MODULE 3-BASIC Addressing and OSI- MODULE 5 OSI LAYER.pdf
Document Details
Uploaded by LaudableHoneysuckle813
Tags
Full Transcript
MODULE 3: BASIC Addressing and OSI IP Address (IPv4) Every node in the computer network is identified with the help of IP address Logical address Because an IP address is assigned by a software or services, which makes it more logical than fixed, unlike MAC addresses....
MODULE 3: BASIC Addressing and OSI IP Address (IPv4) Every node in the computer network is identified with the help of IP address Logical address Because an IP address is assigned by a software or services, which makes it more logical than fixed, unlike MAC addresses. Can change based on the location of the device IP Address is assigned by: Manually – IP address is set manually by the user. Dynamically – IP address that changes automatically. Static – IP address that is constant. STATIC IP Usage Servers: Web servers, mail servers, game servers, or any server that needs to be accessible by other devices at all times benefit from static IPs. This ensures they have a permanent address that clients can always find. Remote access: If you need to remotely access a device on your network, like a security camera system or a computer you work from home on, a static IP makes it easier to establish a secure connection. Port forwarding: For applications that require incoming connections on specific ports (e.g., online gaming), a static IP is often required for proper configuration of port forwarding on your router. Business needs: Businesses might use static IPs for various purposes, such as managing VPN connections for remote employees or running internal applications that require consistent accessibility. Device monitoring: If you have critical devices on your network that need constant monitoring or management, a static IP simplifies the process of keeping track of them and ensuring they're always online. Represented in decimal and it has 4 octets Octet: An octet is a fundamental unit of digital information in computing. It consists of eight bits. Each bit can hold a value of either 0 or 1. (x.x.x.x) Collection of four octets: When referring to four octets together, it often signifies a specific data structure or value that uses 32 bits (4 x 8 bits). 0.0.0.0 to 255.255.255.255(32 bits) 255 is the maximum value representable by an 8-bit binary number. An 8-bit binary number consists of 8 bits (0s or 1s). With 8 bits, you have 2 possibilities for each bit (0 or 1), resulting in 2 ^ 8 (2 multiplied by itself 8 times) which equals 256 possible combinations. Since counting starts from 0, the usable range goes from 0 to 255. How to see an IP address on a real device? Open terminal Type “ ipconfig” Hit enter You’ll see IPv4 ANALOGY: IP Address – Location of the city MAC Address – Location of your house address MAC addressing MAC stands for media access control Every node in the LAN is identified with the help of a MAC address. Physical Address or Hardware Address. Unique Cannot be changed Assigned by the Manufacturer Represented in Hexadecimal Example: 70-20-84-00-ED-FC (48bits) Separator: hyphen (-) period(.), and colon (:) HEXAdecimal Hex is a base-16 number system that uses digits 0-9 and letters A-F to represent values. 48 bits: A MAC address is 48 bits. Each bit can be either 0 or 1, representing the most basic unit of data in a computer. One hexadecimal digit can represent four binary bits (0s and 1s) So, for a 48-bit MAC address, we need 12 hexadecimal digits (48 bits / 4 bits/digit = 12 digits). This makes it more compact and easier to read than a long string of 0s and 1s. Putting it Together: Imagine a MAC address with the following binary representation (just an example, not a real MAC address) 00101101 01001010 10110100 11001001 00111111 10000001 Converted to hex format 0010 1101 0100 1010 1011 0100 1100 1001 0011 1111 1000 0001 2D4AB4C93F81 MAC ADDRESS: 2D-4A-BB-C9-3F-81 Much more readable for humans Possible combinations 2 raise to 48 making it a very large number and providing a vast addressing space for network devices How to see MAC ADDRESS Desktop Environment Open terminal Type “ ipconfig/all” Hit enter Smartphones Open settings Under about phone Port Addresses ANALOGY Suppose you placed an order from a China shop in Lazada, and the parcel will reach your apartment within 3 days. How can you create an analogy of IP, MAC and port addresses here? Derivations from analogy Reaching your city = reaching our network (IP address) Reaching your Apartment = Reaching the host (MAC address) Reaching the right person/room = Reaching the right process (Port address) Port address or port number In a node many processes will be running. Data which are sent/received must reach the right process Every process in a node is uniquely identified using port numbers. Port = communication endpoint TYPES of PORT Number: Fixed port numbers Dynamic port Number (0 – 65535) Examples: Fixed Port Numbers: 25,80, etc. Dynamic Port Numbers: 62414 How to see port number Search in window: resmon Resmon stands for resource monitoring Observe there are many port numbers Try to open a lot of google chrome 3 key points to ponder Before sending the data, any node must Attach source IP address and destination IP address Attach source MAC address and destination MAC address Attach source port number and destination port number Switching : Switching in computer network helps in deciding the best route for data transmission if there are multiple paths in a larger network. One to one connection Circuit switching : A dedicated path is established between the sender and receiver. Established first before data transfer Before data transfer, connection will be established first Example: Telephone network3 phases in circuit switching: 1. Connection establishment 2. Data transfer 3. Connection disconnection Message switching Store and forward mechanism. Message is transferred as a complete unit and forwarded using store and forward mechanism at the intermediary node Packet Switching The internet is a packet switched network. Message is broken into individual chunks called as packets Each