manage addresses from ___ location
A
– Requires a DHCP server
– Server, appliance, integrated into a SOHO router, etc.
*
– IP addresses are assigned in real-time from a pool
– Each system is given a lease and must renew at set intervals
*
– Addresses are assigned by MAC address in the DHCP server
– Manage addresses from one location
17
Q
HTTP and HTTPS
* Hypertext Transfer Protocol
– Communication in the ___
– And by other ____
* In the clear or encrypted
– Supported by nearly all web __ and ___
A
– Communication in the browser
– And by other applications
*
– Supported by nearly all web servers and clients
18
Q
POP3 / IMAP
* Receive emails from an email server
– Authenticate and transfer
* POP3 - Post office Protocol version 3
– tcp/___
– Basic mail ___ functionality
* IMAP4 - Internet Message Access Protocol v4
– tcp/___
– Includes email ____ management from multiple clients
A
– Authenticate and transfer
*
– tcp/110
– Basic mail transfer functionality
*
– tcp/143
– Includes email inbox management from multiple clients
19
Q
SMB - Server Message Block
* Protocol used by Microsoft Windows
– File ____, printer ___
– Also called CIFS ()
SMB - Server Message Block
* Using NetBIOS over TCP/IP
(Network Basic Input/Output System)
– __/137 - NetBIOS name services (nbname)
– __/139 - NetBIOS session service (nbsession)
* Direct over tcp/445 (NetBIOS-less)
– Direct SMB communication over TCP without
the ____ transport
A
– File sharing, printer sharing
– Also called CIFS (Common Internet File System)
SMB - Server Message Block
*
– udp/137 - NetBIOS name services (nbname)
– tcp/139 - NetBIOS session service (nbsession)
*
– Direct SMB communication over TCP without
the NetBIOS transport
20
Q
SNMP - Simple Network Management Protocol
* Gather statistics from network devices
– Queries: udp/16_
– Traps: udp/16_
SNMP - Simple Network Management Protocol
* v1 – The original
– _____ tables
– In-the-____
SNMP - Simple Network Management Protocol
* v2 – A good step ahead
– Data type enhancements
– ___ transfers
– Still in-the-____
SNMP - Simple Network Management Protocol
* v3 – A secure standard
– Message ___
– _____tion
-______ption
A
– Queries: udp/161
– Traps: udp/162
*
– Structured tables
– In-the-clear
*
– Data type enhancements
– Bulk transfers
– Still in-the-clear
*
– Message integrity
– Authentication
– Encryption
21
Q
LDAP
* LDAP (Lightweight Directory Access Protocol) - tcp/389
* Store and retrieve information in a network directory
– Commonly used in Microsoft Active ___
A
-Microsoft Active Directory
22
Q
RDP - Remote Desktop Protocol
-Share a desktop from a remote location over tcp/3389
* Remote Desktop Services on many Windows versions
-Can connect to an entire ___ or just an a_____
* Clients for Windows, macOS, Linux, Unix, iPhone,
Android, and others
A
-Share a desktop from a remote location over tcp/3389
*
-Can connect to an entire desktop or just an application
23
Q
Network devices
* Many different devices and components
– All have different ___
Network devices
* Some of these functions are combined together
– Wireless r____/s___/fi___
Network devices
* Compare different devices
– Understand when they should be _
A
– All have different roles
*
– Wireless router/switch/firewall
*
– Understand when they should be used
24
Q
Routers
* Routes traffic between IP subnets
– Makes forwarding decisions based on IP address
– Routers inside of switches sometimes called
“layer 3 switches”
Routers
* Often connects diverse network types
-L___, W___, co___, f____r
A
– Makes forwarding decisions based on IP address
– Routers inside of switches sometimes called
*
-L___, W___, co___, f____r
– LAN, WAN, copper, fiber
25
Switches
* Bridging done in hardware
– Application-specific _____ circuit (ASIC)
– Forwards traffic based on ___ link address
* Many ports and features
– The core of an _____ network
– May provide _____ over ______ (PoE)
* Multilayer switch
– Includes ______ functionality
– Application-specific integrated circuit (ASIC)
– Forwards traffic based on data link address
*
– The core of an enterprise network
– May provide Power over Ethernet (PoE)
Switches
*
– Includes routing functionality
26
Unmanaged switches
* Very few configuration options
– ___ and play
Unmanaged switches
* Fixed configuration
– No ___Ns
Unmanaged switches
* Very little integration with other devices
– No ____ protocols
Unmanaged switches
* Low price point
– Simple is less ____
– Plug and play
*
– No VLANs
*
– No management protocols
*
– Simple is less expensive
27
Managed switches
* VLAN support
Managed switches
– Interconnect with other switches via 802._ _
* Traffic prioritization
– Voice traffic gets a _____ priority
* Redundancy support
– S____Tr___ Protocol (STP)
* Port mirroring
– ______ packets
* External management
– Simple _____ _____ Protocol (SNMP)
– Interconnect with other switches via 802.1Q
*
– Voice traffic gets a higher priority
*
