OSI
Model
Level Id
|
Name
|
Services
|
Protocol
|
7
|
Application Layer
|
User Apps, Network services
|
FTP, HTTP
|
6
|
Presentation Layer
|
Encryption, Character sets
|
SSL, TLS
|
5
|
Session Layer
|
Setup, Maintain, Tear-Down Sessions
|
RPC, Netbios
|
4
|
Transport Layer
|
Datagram Delivery, Port Numbers
|
TCA, UDP
|
3
|
Network Layer
|
Routing, Software Addresses
|
IP, ICMP
|
2
|
Data Link Layer
|
Media Access, Hardware Addresses (MAC)
|
ARP – Address resolution protocol used
to resolve MAC address using IP Address
|
1
|
Physical Layer
|
Cable, Connectors, Electrical Specs
|
1.
Network types
a.
Short-range network types
Type
|
Description
|
Example
|
PAN
|
Personal Area Network
|
Bluetooth connectivity or cable
connection between phone and laptop
|
LAN
|
Local Area Network
|
Network within a build or in single
floor in building. Generally contains
servers and multiple devices like laptops, desktop, printers etc
|
CAN
|
Campus Area Network
|
Interconnected LANs in a campus or a
corporate place
|
a.
Lone-range network types
Type
|
Description
|
Example
|
WAN
|
Wide Area Network
|
Connecting Different Regions and
connecting different type of networks like multiple LANs etc
|
MAN
|
Metropolitan Area Network
|
Its somewhere between LAN and WAN,
spans within small regions ex.. 2 offices in a city etc
|
GAN
|
Global Area Network
|
Connecting globe might even use
satellite
|
2.
Transmission Media Access – is basically how a
network device gets an access to transmission medium in first place to send
something via air or wire
a.
IEEE 802.3 – Ethernet
i.
Listen before transmitting i.e. if some other
ethernet device is already transmitting then it does not want to transmit again
to avoid packet collision
b.
IEEE 802.5 – Token Ring
i.
Signle token is transmitted with data and
destination ip address populated
ii.
No token collision possible as its sent to
targeted destination only
c.
WI-FI
i.
Devices needs to associate with access points
3.
Network Hardware
a.
Modem – Modulator / demodulator
i.
Initially used to connect digital devices
(computers) to analog devices (Public Telephone)
ii.
Its now used (likes DSR modems or Cable Modems)
more high speed digital communications
b.
NIC – Network Interface Card
i.
Unique 48-bit MAC address is burned within the
card
ii.
This is required for a network connectivity so
all devices will have MAC address to identify the physical device that can
connect to network
iii.
Every network method like Bluetooth or Wifi etc
their version of NIC card
c.
Repeater – Regenerate Signals
i.
Allows extend the signals.. for example if we
have a wire of 100m signal then we can connect to repeater to extend the signal
to another 100m i.e. total 200m
d.
Hub
i.
OSI Model Layer 1 (Physical Layer)
ii.
Central wiring location for wired network
devices
iii.
All hub ports see traffic for all ports
connected
iv.
High possible of packet collision
e.
Bridge
i.
OSI Model Layer 2 (Data Link Layer)
ii.
Bridge remembers which MAC Addresses are plugged
in to which ports
iii.
Different network segments are plugged into
bridge ports
iv.
Therefore,
it knows which network segments to transmit for which MAC Address
v.
Can also act as repeater
f.
Network Switch
i.
Advanced to Bridge.. I.e. used for same purpose
as Bridge but are latest
ii.
OSI Model Layer 2 (Data Link Layer)
iii.
Can also support OSI Model Layer 3 (Network
Layer)
iv.
Unlike Bridges, individual devices are plugged
into individual switches
v.
MAC address are remembered in a table in memory
on switch. The reason for this is that
when we got a transmission from other device in the switch to a target device
plugged into same switch then switch does not forward the frame to every device
instead it know which physical port the destination MAC address Is plusgged
into.
vi.