packet is sent individually. Each packet will have a source and destination IP address with sequence number. Sequence number will help the receiver to Reorder the packets Detect missing packets Send acknowledgement Two approaches to packet switching Datagram Approach Virtual Circuit Approach Datagram packet switching is also known as connectionless switching. Each independent entity is called datagram Datagram contains destination information and the intermediary devices uses this information to forward datagrams to right destination In the Datagram Packet switching approach, The path is not fixed? Intermediate nodes take the routing decisions to forward the packet Packet switching – virtual circuit approach Virtual circuit switching is also known as connection – oriented switching. In the case of virtual circuit switching, a preplanned route is established before the messages are sent Call request and call accept packets are used to establish the connection between sender and receiver. In this approach, the path is fixed for the duration of logical connection Layering Layering means decomposing the problem into more manageable components (layers) Advantages: It provides more modular design Easy to troubleshoot Protocols It is a set of rules that governs data communication. The protocols in each layer governs the activities of the data communication The osi model OSI stands for Open System Interconnection It is a model for understanding and designing a network architecture that is flexible, robust and interoperable Developed by the international standards for organization (ISO) The OSI model is not a protocolIt is only a guideline and hence it is referred as OSI reference model The purpose of the OSI Model is to show how to facilitate communication between different systems without requiring changes to the logic of the underlying hardware and software. The OSI model was never fully implemented THE TCP/IP Model TCP/IP – Transmission Control Protocol / Internet Protocol The TCP/IP protocol suite was developed prior to the OSI Model Therefore, the layers in the TCP/IP protocol suite do not exactly match those in the OSI Model TCP/IP is a hierarchical protocol made up of interactive modules, each of which provides specific functionality OSI LAYER APPLICATION LAYER PRESENTATION LAYER SESSION LAYER TRANSPORT LAYER NETWORK LAYER DATA LINK LAYER PHYSICAL LAYER Please do not throw sausage pizza away Peer-to-Peer protocol These rules tell them how to find each other, how to break down big files into smaller chunks, and how to send those chunks back and forth safely. Decentralized MODULE 4 : OSI REFERENCE MODEL Application Layer It enables the user to access the network resources Services provided by application layer File transfer and access management (FTAM) Mail Services Directory services Presentation Layer It is concerned with the syntax and semantics of the information exchanged between two systems Services provided by presentation layer Translation Encryption Compression Session Layer It establishes maintains and synchronized the interaction among communicating devices Services Provided by Session Layer Dialog Control Synchronization MODULE 5: Transport Layer It is responsible for process-to-process delivery of the entire message. Services provided by transport layer Port Addressing Segmentation and Reassembly Connection control End to End Flow Control Error Control Transport Layer - Port Addressing It the process of communicating processes with the use of Port and process id number. Transport Layer – Segmentation and Reassembly Segmentation means dividing the message into smaller messages if it's big, then reassemble it later on upon receiving. Transport Layer - Connection Control Connection oriented Connectionless Transport Layer – End to End Flow Control Supposed PC 1 is sending in a high speed and PC2 is receiving in a slow speed, End to End flow control takes place that speed should match to avoid data loss This is end to end device Transport Layer – Error Control This is all about the transmission of data, making sure that there is no error could happen and there are no lost messages Network Layer It is responsible for delivery of data from the original source to the destination network. Services provided by Network Layer Logical Addressing Routing Data Link Layer It is responsible for moving data(frames) from one node to another node Services Provided by Data Link Layer Framing Physical Addressing Flow Control Error Control Access Control Data Link Layer - Framing It groups the data (which is in binary) and we call it a frame Data Link Layer – Physical Address In this part MAC address is added. Source MAC address Destination MAC address Data Link Layer – Flow Control It should be matching in speed to avoid data packet lost. Data Link Layer – Error Control If the frame is lost or damaged it can be easily identified by the error control. Data Link Layer – access control In this way, suppose we have 3 computers sending frames at the same time, certain links can't be used if some node is already accessing it. By access control we avoid clashing or using the specific link. It handles the access making sure that what device have access to the particular link or line at a particular time Physical Layer It is responsible for transmitting bits over a medium, it also provides electrical and mechanical specifications 2 kinds of medium Wired Medium Wireless Medium Physical Layer - Physical characteristics of the medium Physical layer is responsible what time of medium is connected, is it wireless or wired? Physical Layer – Representation of bits This basically means encoding. Encoding means how those zeroes and ones are converted into signal Physical Layer – Data rate Also known as transmission rate. It is the rate of how many number of bits sent each second Physical Layer – Synchronization of bits This means that the clock between sender and the receiver must be synchronized Analogy:Imagine you and your friend are trying to walk together in perfect step. To do this, you both need to have a clear and shared sense of rhythm. If one of you