– Spanning Tree Protocol (STP)
*
– Capture packets
*
– Simple ____ _____ Protocol (SNMP)
28
Access point
* Not a wireless router
– A wireless router is a router and an access point
in a single device
Access point
* An access point is a bridge
– Extends the wired network onto the wireless network
– Makes forwarding decisions based on ____ address
– A wireless router is a ___r and an a____ point
in a single device
*
– Extends the ____ network onto the wireless network
– Makes forwarding decisions based on MAC address
29
Patch Panels
* Combination of punch-down blocks and
RJ-45 connectors
* Runs from desks are made once
– Permanently ___ down to ____ panel
Patch Panels
* Patch panel to switch can be easily changed
– No ____ tools
– Use ____ cables
– Permanently punched down to patch panel
Patch Panels
*
– No special tools
– Use existing cables
30
Firewalls
* Filters traffic by port number
– OSI layer 4 (___P/____P)
– Some firewalls can filter based on the ___
* Can encrypt traffic into/out of the network
– Protect your traffic ____ sites
* Can proxy traffic
– A common ____ technique
* Most firewalls can be layer 3 devices (routers)
– Usually sits on the ___ess/__gress of the network
– OSI layer 4 (TCP/UDP)
– Some firewalls can filter based on the application
*
– Protect your traffic between sites
*
– A common security technique
*
– Usually sits on the ingress/egress of the network
31
Power over Ethernet (PoE)
* Power provided on an Ethernet cable
– One wire for both _____ and electricity
– Phones, cameras, _____s access points
– Useful in ____-to-power areas
Power over Ethernet (PoE)
* Power provided at the switch
– Built-in power - ___spans
– In-line power injector - ___dspans
– One wire for both network and electricity
– Phones, cameras, wireless access points
– Useful in difficult-to-power areas
*
– Built-in power - Endspans
– In-line power injector - Midspans
32
PoE switch
* Power over Ethernet
– Commonly marked on the __ch or i___
– Commonly marked on the switch or interfaces
33
PoE, PoE+, PoE++
* PoE: IEEE 802.3af-2003
– The original ___ specification
– Now part of the 802.__ standard
– 15._ watts DC power, 3___ mA max current
* PoE+: IEEE 802.3at-2009
– Now also part of the 802._ standard
– 25._ watts DC power, 60_ mA max current
* PoE++: IEEE 802.3bt-2018
– 5_ W (Type 3), 60_ mA max current
– 71._ W (Type 4), 96_ mA max current
– PoE with 10G___E-T
– The original PoE specification
– Now part of the 802.3 standard
– 15.4 watts DC power, 350 mA max current
*
– Now also part of the 802.3 standard
– 25.5 watts DC power, 600 mA max current
*
– 51 W (Type 3), 600 mA max current
– 71.3 W (Type 4), 960 mA max current
– PoE with 10GBASE-T
34
Hub
* “Multi-port repeater”
– Traffic going in one port is repeated to
every other port
-Everything is ___-duplex
* Becomes less efficient as network traffic increases
* 10 megabit / 100 megabit
* Difficult to find today
– Traffic going in one port is repeated to
every other port
-Everything is half-duplex
35
Cable modem
* Broadband
– Transmission across multiple ____
– Different ____ types
* Data on the “cable” network
– DOCSIS (_________)
* High-speed networking
– Speeds up to 1 ____/s are available
* Multiple services
– __ta, vo_, v___o
– Transmission across multiple frequencies
– Different traffic types
*
– DOCSIS (Data Over Cable Service Interface Specification)
*
– Speeds up to 1 Gigabit/s are available
*
– Data, voice, video
36
DSL modem
* ADSL (Asymmetric Digital Subscriber Line)
– Uses ___ lines
* Download speed is faster than the upload
speed (asymmetric)
– ~1_,____ foot limitation from the central office (CO)
– 5_ Mbit/s downstream / 1_ Mbit/s upstream are
common
– Faster speeds may be possible if closer to the ___
– Uses telephone lines
*
– ~10,000 foot limitation from the central office (CO)
– 52 Mbit/s downstream / 16 Mbit/s upstream are
common
– Faster speeds may be possible if closer to the CO
37
ONT
* Optical network terminal
– Fiber to the ____
ONT
* Connect the ISP fiber network to the copper network
– ______point (demarc) in the data center
– _____box on the side of the building
ONT
* Line of responsibility
– One side of the box is the ___
– Other side of the box is your ___
– Fiber to the premises
*
– Demarcation point (demarc) in the data center
– Terminal box on the side of the building
*
– One side of the box is the ISP
– Other side of the box is your network
38
Network Interface Card (NIC)
* The fundamental network device
– Every device on the network has a ___
– Computers, servers, printers, routers, switches,
phones, tablets, cameras, etc.
* Specific to the network type
– E___et, W_N, wireless, etc.
* Often built-in to the motherboard
– Or added as an ___card
* Many options - Single port, multi-port, copper, fiber
– Every device on the network has a NIC
– Computers, servers, printers, routers, switches,
phones, tablets, cameras, etc.
*
– Ethernet, WAN, wireless, etc.
