MODULE 3-BASIC Addressing and OSI- MODULE 5 OSI LAYER.pdf

Full Transcript

MODULE 3: BASIC Addressing and OSI

IP Address (IPv4)

Every node in the computer network is identified with the help of IP address

Logical address

Because an IP address is assigned by a software or services, which makes it more
logical than fixed, unlike MAC addresses.

Can change based on the location of the device

IP Address is assigned by:

Manually – IP address is set manually by the user.
Dynamically – IP address that changes automatically.
Static – IP address that is constant.

STATIC IP Usage

Servers: Web servers, mail servers, game servers, or any server that needs to be
accessible by other devices at all times benefit from static IPs. This ensures they have a
permanent address that clients can always find.

Remote access: If you need to remotely access a device on your network, like a
security camera system or a computer you work from home on, a static IP makes it
easier to establish a secure connection.

Port forwarding: For applications that require incoming connections on specific ports
(e.g., online gaming), a static IP is often required for proper configuration of port
forwarding on your router.

Business needs: Businesses might use static IPs for various purposes, such as
managing VPN connections for remote employees or running internal applications that
require consistent accessibility.
 Device monitoring: If you have critical devices on your network that need constant
monitoring or management, a static IP simplifies the process of keeping track of them
and ensuring they're always online.

Represented in decimal and it has 4 octets

Octet: An octet is a fundamental unit of digital information in computing. It consists of
eight bits. Each bit can hold a value of either 0 or 1. (x.x.x.x)

Collection of four octets: When referring to four octets together, it often signifies a
specific data structure or value that uses 32 bits (4 x 8 bits).

0.0.0.0 to 255.255.255.255(32 bits)

255 is the maximum value representable by an 8-bit binary number.

An 8-bit binary number consists of 8 bits (0s or 1s). With 8 bits, you have 2 possibilities
for each bit (0 or 1), resulting in 2 ^ 8 (2 multiplied by itself 8 times) which equals 256
possible combinations. Since counting starts from 0, the usable
range goes from 0 to 255.

How to see an IP address on a real device?
Open terminal
Type “ ipconfig”
Hit enter
You’ll see IPv4

ANALOGY:
IP Address – Location of the city
MAC Address – Location of your house address

MAC addressing

MAC stands for media access control
Every node in the LAN is identified with the help of a MAC address.
Physical Address or Hardware Address.
Unique
Cannot be changed
 Assigned by the Manufacturer
Represented in Hexadecimal
Example: 70-20-84-00-ED-FC (48bits)
Separator: hyphen (-) period(.), and colon (:)

HEXAdecimal
Hex is a base-16 number system that uses digits 0-9 and letters A-F to represent
values.
48 bits: A MAC address is 48 bits. Each bit can be either 0 or 1, representing the most
basic unit of data in
a computer.
One hexadecimal digit can represent four binary bits (0s and 1s)
So, for a 48-bit MAC address, we need 12 hexadecimal digits
(48 bits / 4 bits/digit = 12 digits). This makes it more compact and easier to read than a
long string of 0s and 1s.

Putting it Together:
Imagine a MAC address with the following binary representation (just an example, not
a real MAC address)
00101101 01001010 10110100 11001001 00111111 10000001
Converted to hex format
0010 1101 0100 1010 1011 0100 1100 1001 0011 1111 1000 0001
2D4AB4C93F81
MAC ADDRESS: 2D-4A-BB-C9-3F-81
Much more readable for humans

Possible combinations
2 raise to 48
making it a very large number and providing a vast addressing space for network
devices
How to see MAC ADDRESS

Desktop Environment
Open terminal
Type “ ipconfig/all”
Hit enter

Smartphones
Open settings
Under about phone

Port Addresses

ANALOGY
Suppose you placed an order from a China shop in Lazada, and the parcel will reach
your apartment within 3 days.

How can you create an analogy of IP, MAC and port addresses here?

