2.2 networking 101 Flashcards
What is a network
- Two or more computing devices connected together in some way to facilitate communication and exchange of data
- These connected devices connect together so they can communicate in a rapid, efficient, reliable and secure way
- The network may be hard wired or wireless, it may be two devices or a million, it may be two feet across the room or across all four corners of the globe
ARPANET
- 1969 – the advanced research projects agency (ARPA) had several papers that proposed revolutionary ideas at the time stating “in a few years men will be able to communicate more effectively through a machine than face to face”
- ARPA put out a request for proposal for bits to build a new kind of network – it was won by Bolt, Beranek, and Newman of Cambridge – their goal was to link 16 ARPA research centers across the US into a internetwork of computers
- This was an enclosed network and didn’t have anything approximating external connectivity – the idea of computer communication was also new, meaning the possibility that they could potentially harm each other wasn’t considered
- The idea at the time was not scalable – two computers could only communicate if they were connected via point-to-point links. This was problematic since if communication followed a direct path, if that path failed there was no alternative for communicating – it required a central coordinator that become a bottleneck as the network grew – it was limited in the size and volume of communication since it was sent as one package
- They realized that for it to be scalable the network had to be “self-healing” – errors had to be rectified without human intervention.
- TC/IP – a packet switched network:
o To fix the scalability problem Vint Cerf thought of a packet switching network in which large amounts of data are broken into small chunks called packets, each packet can find its own route to the destination. At that destination, the packets are reassembled back into the complete original data set. Cerf coined the term “inter” and “net” in 1974, calling it the network between networks.
o TCP is the transmission control protocol and is responsible for taking the data apart at the source and reassembling it at the destination.
o IP is the internet protocol and is responsible for moving the data from the source to the destination.
o There are now tens of thousands of protocols that make the internet do more things than before.
The internet and word wide web
- Definition of internet: A worldwide system of computer networks in which systems at any one location an potentially access information at any other location if they have permission to do so
- Definition of WWW: Tim Berners Lee – the WWW is a collection of protocols that run over the internet
o E.g., your PC is on your home network, the wepage of a company is on their server, you send a request for that webpage, that request traverses your network and goes across the internet, it then enters the company’s network and to the webserver, the webserver sends the web page back across its network, and across the internet, back to your network.
o The internet is the highway – it is an interconnected set of pathways over which vehicles can move data – there is always a primary path and several alternatives remember the self healing portion of the internet
o On a highway, there are several ways we can move cargo, one way is by using a truck – TCP/IP is then a truck that transports through the internet
o Just like a truck can move many types of cargo, TCP/IP moves a bunch of ones and zeros around to facilitate communication and exchange of information – the web is just one type of cargo, others are email, file transfer, voice over IP, video such as Netflix.
What are communication protocols
- What is a communication protocol, quite literally it is the rules governing communication on a network
- When a computer creates a packet of data, there are rules the computer must follow when formatting that packet
o Where you place the IP address and how long is it
o Every computer creates Ips the same way so they know what they are looking for
o A router is responsible for routing data packets to the destination IP address - The rules for formatting communication packets are found in the request for comment documents. These spell out how a protocol will work, how information is formatted, what it means, and how it will be processes.
o RFC 791 page 10 spells out exactly where the destination IP is and how it is formatted every single time in every packet created by every computer in the world – IP addresses always start at the 16th byte and will always be 4 bytes long - Successful communication works by using the same protocol – but this does not mean it’s secure. Many of the security problems we have today are a result of problems inherent with protocols.
Types of communication protocols
- network, application, security
- Network protocols: To move information around our networks. Example of network protocols include IP and TCP – it is related to the movement of bits of information from one place to another
- Application protocols: Movement of information between applications – for example the file transfer protocol or the hypertext transfer protocol (HTTP)
- Security protocols: Systems use to exchange information between securely, ensuring confidentiality and integrity – examples include VPNs and HTTPS and secure shell.
the open systems interconnect
- 7 layers
the tcp/ip stack - 4 laters
- picture on page 27
- The model used to explain networking – there are 7 layers:
o Physical layer: Handles transmission across the physical media – electrical pulses on wires, connection specifications between hardware, voltage and current and so on
o Data link layer: This layer connects the physical part of the network with the abstract part. It also creates headers and validation information that are attached to packets.
o Network layer: Describes how systems on different network segments find and communicate with each other. IP/Routing/ICMP
o Transport layer: Interacts with your information and prepares it for transmittal across the network – TCP/UDP/SSL/TLS protocols
o Session layer: Establishes and maintains sessions between systems
o Presentation layer: Ensures that the data sent from one side of the connection is received in a format that is useful to the other side
o Application layer: Interacts with the application to determine whether network services are required
Application is not software – application here refers to protocols with are down inside operating systems that makes networks work – Outlook is a software that interacts with OSI layer 7 protocol simple mail transfer protocol to send an email.