*
– Or added as an expansion card
39
SDN (Software Defined Networking)
* Networking devices have different functional
planes of operation
– Data, control, and _m____planes
* Split the functions into separate logical units
– Extend the f____y and m____t
of a single device
– Perfectly built for the cloud
* Infrastructure layer / Data plane
– Process the network f__ and p___
– Forwarding, tr___, encrypting, NAT
* Control layer / Control plane
– Manages the actions of the ___plane
– R___ tables, s___ tables, N__ tables
– Dynamic routing protocol ___
– Data, control, and management planes
SDN (Software Defined Networking)
*
– Extend the functionality and management
of a single device
– Perfectly built for the cloud
*
– Process the network frames and packets
– Forwarding, trunking, encrypting, NAT
*
– Manages the actions of the data plane
– Routing tables, session tables, NAT tables
– Dynamic routing protocol updates
40
Extend the physical architecture
SDN data flows
* Application layer / Management plane
– C___ and m___ the device
– SSH, browser, API
– Configure and manage the device
– SSH, browser, API
41
42
43
Wireless standards
* Wireless networking (802.11)
– Managed by the IEEE L__/M__
Standards Committee (IEEE 802)
* Many updates over time
– Check with I___ for the latest
* The Wi-Fi trademark
– Wi-Fi Alliance handles i_______y testing
– Managed by the IEEE LAN/MAN
*
– Check with IEEE for the latest
*
– Wi-Fi Alliance handles interoperability testing
44
802.11a
* One of the original 802.11 wireless standards
– October 19__
- Operates in the 5 GHz range
– Or other frequencies with special ___
* 54 megabits per second (Mbit/s)
* Smaller range than 802.11b
– ___frequency is absorbed by objects in the way
* Not commonly seen today
- October 1999
- Operates in the ___ GHz range
– Or other frequencies with special licensing
*
– Higher frequency is absorbed by objects in the way
45
802.11b(hint: for frequency, think BGs)
* Also an original 802.11 standard - October 1999
- Operates in the ___ GHz range
-____ megabits per second (Mbit/s)
* Better range than 802.11a, less absorption problems
* More frequency conflict
– Baby monitors, cordless phones,
microwave ovens, Bluetooth
* Not commonly seen today
-Operates in the 2.4 GHz range
-11 megabits per second (Mbit/s)
*
– ___ monitors, cordless ___, microwave ovens, Blue___
46
802.11g (hint: for frequency, think BGs)
* An “upgrade” to 802.11b - June 2003
- Operates in the ___ GHz range
- ___ megabits per second (Mbit/s) (hint: 5 times faster than b)
- Similar to 802.11_
* Backwards-compatible with 802.11b
* Same 2.4 GHz frequency conflict problems as 802.11b
- Operates in the ____ GHz range
- 54 megabits per second (Mbit/s)
- Similar to 802.11a
47
802.11n (Wi-Fi 4)
* The update to 802.11g, 802.11b, and 802.11a
*October 2009
-Operates at 5 GHz and/or 2.4 GHz
– ____MHz channel widths
* 600 megabits per second (Mbit/s)
– ____ MHz mode and 4 antennas
* 802.11n uses MIMO
– MIMO means?
– Multiple ___ and receive antennas(MIMO)
-Operates at 5 GHz and/or 2.4 GHz
– 40 MHz channel widths
*
– 40 MHz mode and 4 antennas
*
– Multiple-input multiple-output
– Multiple transmit and receive antennas
48
802.11ac (Wi-Fi 5)
* Approved in January 2014
– Significant improvements over 802.11_
* Operates in the 5 GHz band
– Less ___, more frequencies (up to ___MHz
channel bandwidth)
* Increased channel bonding - Larger bandwidth usage
* Denser signaling modulation
– Faster ___transfers
* Eight MU-MIMO downlink streams
– Twice as many streams as 802.11_
– Nearly _ gigabits per second
– Significant improvements over 802.11n
*
– Less crowded, more frequencies (up to 160 MHz
channel bandwidth)
*
– Faster data transfers
*
– Twice as many streams as 802.11n
– Nearly 7 gigabits per second
49
802.11ax (Wi-Fi 6)
* Approved in February 2021
– The successor to 802.11ac/Wi-Fi 5
* Operates at 5 GHz and/or 2.4 GHz
– 20, 40, __, and ___ MHz channel widths
* 1,201 megabits per second per channel
– A relatively small ____in throughput
– Eight bi-______ MU-MIMO streams
* Orthogonal frequency-division multiple access (OFDMA)
– Works similar to cellular ____
– Improves high-____installations
– The successor to 802.11ac/Wi-Fi 5
*
– 20, 40, 80, and 160 MHz channel widths
*
– A relatively small increase in throughput
– Eight bi-directional MU-MIMO streams
*
– Works similar to cellular communication
– Improves high-density installations
50
Long-range fixed wireless
* Wireless access point in a house with the stock antennas
– You might get a range of ___ to 50 meters
* Try connecting two buildings located miles from each other
– Fixed directional ____ and increased signal ____
* Outdoors
– Minimal signal ___ or b____
* Directional antennas
– Focused, point-to-____ connection
* Wireless regulations are complex
– Refer to your country’s _____ agency
* Frequency use
– Unlicensed 2.4 GHz or 5 GHz frequencies
– Additional ____ may be available
– Additional ____ may be required
* Signal strength
– Indoor and outdoor power is usually ____
* Outdoor antenna installation is not trivial
– Get an ___ , be safe
– You might get a range of 40 to 50 meters
*
– Fixed directional antennas and increased signal strength
*
– Minimal signal absorption or bounce
*
– Focused, point-to-point connection
*
– Refer to your country’s regulatory agency
*
– Unlicensed 2.4 GHz or ___ GHz frequencies
– Additional frequencies may be available
– Additional licensing may be required
*
– Indoor and outdoor power is usually regulated
*
– Get an expert, be safe
51
RFID (Radio-frequency identification)
* It’s everywhere
– Access badges
– Inventory/Assembly line ___
– Pet/Animal ____
– Anything that needs to be ____
* Radar technology
– Radio ___ transmitted to the tag
– RF powers the ___, ID is transmitted back
– Bi_____ communication
– Some tag ____can be active/powered
– Access badges
– Inventory/Assembly line tracking
– Pet/Animal identification
– Anything that needs to be tracked
*
– Radio energy transmitted to the tag
– RF powers the tag, ID is transmitted back
– Bidirectional communication
– Some tag formats can be active/powered
52
NFC (Near field communication)
* Two-way wireless communication
– Builds on RFID, which is mostly ___-way
* Payment systems
– Major ___ cards, online wallets
* Bootstrap for other wireless
– NFC helps with ___ pairing
* Access token, identity “card”