walks to a different beat, you'll quickly fall out of sync. Physical Layer – Line Configuration Point to Point Communication Between two nodes we will only have one channel or medium, and that medium is exclusively dedicated for the two nodes. Point to Multipoint Communication Where that common channel or a medium is shared by many nodes Physical Layer – Physical Topology These are basically the type of topologies Physical Layer – Transmission Mode Three types of transmission mode: Simplex – data will flow in one direction Half Duplex – data will flow in two direction but not at the same time Full Duplex – Two devices can send and receive at the same time Recap of OSI model Application Layer – Grants access through the network by using applications with UI. Presentation Layer – Layer that translates encrypt, decrypt and data compression. Session Layer – Layer that manages and control connections. Transport Layer – deals with process and port numbers ensures the transfer is smooth. Network Layer – Deals with routing by the use of IP address, basically what is the best path. Data Link Layer – Node to node ensure all is well, and added Mac address. Physical Layer – handles the transfer of frames (a set of bits) over a medium. Computer Network Security Network security is the protection of the underlying networking infrastructure from unauthorized access, misuse, or theft. It involves creating a secure infrastructure for devices, applications, users, and applications to work in a secure manner. How does network security work? Network security combines multiple layers of defenses at the edge and in the network. Each network security layer implements policies and controls. Authorized users gain access to network resources, but malicious actors are blocked from carrying out exploits and threats. Exploits An exploit is a program, or piece of code, designed to find and take advantage of a security flaw or vulnerability in an application or computer system, typically for malicious purposes such as installing malware. An exploit is not malware itself, but rather it is a method used by cybercriminals to deliver malware. How do I benefit from network security? Digitization has transformed our world. How we live, work, play, and learn have all changed. Every organization that wants to deliver the services that customers and employees demand must protect its network. Network security also helps you protect proprietary information from attack. Ultimately it protects your reputation. Types of network security Firewall Security: Purpose: Acts as a barrier between a trusted internal network and untrusted external networks, controlling incoming and outgoing network traffic based on predetermined security rules. Types: Packet-filtering firewalls, Stateful inspection firewalls, Proxy firewalls, Next-Generation Firewalls (NGFW). Intrusion Detection and Prevention Systems (IDS/IPS): Purpose: Monitors network traffic for suspicious activity and policy violations, with IDS providing alerts and IPS actively preventing and mitigating threats. Types: Network-based IDS/IPS, Host-based IDS/IPS. Virtual Private Network (VPN): Purpose: Secures data transmission over public networks by creating encrypted connections (tunnels) between remote users or sites and the organization's network. Types: Remote Access VPN, Site-to-Site VPN. Anti-Malware and Anti-Virus Software: Purpose: Protects systems from malware (e.g., viruses, worms, trojans, spyware) by detecting, preventing, and removing malicious software. Types: Signature-based detection, Heuristic-based detection, Behavioral-based detection Network Access Control (NAC): Purpose: Regulates access to the network by enforcing security policies, ensuring that only compliant devices (with up-to-date security patches, anti-virus, etc.) can connect. Features: Authentication, authorization, and accounting (AAA), endpoint security compliance. Data Loss Prevention (DLP): Purpose: Monitors and protects sensitive data to prevent unauthorized access, usage, or transmission. Types: Network DLP, Endpoint DLP, Cloud DLP. Secure Email Gateway: Purpose: Protects email communication by filtering out harmful content (e.g., spam, phishing attacks, malware) and ensuring secure transmission of email data. Features: Spam filtering, malware detection, encryption. Web Security Gateway : Purpose: Protects against web-based threats by controlling and monitoring user access to websites and ensuring secure web transactions. Features: URL filtering, malicious content detection, web application control. Wireless Security Purpose: Protects wireless networks from unauthorized access and attacks, ensuring secure data transmission over Wi-Fi. Standards: WPA2, WPA3, Wireless Intrusion Prevention Systems (WIPS). Network Segmentation: Purpose: Divides a network into smaller, isolated segments to contain security breaches and limit lateral movement of attackers within the network. Techniques: VLANs, subnets, micro-segmentation. Security Information and Event Management (SIEM): Purpose: Collects, analyzes, and correlates security event data from various sources to detect and respond to security incidents in real-time. Components: Log management, event correlation, real-time monitoring, incident response. Identity and Access Management (IAM): Purpose: Manages user identities and access permissions to ensure that only authorized users can access specific resources within the network. Components: User authentication, single sign-on (SSO), multi-factor authentication (MFA), role-based access control (RBAC). SQL Injection SQL injection is a type of cyber attack in which an attacker manipulates an SQL query to execute malicious SQL code on a database. This attack exploits vulnerabilities in an application's software, particularly where user inputs are not properly sanitized or validated. Brute Force Brute forcing is a technique used in network security to gain unauthorized access to systems, networks, or encrypted data by systematically attempting all possible combinations of passwords, encryption keys, or other security credentials until the correct one is found.