TCP/IP stack
* The OSI and TCP/IP stack do not map directly but perform the same functions – in this model there are four layers:
o Link – performs layer 1 and 2 in OSI
o Internet – performs layer 3 in OSI
o Transport – performs layer 4 and half of 5 (session synch)
o Application performs half of 5 (authentication), 6, and 7 in OSI
Anatomy of a packet - picture on page 28
- The internet and our internal networks are packet-switched this means that a large amount of data is broken into smaller packets and transmitted.
- For that to work a packet would require several elements
o It would need headers that take care of any and all addressing needs
o There might have to be information required for the desination to put the data back together again
o And of course we require the data itself - An ethernet packet consists of the following:
o Hardware header source/destination hardware addresses – same as layer 1 and 2 in OSI, and layer 1 in TCP/IP
o IP header source and destination IP addresses – the same as layer 3 in OSI and TCP/IP
o Transport header ports/ protocols HTTP or SMTP – the same as layer 4 and 5 in OSI and 4 in TCP/IP
o Data portion of the packet – the same as 4 in TCP/IP and 6,7 in OSI
Real life mail example vs internet example
Real life example:
* When you send an envelope you put a to and from location
* The postal service picks the letter from the mailbox
* The mailperson takes it to the local post office
* The local post office in your city sends it to a default location in the citywide centre
* That citywide centre sends it to a statewide sorting centre
* That statewide sends it to the regionwide sorting center
* They send it to the state of the recipient in statewide sorting center in dallas
* They send it to the citywide sorting center in Houston
* Who sends it to the local post office
* The truck driver gets it from there and makes sure it gets delivered to the house
* The only person who knows the actual address is the truck driver, every other step along the way is I don’t know where the address is but I know the next step
Internet example
* The home fiber sends it to the internet service provider
* Who sends it to their internet service provider
* Who then sends it to an internet router
* Who then routes it to the ISP that’s in charge of that customer
* That ISP delivers it
* At no point other than the recipients ISP does anyone else know the destination
* In both examples there were default locations until someone knew a better place to send it
Local area networks
- source system processes
- source gateway process
- intermediate gateway process
- destination gateway process
- response process
- pictures on page 29 and beyond
are interconnected via intermediate devices – meaning those three networks are subnetworks of a larger network encompassing the building
* Notice that there are three subnets, with three computers connected to each subnet, and all three subnets connected to a larger intermediate gateway network, which is then connected to the internet
- Source system process:
o The first question is the destination on this network = no
o Subnet1 system 2 cannot send the packet it wants directly so it knows to send it to a default location of Net1 gateway
o In order to do that subnet1 system 2 needs to know the physical location of net1 gateway so it shouts which device is net1 gateway, to which all other devices except netgateway 1 respond
o Subnet1 system 2 remembers this response for a period of time and transmits the data packet - Source gateway process:
o Net1 gateway asks do I know where the final destination is (net3 system 2) = no
o It then sends it to the default location of an intermediate gateway
o To do that it needs to know the physical location of the intermediate gateway and thus goes through the shouting process
o Note: there could be many intermediaries, the point is it would reroute to those intermediaries however many times as needed until it gets to its final destination. - Intermediate gateway process:
o The intermediate gateway asks – do I know where the subnet3 system 2 is = no – but I do know the net3 gateway is closer
o It goes through the shouting process until it transmits it the net3 gateway
o Note: each gateway decides where to send the packet based on its configuration – sometimes, it forwards based on where the destination is – if it does not know where the destination is, it has a default place to send it - Destination gateway process
o When the packet arrives at Net3 the gateway asks can I direct this to subnet3 system 2 = yes
o It goes through the shouting process then sends it to the appropriate destination
o Note: this is a highly repetitive process happening at roughly the speed of light - Response process:
o There may be one more step in the process if the destination needs to send a message back to the network sender
o If this is the case, it then repeats the process but this time backwards
o But in this case it doesn’t have to go through the shouting process since each device remembers each other for a period of time – if enough time passes then answers are forgotten – why aren’t they permanently remembered? Because what if a network is changed, it allows our network to be more dynamic
Logical vs physical data flow
- picture on page 31
- For network security you always look at two things – the logical and physical flow of data
- From the previous example subnet1 system 2 needed to communicate with subnet3 system 2 this is the logical flow of data – for that to happen it had to pass through lines and gateways, that is the physical flow of data.