– Short range with ____ support
-Builds on RFID, which is mostly one-way
*
– Major credit cards, online wallets
*
– NFC helps with ___ pairing
*
– Short range with encryption support
53
802.11 technologies
* Frequency
– ___ GHz or 5 GHz
– And sometimes ___
* Channels
– Groups of _____ , numbered by the IEEE
– Non-____channels would be ideal
* Regulations
– Most countries have regulations to
manage ____ use
– Spectrum use, ____ output,
___ requirements, etc.
– 2.4 GHz or 5 GHz
– And sometimes both
*
– Groups of frequencies, numbered by the IEEE
– Non-overlapping channels would be ideal
*
– Most countries have regulations to
manage frequency use
– Spectrum use, power output,
interference requirements, etc.
54
Bluetooth
* Remove the wires
– Headsets, speakers, keyboards / mice(What devices)
Bluetooth
* Uses the 2.4 GHz range
– Unlicensed ISM
(__, __and __) band
– Same as 80___
* Short-range
– Most consumer devices operate
to about 1__ meters
– Industrial Bluetooth devices can communicate
over 1_ meters
– Headsets, speakers, keyboards / mice
*
– Unlicensed ISM
(Industrial, Scientific and Medical) band
– Same as 802.11
*
– Most consumer devices operate
to about 10 meters
– Industrial Bluetooth devices can communicate
over 100 meters
55
DNS server
* Domain Name System
– Convert names to IP addresses
– And vice versa
* Distributed naming system
– The load is balanced across many different servers
* Usually managed by the ISP or IT department
– A critical ___
– Convert names to IP addresses
– And vice versa
*
– The load is balanced across many different servers
*
– A critical resource
56
DHCP server
* Dynamic Host Configuration Protocol
– Automatic IP ___ configuration
* Very common service
– Available on most home ___
* Enterprise DHCP will be redundant
– Usually running on ___ servers
– Automatic IP address configuration
*
– Available on most home routers
*
– Usually running on central servers
57
File server
* Centralized storage of documents,spreadsheets,
videos, pictures, and any other files
– A ____share
* Standard system of file management
– SMB (_ _ _),
* The front-end hides the protocol
– Copy, delete, rename, etc
– A fileshare
*
– SMB (Server Message Block)
*
– Copy, delete, rename, etc
58
Print server
* Connect a printer to the network
– Provide ___ services for all network devices
* May be software in a computer
– Computer is connected to the ___
* May be built-in to the printer
– Network ___ and s___
* Uses standard printing protocols
– SMB (Server Message Block), IPP (Internet
___ ___), LPD (Line ___ Daemon)
– Provide printing services for all network devices
*
– Computer is connected to the printer
*
– Network adapter and software
*
– SMB (Server Message Block), IPP (Internet
Printing Protocol), LPD (Line Printer Daemon)
59
Mail server
* Store your incoming mail
– Send your ___ mail
* Usually managed by the ISP or the IT department
– A ___ set of requirements
* Usually one of the most important services
– 24/7 support
– Send your outgoing mail
*
– A complex set of requirements
*
– 24/ 7 support
60
Syslog
* Standard for message logging
– ____systems, ___log
* Usually a central logging receiver
– Integrated into the S____
* You’re going to need a lot of disk space
– No, more. More than that.
– Diverse systems, consolidated log
*
– Integrated into the SIEM
*
– No, more. More than that.
61
Web server
* Respond to browser requests
– Using standard web browsing protocols - HTTP/HTTPS
– Pages are built with HTML, HTML_
* Web pages are stored on the server
– Downloaded to the _
– ___pages or built dynamically in real-___
– Using standard web browsing protocols - HTTP/HTTPS
– Pages are built with HTML, HTML5
*
– Downloaded to the browser
– Static pages or built dynamically in real-time
62
Authentication server
* Login authentication to resources
– ____ management
* Almost always an enterprise service
– Not required on a ___ network
* Usually a set of redundant servers
– Always ____
– Extremely ___ service
– Centralized management
*
– Not required on a home network
*
– Always available
– Extremely important service
63
Spam
* Unsolicited messages
– Email, ___s, etc.
* Various content
– ____advertising
– Non-commercial _____
– Ph___ attempts
* Significant technology issue
– Security ___, resource u____,
storage ___, managing the spam
– Email, forums, etc.