VLANs can be configured between or within switch
g.
Network Router
i.
OSI Model Layer 3 (Network Layer)
ii.
Route network transmission to other networks
iii.
Its should have multiple NICs
iv.
Its will have Routing table .. just like SWITCH
remembers MAC address, Network Router has routing table to remember networks
h.
Wireless Access Point
i.
If a wireless access point allows not just
connection between wireless devices but also allows wireless devices to connect
to wired networks ex.. internet , then its called Wireless Router
4.
Port Numbers
a.
OSI Model Layer 4 addresses
b.
Uniquely identify the network service
c.
Well known ports like (SMPT 25) are 0-1023
d.
Host + Port Number = Socket. A network socket is
an internal endpoint for sending and receiving data at a single point in the
computer network
5.
DNS (Domain Name Services)
a.
Name looks up service, listens for client
request on UDP port 53
b.
A records is Name to IPv4 resolve record
c.
AAAA records is Name to IPv6 resolve record
d.
CNAME is alias name for hostname with A record
e.
PRT – Reverse look up record
f.
MX – Mail Exchange server records
g.
NS – Name Server record
h.
SOA – Start of Authority
6.
DHCP (Dynamic Host Configuration protocol)
a.
Allows centrally configure IP addresses
b.
DHCP process start with DHCP discovery process,
this happens when new device initially connects to network using DHCP the device
will send DHCP Broadcast request
c.
DHCP Server responds with DHCP offer which
client device can DHCP Request to use
d.
Finally, DHCP servers sends DHCP Acknowledgement
means finally IP got assigned
7.
IP (Internet Protocol)
a.
Responsible for routing packets from one network
to other
b.
OSI Model Layer 3 (Network Layer)
c.
Routers are applicable to IP
d.
IPv4 and IPv6
e.
Configuring IPv4
i.
IP Addresses are expresses in decimal format
(octed number) but its really are binary digits.. total 32 bits.. 8+8+8+8
ii.
Subnet mask identifies the network in ip
address. For example if subnet mask is 255.255.255.0 mean first 3 portions in
IP address identifies the network.. i.e. for example ip address 161.10.1.129, 161.10.1
is a network so this value will be same for all devices in that network and 129
identifies the device
iii.
Default gateway is like exit door.. this is how we transmit packets
outside the network.. it must be on our
subnet i.e. 161.10.1.[1-255].. 0 is
reserved for router or network address.
f.
IPv6
i.
Its 128 bits long, expresses in hexa decimal
form (0-9 and A-F)
8.
TCP and UDP
a.
OSI Model Layer 4 (Transmission Layer)
b.
TCP (Transmission Control Protocol)
i.
Considered more reliable
ii.
Its connection oriented i.e. there has to be 3
way (1-SYN, 2-SYN,ACK , 3 SYN, ACK, ACK) packet exchange established a session
before any packet transmitted between 2 devices that communicate using TCP
iii.
Every single packet must be acknowledged
c.
UDP (User Datagram protocol)
i.
Unreliable
ii.
Connection less, No 3 way hand shake mechanism
iii.
No acknowledgement
iv.
Stateless
v.
Fast and less overhead
9.
ICMP (Internet Control Message Protocol)
a.
Reports host and network problems
b.
Commands like ping, tracert etc use ICMP
10.
ARP (Address Resolution Protocol)
a.
Only used in local area network
b.
Resolves IP address to MAC address
11.
CND (Computer Network Defect layers)
a.
CND Layer 1 includes technologies like Firewall,
VPN etc.. SIEMS (Security Information and Event Management System),
IDS(Intrusion detection system), Public Key Infrastructre (PKI)
b.
CND Layer 2 is operations, this includes
baselining normal activity , monitoring, Periodic Security Assements, Security
Incident Analysis
c.
CND Layer 3 is people, this is the weakest link…
including trainings, user authentication including multi factor authentication
No comments:
Post a Comment