- Network operators look at the logical flow of data to determine where traffic has to be able to flow on the network and the physical path to determine if it is stable
- Network security looks at logical and physical flow but from a different perspective. It looks at what type of communication is required – if we say that the destination is web server for example, so for logical flow it says this device can connect to system 2 for protocol HTTP and nothing more – for physical flow we can look at where we can put a control point, in this specific diagram the perfect spot is the intermediate gateway because it has to flow through there to go anywhere else. You can put a firewall for example at the intermediate gateway.
LAN vs wide area network
- X area network means X described the geophraphical area or type of network
- A local area network: covers a limited geographical area such as an office or building. It can consist of one or two smaller networks connected to the larger LAN. The smaller systems are called subnets or subnetworks. This is where network security people operate.
- A wide area network: covers a large geographical area such as a state or country. Usually a company uses a WAN to connect to LANs at various geographical solutions.
Common network hardware
- Network interface card: every device connected to a network has a NIC installed in it – this is what the network cable physically connects to on that device, or in wireless it is what sends and receives the signals that let you communicate. It handles the transmission and receipt of data across the network – and has a unique hardware address called a media access control address.
- Switch: the central device of a modern start topology network – it directs traffic to the recipient based on the hardware MAC – the switch maintains a list of the NIC MAC addresses for each node connected to it.
- Routers: forwards data from one network to the other based on the destinations IP address – the router has two interfaces connected and it works like this: when a piece of network traffic enters the router on one of its interfaces (receives) the router looks at the destination IP and the data leaves the router on another of its interface.
- When you build a network you connect the NIC to the switch, the switch to the router
Network hardware basics
- a star typology
- NIC addresses
- why do we use both an IP and MAC
- picture on page 32
- A star topology: the most common on internal networks today
o It occurs when all systems on the network connect to a central device, usually a switch
o You indirectly connect every node to every other node via that central device
o They work well when nodes are scattered points
o It is also easy to add nodes by plugging them into the central device
o The network goes down if the central device goes down - The NICs have two addresses:
o A physical MAC – is 6 bytes and represented in hex – separated by colon or dash
o And a logical IP – 4 bytes and is in dotted decimal notation – separated by period - Why do you need both an IP and MAC address:
o Let’s say we have subnet1 system 2 wants to connect with subnet3 system 2 it is going to send data to the IP 10.1.3.2
o Using that IP that is how the net1 gateway, intermediate gateway, and net3 gateway are going to decide where to send it to
o Because the packet has to go through intermediaries it cannot send it to the intermediaries IP addresses because it already has a destination IP address it wants to send it to
o So it thus makes the decision to where to forward the packet to intermediaries based on the destination IP but it forwards it to their hardware or MAC address
o In other words the data routes based on the IP address but the physical transmission happens via the MAC address
Address Resolution Protocol (ARP)
- picture on page 34
- We have seen both the ethernet (MAC address) and the IP addresses, these two numbers have no direct correlation and we need someway of discovering the other when we have one of those numbers – that’s what the ARP does
- In reality, the shouting process looks more like one system who shouts to other devices who has this IP address return your MAC – all devices get that but the one with that IP responds back with its MAC and so the transmission happens – but the system that sends also places that info in an ARP cache that it maintains in RAM – so it remembers the answer for some period of time
- Request and reply:
o Wireshark software used to analyze network traffic and packets
o Instead of shouting, which we been using instead it is a broadcast which is a byte address of all f’s
o Notice on the first screenshot on the top the sender says who was the IP of 0.1 and respond to MAC f:33 – notice it doesn’t have the target MAC it is just 0
o If you notice with the second screenshot at the bottom the sender is now the first target and it responds with it’s hardware address to the first hardware addresses request
o The answer is then placed into an ARP cache (a temporary storage location in memory) and is remembered for a certain amount of time
o This process happens at the speed of light