*
– Commercial advertising
– Non-commercial proselytizing
– Phishing attempts
*
– Security concerns, resource utilization,
storage costs, managing the spam
64
Spam gateways
* Unsolicited email
– Stop it at the g___ before it reaches the user
– On-__ or cloud-__
– Stop it at the gateway before it reaches the user
– On-site or cloud-based
65
All-in-one security appliance
* Next-generation firewall, Unified Threat
Management (UTM) / Web security gateway
* URL filter / Content inspection
* Malware inspection
* Spam filter
* CSU/DSU
* Router, Switch
* Firewall
* IDS/IPS
* Bandwidth shaper
* VPN endpoint
66
Load balancers
* Distribute the load
– Multiple s____
– Invisible to the end-___
* Large-scale implementations
– Web server ____, d____e farms
* Fault tolerance
– Server o____ have no effect
- Very fast c___
– Multiple servers
– Invisible to the end-user
*
– Web server farms, database farms
*
– Server outages have no effect
- Very fast convergence
67
Load balancer features
* Configurable load - Manage across servers
* TCP offload - Protocol overhead
* SSL offload - Encryption/Decryption
* Caching - Fast response
* Prioritization - QoS
* Content switching - Application-centric balancing
68
Proxy server
* An intermediate server
– Client makes the r___t to the p___
– The proxy performs the actual r___
– The proxy provides r_s back to the cl___
* Useful features
– Access co____, ca___, URL f___, content sc___
– Client makes the request to the proxy
– The proxy performs the actual request
– The proxy provides results back to the client
*
– Access control, caching, URL filtering, content scanning
69
SCADA / ICS
* Supervisory Control and Data Acquisition System
– Large-scale, multi-site _ _ Systems (ICS)
* PC manages equipment
– Power ____, refining,
manufacturing equipment
– Facilities, i___, energy, logistics
* Distributed c____- systems
– Real-time i___
– S__control
– Requires e____ segmentation
– No access from the o___
– Large-scale, multi-site Industrial Control Systems (ICS)
*
– Power generation, refining, manufacturing equipment
– Facilities, industrial, energy, logistics
*
– Real-time information
– System control
– Requires extensive segmentation
– No access from the outside
70
Legacy and embedded systems
* Legacy systems
– Another expression for “really ___”
– May also be “really i___.”
– Learning old things can be just as important as
learning the new things
* Embedded systems
– Purpose-built d___
– Not usual to have d____ access to
the operating system
– A__ system, door security, ___card system
– Another expression for “really old”
– May also be “really important.”
– Learning old things can be just as important as
learning the new things
*
– Purpose-built device
– Not usual to have direct access to
the operating system
– Alarm system, door security, timecard system
71
IoT (Internet of Things) devices
* Appliances
– R_
* Smart devices
– Smart speakers respond to v___ commands
* Air control
– Thermostats, te___ control
* Access
– Smart d___
* May require a segmented network
– Limit any security ___
– Refrigerators
*
– Smart speakers respond to voice commands
*
– Thermostats, temperature control
*
– Smart doorbells
*
– Limit any security breaches
72
IP addressing
* IPv4 is the primary protocol for everything we do
– You probably won’t c___ anything else
* IPv6 is now part of all major operating systems
– And the b___ of our Internet infrastructure
– You probably won’t configure anything else
*
– And the backbone of our Internet infrastructure
73
IPv4 addresses
* Internet Protocol version 4
– OSI Layer ___ address
– OSI Layer 3 address
74
IPv6 addresses
* Internet Protocol v6 - 128-bit address
– 340,282,366,920,938,463,463,374,607,431,768,211,456
addresses (340 undecillion)
– 6.8 billion people could each have
5,000,000,000,000,000,000,000,000,000 addresses
75
Networking with IPv4
* IP Address, e.g., 192.168.1.165
– Every device needs a unique ___+address
* Subnet mask, e.g., 255.255.255.0
– Used by the local device to determine its s______
– The subnet mask isn’t (______) transmitted
across the network
* Default gateway, e.g., 192.168.1.1
– The router that allows you to communicate
_____ of your local subnet
– The default gateway must be an IP address
on the ___subnet
– Every device needs a unique IP address
*
– Used by the local device to determine its subnet
– The subnet mask isn’t (usually) transmitted
*
– The router that allows you to communicate
outside of your local subnet
– The default gateway must be an IP address
on the local subnet
76
DNS servers
* We remember names
– professormesser.com, google.com, youtube.com
* Internet routers don’t know names
– Routers only know ___ addresses
* Something has to translate between
names and IP addresses
– DNS(____)
* You configure two DNS servers in
your IP configuration
– That’s how ___ it is
– professormesser.com, google.com, youtube.com
*
– Routers only know IP addresses
*
– Domain Name Services
*
– That’s how important it is
77
IPv4 addresses format
78
IPv6 addresses format
79
DHCP
* IPv4 address configuration used to be manual
– IP a___ , subnet ____ , gateway,
DNS s___, NTP servers, etc.
* October 1993 - The bootstrap protocol (BOOTP)
* BOOTP didn’t automatically define everything
– Some _____ configurations were still required
– BOOTP also didn’t know when an
IP address might be available ____
* Dynamic Host Configuration Protocol (DHCP)
– Initially released in 199_,
updated through the years
– Provides a____address / IP configuration
for almost all devices
– IP address, subnet mask, gateway,
DNS servers, NTP servers, etc.