Derivations from analogy
Reaching your city = reaching our network (IP address)
Reaching your Apartment = Reaching the host (MAC address)
Reaching the right person/room = Reaching the right process (Port address)

Port address or port number
In a node many processes will be running.
Data which are sent/received must reach the right process
Every process in a node is uniquely identified using port numbers.
Port = communication endpoint

TYPES of PORT Number:
Fixed port numbers
Dynamic port Number (0 – 65535)
Examples:
Fixed Port Numbers: 25,80, etc.
Dynamic Port Numbers: 62414

How to see port number
Search in window: resmon
 Resmon stands for resource monitoring
Observe there are many port numbers
Try to open a lot of google chrome

3 key points to ponder
Before sending the data, any node must
Attach source IP address and destination IP address
Attach source MAC address and destination MAC address
Attach source port number and destination port number

Switching : Switching in computer network helps in deciding the best route for data
transmission if there are multiple paths in a larger network. One to one connection

Circuit switching : A dedicated path is established between the sender and receiver.

Established first before data transfer

Before data transfer, connection will be established first Example: Telephone network3
phases in circuit switching:

1. Connection establishment
2. Data transfer
3. Connection disconnection

Message switching
Store and forward mechanism.
Message is transferred as a complete unit and forwarded using store and forward
mechanism at the intermediary node

Packet Switching
The internet is a packet switched network.

Message is broken into individual chunks called as packets

Each packet is sent individually.

Each packet will have a source and destination IP address with sequence number.

Sequence number will help the receiver to
Reorder the packets
Detect missing packets
Send acknowledgement

Two approaches to packet switching
Datagram Approach
Virtual Circuit Approach

Datagram packet switching is also known as connectionless switching.
Each independent entity is called datagram

Datagram contains destination information and the intermediary devices uses this
information to forward datagrams to right destination

In the Datagram Packet switching approach, The path is not fixed?

Intermediate nodes take the routing decisions to forward the packet

Packet switching – virtual circuit approach

Virtual circuit switching is also known as connection – oriented switching.

In the case of virtual circuit switching, a preplanned route is established before the
messages are sent
Call request and call accept packets are used to establish the connection between
sender and receiver.

In this approach, the path is fixed for the duration of logical connection

Layering

Layering means decomposing the problem into more manageable components
(layers)

Advantages:
It provides more modular design
Easy to troubleshoot

Protocols
It is a set of rules that governs data communication.
The protocols in each layer governs the activities of the data communication

The osi model

OSI stands for Open System Interconnection

It is a model for understanding and designing a network architecture that is flexible,
robust and interoperable

Developed by the international standards for organization (ISO)

The OSI model is not a protocolIt is only a guideline and hence it is referred as OSI
reference model

The purpose of the OSI Model is to show how to facilitate communication between
different systems without requiring changes to the logic of the underlying hardware
and software.

The OSI model was never fully implemented
THE TCP/IP Model

TCP/IP – Transmission Control Protocol / Internet Protocol

The TCP/IP protocol suite was developed prior to the OSI Model

Therefore, the layers in the TCP/IP protocol suite do not exactly match those in the OSI
Model

TCP/IP is a hierarchical protocol made up of interactive modules, each of which
provides specific functionality

OSI LAYER

APPLICATION LAYER
PRESENTATION LAYER
SESSION LAYER
TRANSPORT LAYER
NETWORK LAYER
DATA LINK LAYER
PHYSICAL LAYER

Please do not throw sausage pizza away

Peer-to-Peer protocol

These rules tell them how to find each other, how to break down big files into smaller
chunks, and how to send those chunks back and forth safely.
Decentralized

MODULE 4 : OSI REFERENCE MODEL

Application Layer

It enables the user to access the network resources
Services provided by application layer
File transfer and access management (FTAM)
Mail Services
Directory services

Presentation Layer

It is concerned with the syntax and semantics of the information exchanged between
two systems

Services provided by presentation layer
Translation
Encryption
Compression

Session Layer

It establishes maintains and synchronized the interaction among communicating
devices

Services Provided by Session Layer
Dialog Control
Synchronization

MODULE 5:

Transport Layer

It is responsible for process-to-process delivery of the entire message.