*
– Some manual configurations were still required
– BOOTP also didn’t know when an
IP address might be available again
*
– Initially released in 1997,
updated through the years
– Provides automatic address / IP configuration
for almost all devices
80
The DHCP Process (DORA)
* Step 1: Discover - Client to DHCP Server
– Find all of the available D____ Servers
* Step 2: Offer - DHCP Server to client
– Send some IP address o___ to the client
* Step 3: Request - Client to DHCP Server
– Client chooses an offer and makes a formal r__
* Step 4: Acknowledgment - DHCP Server to client
– DHCP server sends an a____ to the client
– Find all of the available DHCP Servers
*
– Send some IP address options to the client
*
– Client chooses an offer and makes a formal request
*
– DHCP server sends an acknowledgment to the client
81
Turning dynamic into static
* DHCP assigns an IP address from the first available from a
large pool of addresses
– Your IP address will occasionally _____
* You may not want your ____ address to change
– Server, printer, or personal p___
* Disable DHCP on the device
– Configure the IP address information m___
– Requires additional a____
* Better: Configure an IP reservation on the DHCP server
– Associate a specific M___ address with an IP address
– Your IP address will occasionally change
*
– Server, printer, or personal preference
*
– Configure the IP address information manually
– Requires additional administration
*
– Associate a specific MAC address with an IP address
82
Avoid manual configurations
* No DHCP server reservation
– You configure the IP address m___
* Difficult to change later - You must visit the device again
* A DHCP reservation is preferable
– Change the IP address from the D___ server
– You configure the IP address manually
*
– Change the IP address from the DHCP server
83
Automatic Private IP Addressing (APIPA)
* A link-local address - No forwarding by routers
* IETF has reserved 169.254.0.0 through 169.254.255.255
– First and last 256 addresses are reserved
– Functional block of169.254.1.0 through 169.254.254.255
* Automatically assigned
– Uses ____ to confirm the address isn’t currently in use
– First and last 256 addresses are reserved
– Functional block of 169.254.1.0 through 169.254.254.255
*
– Uses ARP to confirm the address isn’t currently in use
84
Domain Name System
* Translates human-readable names
into computer-readable IP addresses
– You only need to remember
www.ProfessorMesser.com
* Hierarchical
– Follow the P___
* Distributed database
– Many D___ servers
– 1__root server clusters (over 1,000 actual servers)
– Hundreds of generic top-level domains (gTLDs) -
.c__, .o___, .net, etc.
– Over 275 country code top-level domains (ccTLDs) -
.us, .ca, .uk, etc.
– Follow the path
*
– Many DNS servers
– 13 root server clusters (over 1,000 actual servers)
– Hundreds of generic top-level domains (gTLDs) -
.com, .org, .net, etc.
– Over 275 country code top-level domains (ccTLDs) -
.us, .ca, .uk, etc.
85
DNS Lookup
86
DNS Hierarchy
87
DNS records
* Resource Records (RR)
– The d____records of domain name services
* Over 30 record types
– IP a___, ce____, host alias names, etc.
* These are important and critical configurations
– Make sure to check your s__, backup, and t___!
- The database records of domain name services
*
– IP addresses, certificates, host alias names, etc.
*
– Make sure to check your settings, backup, and test!
88
Address records (A) (AAAA)
* Defines the IP address of a host
– This is the most popular q___
* A records are for IPv4 addresses
– Modify the A record to change the
host name to IP address r______
* AAAA records are for IPv6 addresses
– The same DNS server, different r____
– This is the most popular query
*
– Modify the A record to change the
host name to IP address resolution
*
– The same DNS server, different records
89
Mail exchanger record (MX)
-Determines the ____ name for the mail server - not an IP address; it’s a name
-Determines the host name for the mail server - this isn’t an IP address; it’s a name
90
91
Text records (TXT)
* Human-readable text information
– Useful p___information
– Was originally designed for
i__ information
* Can be used for verification purposes
– If you have access to the DNS,
then you must be the a___
of the d__n name
* Commonly used for email security
– External email servers v___
information from your DNS
– Useful public information
– Was originally designed for
informal information
*
– If you have access to the DNS,
then you must be the administrator
of the domain name
*
– External email servers validate
information from your DNS
92
93
Sender Policy Framework (SPF)
* SPF protocol
– A l__ of all servers authorized to send emails
for this d____n
– Prevent mail sp___
– Mail servers perform a check to see if incoming mail
really did come from an a____ host
– A list of all servers authorized to send emails
for this domain
– Prevent mail spoofing
– Mail servers perform a check to see if incoming mail
really did come from an authorized host
94
95
Domain Keys Identified Mail (DKIM)
* Digitally sign a domain’s outgoing mail
– Validated by ____ servers, not usually
seen by the ___ user
– The public key is in the DKIM ___ record
– Validated by mail servers, not usually
seen by the end user
– The public key is in the DKIM TXT record
96
DMARC
* Domain-based Message A__ , Re___,
and Co___ (DMARC)
– Prevent un___ email use (spoofing)
– An extension of SPF and DKIM
* You decide what external email servers should do with
emails that don’t validate through SPF or DKIM
– That policy is written into a D___ TXT record
– Accept all, send to spam, or r___ the email
– C____ reports can be sent to the email administrator
– Prevent unauthorized email use (spoofing)
– An extension of SPF and DKIM
*
– That policy is written into a DMARC TXT record
– Accept all, send to spam, or reject the email
– Compliance reports can be sent to the email administrator
97
Scope properties
* IP address range
– And excluded a___
* Subnet mask
* Lease durations
* Other scope options
– DNS s__
– Default g___
– VOIP s___
– And excluded addresses
*
– DNS server
– Default gateway
– VOIP servers
98
DHCP pools
* Grouping of IP addresses
– Each subnet has its ___ scope
– 192.168.1.0/24
– 192.168._.0/24
– 192.168._.0/24
– ...