Services provided by transport layer
Port Addressing
Segmentation and Reassembly
Connection control
End to End Flow Control
Error Control
Transport Layer - Port Addressing

It the process of communicating processes with the use of Port and process id number.

Transport Layer – Segmentation and Reassembly

Segmentation means dividing the message into smaller messages if it's big, then
reassemble it later on upon receiving.

Transport Layer - Connection Control
Connection oriented
Connectionless

Transport Layer – End to End Flow Control

Supposed PC 1 is sending in a high speed and PC2 is receiving in a slow speed,
End to End flow control takes place that speed should match to avoid data loss
This is end to end device

Transport Layer – Error Control

This is all about the transmission of data, making sure that there is no error could
happen and there are no lost messages

Network Layer

It is responsible for delivery of data from the original source to the destination network.

Services provided by Network Layer
Logical Addressing
Routing

Data Link Layer
It is responsible for moving data(frames) from one node to another node

Services Provided by Data Link Layer
 Framing
Physical Addressing
Flow Control
Error Control
Access Control

Data Link Layer - Framing

It groups the data (which is in binary) and we call it a frame

Data Link Layer – Physical Address

In this part MAC address is added.
Source MAC address
Destination MAC address

Data Link Layer – Flow Control

It should be matching in speed to avoid data packet lost.

Data Link Layer – Error Control

If the frame is lost or damaged it can be easily identified by the error control.

Data Link Layer – access control

In this way, suppose we have 3 computers sending frames at the same time, certain
links can't be used if some node is already accessing it.

By access control we avoid clashing or using the specific link.

It handles the access making sure that what device have access to the particular link or
line at a particular time

Physical Layer
 It is responsible for transmitting bits over a medium, it also provides electrical and
mechanical specifications

2 kinds of medium
Wired Medium
Wireless Medium

Physical Layer - Physical characteristics of the medium

Physical layer is responsible what time of medium is connected, is it wireless or wired?

Physical Layer – Representation of bits

This basically means encoding.
Encoding means how those zeroes and ones are converted into signal

Physical Layer – Data rate

Also known as transmission rate. It is the rate of how many number of bits sent each
second

Physical Layer – Synchronization of bits

This means that the clock between sender and the receiver must be synchronized

Analogy:Imagine you and your friend are trying to walk together in perfect step. To do
this, you both need to have a clear and shared sense of rhythm. If one of you walks to a
different beat, you'll quickly fall out of sync.

Physical Layer – Line Configuration

Point to Point Communication

Between two nodes we will only have one channel or medium, and that medium is
exclusively dedicated for the two nodes.
Point to Multipoint Communication
Where that common channel or a medium is shared by many nodes

Physical Layer – Physical Topology

These are basically the type of topologies

Physical Layer – Transmission Mode

Three types of transmission mode:
Simplex – data will flow in one direction
Half Duplex – data will flow in two direction but not at the same time
Full Duplex – Two devices can send and receive at the same time

Recap of OSI model

Application Layer – Grants access through the network by using applications with UI.

Presentation Layer – Layer that translates encrypt, decrypt and data compression.

Session Layer – Layer that manages and control connections.

Transport Layer – deals with process and port numbers ensures the transfer is smooth.

Network Layer – Deals with routing by the use of IP address, basically what is the best
path.

Data Link Layer – Node to node ensure all is well, and added Mac address.

Physical Layer – handles the transfer of frames (a set of bits) over a medium.

Computer Network Security

Network security is the protection of the underlying networking infrastructure from
unauthorized access, misuse, or theft. It involves creating a secure infrastructure for
devices, applications, users, and applications to work in a secure manner.
How does network security work?

Network security combines multiple layers of defenses at the edge and in the network.
Each network security layer implements policies and controls. Authorized users gain
access to network resources, but malicious actors are blocked from carrying out exploits
and threats.

Exploits

An exploit is a program, or piece of code, designed to find and take advantage of a
security flaw or vulnerability in an application or computer system, typically for malicious
purposes such as installing malware. An exploit is not malware itself, but rather it is a
method used by cybercriminals to deliver malware.

How do I benefit from network security?

Digitization has transformed our world. How we live, work, play, and learn have all
changed. Every organization that wants to deliver the services that customers and
employees demand must protect its network. Network security also helps you protect
proprietary information from attack. Ultimately it protects your reputation.

Types of network security

Firewall Security:

Purpose: Acts as a barrier between a trusted internal network and untrusted external
networks, controlling incoming and outgoing network traffic based on predetermined
security rules.

Types: Packet-filtering firewalls, Stateful inspection firewalls, Proxy firewalls,
Next-Generation Firewalls (NGFW).

Intrusion Detection and Prevention Systems (IDS/IPS):

Purpose: Monitors network traffic for suspicious activity and policy violations, with IDS
providing alerts and IPS actively preventing and mitigating threats.
Types: Network-based IDS/IPS, Host-based IDS/IPS.

Virtual Private Network (VPN):

Purpose: Secures data transmission over public networks by creating encrypted
connections (tunnels) between remote users or sites and the organization's network.

Types: Remote Access VPN, Site-to-Site VPN.

Anti-Malware and Anti-Virus Software:

Purpose: Protects systems from malware (e.g., viruses, worms, trojans, spyware) by
detecting, preventing, and removing malicious software.

Types: Signature-based detection, Heuristic-based detection, Behavioral-based
detection

Network Access Control (NAC):

Purpose: Regulates access to the network by enforcing security policies, ensuring that
only compliant devices (with up-to-date security patches, anti-virus, etc.) can connect.

Features: Authentication, authorization, and accounting (AAA), endpoint security
compliance.

Data Loss Prevention (DLP):

Purpose: Monitors and protects sensitive data to prevent unauthorized access, usage,
or transmission.

Types: Network DLP, Endpoint DLP, Cloud DLP.

Secure Email Gateway:

Purpose: Protects email communication by filtering out harmful content (e.g., spam,
phishing attacks, malware) and ensuring secure transmission of email data.

Features: Spam filtering, malware detection, encryption.
Web Security Gateway :

Purpose: Protects against web-based threats by controlling and monitoring user access
to websites and ensuring secure web transactions.

Features: URL filtering, malicious content detection, web application control.

Wireless Security

Purpose: Protects wireless networks from unauthorized access and attacks, ensuring
secure data transmission over Wi-Fi.

Standards: WPA2, WPA3, Wireless Intrusion Prevention Systems (WIPS).

Network Segmentation:

Purpose: Divides a network into smaller, isolated segments to contain security
breaches and limit lateral movement of attackers within the network.

Techniques: VLANs, subnets, micro-segmentation.

Security Information and Event Management (SIEM):

Purpose: Collects, analyzes, and correlates security event data from various sources to
detect and respond to security incidents in real-time.

Components: Log management, event correlation, real-time monitoring, incident
response.

Identity and Access Management (IAM):

Purpose: Manages user identities and access permissions to ensure that only
authorized users can access specific resources within the network.

Components: User authentication, single sign-on (SSO), multi-factor authentication
(MFA), role-based access control (RBAC).
SQL Injection

SQL injection is a type of cyber attack in which an attacker manipulates an SQL query
to execute malicious SQL code on a database. This attack exploits vulnerabilities in an
application's software, particularly where user inputs are not properly sanitized or
validated.

Brute Force

Brute forcing is a technique used in network security to gain unauthorized access to
systems, networks, or encrypted data by systematically attempting all possible
combinations of passwords, encryption keys, or other security credentials until the
correct one is found.