* A scope is generally a single contiguous
pool of IP addresses
– DHCP exceptions can be made ____ of the scope
– Each subnet has its own scope
– 192.168.1.0/24
– 192.168.2.0/24
– 192.168.3.0/24
*
– DHCP exceptions can be made inside of the scope
99
DHCP address assignment
* Dynamic assignment
– DHCP server has a big ___ of addresses to give out
– Addresses are r____ after a lease period
* Automatic assignment
– Similar to d__ allocation
– DHCP server keeps a list of ___ assignments
– You’ll always get the same ___ address
– DHCP server has a big pool of addresses to give out
– Addresses are reclaimed after a lease period
*
– Similar to dynamic allocation
– DHCP server keeps a list of past assignments
– You’ll always get the same IP address
100
DHCP address allocation
* Address reservation
– A_____ configured
* Table of MAC addresses
– Each MAC address has a matching ____ address
* Other names
– Static DHCP _____, Static DHCP,
Static Assignment, IP Re___
– Administratively configured
*
– Each MAC address has a matching IP address
*
– Static DHCP Assignment, Static DHCP,
101
DHCP leases
* Leasing your address
– It’s only t___
– But it can seem permanent
* Allocation
– Assigned a lease t___ by the DHCP server
– A_____ configured
* Reallocation
– Reboot your computer
– Confirms the l____
* Workstation can also manually release the IP address
– Moving to another s____
– It’s only temporary
– But it can seem permanent
*
– Assigned a lease time by the DHCP server
– Administratively configured
*
– Reboot your computer
– Confirms the lease
*
– Moving to another subnet
102
DHCP renewal
* T1 timer
– Check in with the l___ DHCP server to r___
the IP address
– ___0% of the lease time (by default)
* T2 timer
– If the original DHCP server is down, try r___
with any DHCP server
– 87.5% of the lease time (7/8ths)
– Check in with the lending DHCP server to renew
the IP address
– 50% of the lease time (by default)
*
– If the original DHCP server is down, try rebinding
with any DHCP server
– 87.5% of the lease time (7/8ths)
103
LANs
* Local Area Networks
* A group of devices in the same broadcast domain
104
Virtual LANs
* Virtual Local Area Networks
* A group of devices in the same broadcast domain
* Separated logically instead of physically
105
Configuring VLANs
* Virtual Local Area Networks
– A group of devices in
the same broadcast d__
– A group of devices in
the same broadcast domain
106
VPNs
* Virtual Private Networks
– Encrypted (____) data traversing a public network
* Concentrator
– Encryption/decryption a___ device
– Often integrated into a f___
* Many deployment options
– Specialized cr___ hardware
– s___ -based options available
* Used with client software
– Sometimes built into the O_
– Encrypted (private) data traversing a public network
*
– Encryption/decryption access device
– Often integrated into a firewall
*
– Specialized cryptographic hardware
– Software-based options available
*
– Sometimes built into the OS
107
Client-to-Site VPNs
* On-demand access from a remote device
– Software connects to a VPN concentrator
* Some software can be configured as always-on
– Software connects to a VPN co____
108
109
Satellite networking
* Communication to a satellite
– Non-terrestrial communication
* High cost relative to terrestrial networking
– 50 Mbit/s down, 3 Mbit/s up are common
– Remote sites, difficult-to-network sites
* High latency
– 2_0 ms up, 2_0 ms down
– Starlink advertises 4- ms and is working on 2- ms
* High frequencies - 2 GHz
– Line of sight, rain f_
– Non-terrestrial communication
*
– 50 Mbit/s down, 3 Mbit/s up are common
– Remote sites, difficult-to-network sites
*
– 250 ms up, 250 ms down
– Starlink advertises 40 ms and is working on 20 ms
*
– Line of sight, rain fade
110
Fiber
* High speed data communication
– f___of light
* Higher installation cost than copper
– Equipment is more c___
– More difficult to r___
– Communicate over ___ distances
* Large installation in the WAN core
– Supports very high ___ rates
– SONET, wavelength division multi___
* Fiber is slowly approaching the premises
– Business and home use
– Frequencies of light
*
– Equipment is more costly
– More difficult to repair
– Communicate over long distances
*
– Supports very high data rates
– SONET, wavelength division multiplexing
*
– Business and home use
111
Cable broadband
* Broadband
– Transmission across multiple f___
– Different t___ types
* Data on the “cable” network
– DOCSIS (_____)
* High-speed networking
– 50 Mbits/s through 1___ + Mbit/s are common
* Multiple services
– Data, voice, video
– Transmission across multiple frequencies
– Different traffic types
*
– DOCSIS (Data Over Cable Service Interface
Specification)
*
– 50 Mbits/s through 1,000+ Mbit/s are common
*
– Data, voice, video
112
DSL
* ADSL (Asymmetric Digital Subscriber Line)
– Uses t___lines
* Download speed is faster than the upload speed
(asymmetric)
– 2__ Mbit/s downstream / 2_ Mbit/s upstream
are common
– ~10_____ foot limitation from the central office (CO)
– ___ speeds may be possible if closer to the CO
– Uses telephone lines
*
– 200 Mbit/s downstream / 20 Mbit/s upstream
are common
– ~10,000 foot limitation from the central office (CO)
– Faster speeds may be possible if closer to the CO
113
Cellular networks
* Mobile devices
– ____ phones
* Separate land into “cells”
– Antenna covers a cell with certain f___
* Tethering
– Turn your phone into a wireless r___
* Mobile hotspot
– s___ devices
– Use your phone for other things
– “Cell” phones
*
– Antenna covers a cell with certain frequencies
*
– Turn your phone into a wireless router
*
– Standalone devices
– Use your phone for other things
114
WISP
* Wireless Internet Service Provider
– Terrestrial internet access using w___
* Connect rural or remote locations
– Internet access for e___
* Many different deployment technologies
– Meshed 802.___
– ___G home internet
– p___ wireless
* Need an outdoor antenna
– Speeds can range from ~ 1__ to 1__ megabits per second
– Terrestrial internet access using wireless
*
– Internet access for everyone
*
– Meshed 802.11
– 5G home internet
– Proprietary wireless
*
– Speeds can range from ~ 10 to 1,000 megabits per second
115
LAN
* Local Area Network
– Local is r___
* A building or group of buildings
– High-speed c___
* Ethernet and 802.11 wireless
– Any slower and it isn’t “____”
– Local is relative
*
– High-speed connectivity
*
– Any slower and it isn’t “local”
116
WAN
* Wide Area Network
– Spanning the ___
* Generally connects LANs across a distance
– And generally much slower than the ____
* Many different WAN technologies
– Point-to-___ serial, MPLS, etc.
– Terrestrial and non-terrestrial
– Spanning the globe
*
– And generally much slower than the LAN
*
– Point-to-point serial, MPLS, etc.
– Terrestrial and non-terrestria
117
PAN
* Personal Area Network
– Your own ___ network
– B___ , IR, NFC
* Automobile
– a___ output
– Integrate with ___
* Mobile phone - Wireless headset
* Health
– w___ telemetry, daily reports
– Your own private network
– Bluetooth, IR, NFC
*
– Audio output
– Integrate with phone
*
– Workout telemetry, daily reports
118
MAN
* Metropolitan Area Network
– A network in your ___
– Larger than a LAN, often smaller than a ___
* Historically MAN-specific topologies
– M__ Ethernet
* Common to see government ownership
– They “own” the right-of-way
– A network in your city
– Larger than a LAN, often smaller than a WAN
*
– Metro Ethernet
*
– They “own” the right-of-way
119
SAN
* Storage Area Network (SAN)
– Looks and feels like a local storage ____
– B___-level access
– Very efficient reading and writing
* Requires a lot of bandwidth
– May use an isolated n___ and high-speed
network technologies
– Looks and feels like a local storage device
– Block-level access
– Very efficient reading and writing
*
– May use an isolated network and high-speed
network technologies
120
WLAN
* Wireless LAN
– 802.___ technologies
* Mobility
– Within a b___
– In a limited geographical ___
* Expand coverage with additional access points
– Downtown area
– Large c___
– 802.11 technologies
*
– Within a building
– In a limited geographical area
*
– Downtown area
– Large campus
121
Cable crimper
* “Pinch” the connector onto a wire
– Co___, twisted pair, fiber
* Connect the modular connector to
the Ethernet cable
– The final step of the p__
* Metal prongs are pushed through the insulation
– The plug is also permanently pressed
onto the cable s___
– Coaxial, twisted pair, fiber
*
– The final step of the process
*
– The plug is also permanently pressed
onto the cable sheath
122
Crimping best practices
* Get a good crimper
– And a good pair of electrician’s scissors / cable snips
– And a good wire s___
* Make sure you use the correct modular connectors
– Differences between wire t___
* Practice, practice, practice
– It won’t take long to become p___
– And a good pair of electrician’s scissors / cable snips
– And a good wire stripper
*
-
*
– It won’t take long to become proficient
123
WiFi analyzer
* Wireless networks are
incredibly easy to monitor
– Everyone “___” everything
* Purpose-built hardware or
mobile device add-on
– Specializes in 802.___ analysis
* Identify errors and interference
– Validate antenna l___ and installation
– Everyone “hears” everything
*
– Specializes in 802.11 analysis
*
– Validate antenna location and installation
124
Tone generator
* Where does that wire go?
– Follow the t____
* Tone generator
– Puts an a__ sound on the wire
* Inductive probe
– Doesn’t need to touch the c___
– Hear through a small s___
125
Using the tone generator and probe
* Easy wire tracing
– Even in ___ environments
* Connect the tone generator to the wire
– Modular jack, coax, punch down ___
* Use the probe to locate the sound
– The ___-tone sound is easy to find
– Even in complex environments
*
– Modular jack, coax, punch down connectors
*
– The two-tone sound is easy to find
126
Punch-down tools
* “Punch” a wire into a wiring block
– 6_ block, 1__ block, and others
* Can be tedious
– Every wire must be
individually p__
* Trims the wires during the punch
– Very e___ process
– 66 block, 110 block, and others
*
– Every wire must be
individually punched
*
– Very efficient process
127
Punch-down best-practices
* Organization is key
– Lots of w___,
– Cable ____
* Maintain your twists
– Your Category 6A cable will thank you later
* Document everything
– Written documentation, tags, graffiti
128
Cable testers
* Relatively simple
– c___ test
* Can identify missing pins
– Or crossed ___
* Not usually used for frequency testing
– Cross__, signal ___ , etc.
– Continuity test
*
– Or crossed wires
*
– Crosstalk, signal loss, etc.
129
Loopback plugs
* Useful for testing physical ports
– Or fooling your a___
* Serial / RS-232 (9 pin or 25 pin)
* Network connections
– E___, T1, Fiber
* These are not cross-over cables
– Or fooling your applications
*
– Ethernet, T1, Fiber
130
Taps and Port Mirrors
* Intercept network traffic
– Send a copy to a p___ capture device
* Physical taps
– Disconnect the l___ , put a tap in the middle
– Can be an a__ or p___ tap
* Port mirror
– Port r_ , SPAN (Switched Port ANalyzer)
– Software-based ____
– Limited f___, but can work well in a pinch
– Send a copy to a packet capture device
*
– Disconnect the link, put a tap in the middle
– Can be an active or passive tap
*
