Chapter 2: Networking

DHCP Server (Dynamic Host Configuration Protocol)

Automatically assigns IP addresses and other network configuration settings to devices on a network

File Share

A networked service that allows multiple users or devices to access and share files over a network. It enables centralized storage and retrieval of data for easier collaboration.

Print Server

Connects a printer to the network to provide printing services for all network devices

Mail Server

Responsible for storing incoming mail and sending outgoing mail

Syslog

A standard for message logging that allows diverse systems to send their logs to a consolidated location

Web Server

◦Designed to respond to browser requests using standard web browsing protocols like HTTP/HTTPS.

◦Web pages are built with HTML or HTML5 and stored on the server.

◦Pages can be static or built dynamically in real-time.

Authentication Server

◦Often referred to as an AAA (Authentication, Authorization, and Accounting) server, acting as the login server.

◦Manages login authentication to resources through centralized management.

Database Servers

Used for database table storage, saving information in columns and rows, similar to a spreadsheet

NTP Servers (Network Time Protocol)

Crucial for ensuring the time of day is consistent across all network devices

Spam Gateways

Designed to stop spam emails at the gateway before they reach the user

All-in-one Security Appliance

Also known as a next-generation firewall or Unified Threat Management (UTM) device, or a web security gateway

Load Balancers

Distribute the load across multiple servers, making the process invisible to the end-user

Proxy Server

An intermediary server that sits between a client (like your web browser) and a destination server (like a website). Its main job is to forward requests and responses between the two.

SCADA / ICS (Supervisory Control and Data Acquisition System / Industrial Control Systems)

Refers to large-scale, multi-site industrial control systems

Legacy Systems

An expression for "really old" systems that may still be "really important"

Embedded Systems

These are purpose-built devices where you typically don't have direct access to the operating system.

IoT Devices (Internet of Things)

Refers to a wide range of devices that connect to the internet.

CNAME Record

Act as an alias, mapping one domain name to another

IEEE Standards

A set of protocols that define wireless networking technologies

Wireless Frequencies

◦Common frequencies for 802.11 technologies are 2.4 GHz, 5 GHz, and 6 GHz

Wireless Channels

Segments of the wireless frequency band that are used for communication in wireless networks

Wireless Bandwidth

It determines the amount of data that can be transmitted over the wireless network at any given time

Bluetooth

Technology standard for short-range communication that allows devices to communicate over short distances

RFID (Radio-frequency identification)

A wireless technology that uses electromagnetic fields to automatically identify and track tags attached to objects

NFC (Near Field Communication)

A set of standards for devices to communicate by bringing them close

802.11a

• 5 GHz

• 54 Mbps speed

• Higher speed, less interference than 2.4 GHz, but shorter range

802.11b

• 2.4 GHz

• 11 Mbps

• Greater range than 802.11a, widely used in early Wi-Fi devices

802.11g

• 2.4 GHz

• 54 Mbps

• Combined speed of 802.11a with range of 802.11b; backwards compatible

802.11n

• 2.4 GHz & 5 GHz

• 600 Mbps

• Introduced MIMO (multiple antennas), higher speeds, better coverage

802.11ac

• 5 GHz

• 3.5 Gbps

• MU-MIMO, beamforming, wider channels, big speed boost

802.11ax

• 2.4 GHz & 5 GHz

• 9.6 Gbps

• OFDMA, better performance in crowded networks, more efficiency

802.11be

• 2.4 GHz, 5Ghz, 6 GHz

• 46 Gbps+

• 320 MHz channels, multi-link operation, massive speed jump

The overlap problem

To avoid interference, we use channels that don’t touch each other:

• Channel 1

• Channel 6

• Channel 11

FTP (File Transfer Protocol)

-tcp/20 (active mode data) and tcp/21 (control)

-Transfers files between systems

SSH (Secure Shell)

-tcp/22

-Encrypted communication link

Telnet (Telecommunication Network)

-tcp/23

-Login to devices remotely

SMTP (Simple Mail Transfer Protocol)

tcp/25

A standard protocol used for sending emails between servers

DNS (Domain Name System)

-tcp/53

-Converts names to IP addresses

DHCP (Dynamic Host Configuration Protocol)

-udp/67 and udp/68

-Automated configuration of IP address, subnet mask and other options

HTTP (Hypertext Transfer Protocol)

-tcp/80

-Communication in the browser

HTTPS (Hypertext Transfer Protocol Secure)

-tcp/443

-An extension of the HTTP protocol that encrypts data transferred between a web browser and a server

POP3 (Post Office Protocol version 3)

-tcp/110

-Receive emails from an email server

IMAP4 (Internet Message Access Protocol v4)

-tcp/143

-Includes management of email inbox from multiple clients

SMB (Server Message Block)

-tcp/445

-Direct SMB communication over TCP without the NetBIOS transport

LDAP (Lightweight Directory Access Protocol)

-tcp/389
-Store and retrieve information in a network directory

RDP (Remote Desktop Protocol)

-tcp/3389
-Remote Desktop Services on many Windows versions

NetBIOS session

tcp/139 and tcp/137

Cable Crimpers

Tools used to "pinch" (crimp) a connector onto a wire (coaxial, twisted pair, fiber)

Wi-Fi Analyzer

A hardware-based tool for Wi-Fi analysis that avoids operating system limitations

Tone Generator / Inductive Probe

-A tone generator puts an analog sound onto a wire

-An inductive probe can hear this sound without touching the copper, typically through a small speaker

Punch Down Tool

Used to "punch" a wire into a wiring block (like 66 block or 110 block)

Cable Testers

Relatively simple tools that perform a continuity test and provide a simple wire map

Loopback Plugs

Useful for testing physical ports or "fooling" applications into thinking a connection exists

Taps (Physical) / Port Mirrors (SPAN)

◦Methods used to intercept network traffic and send a copy to a packet capture device.

◦Physical taps require disconnecting the link and inserting the tap in the middle; they can be active or passive.

◦Port mirroring is a software-based tap that offers limited functionality but can be effective.

Satellite Networking

Non-terrestrial communication to a satellite

Fiber (Internet Connection)

◦Provides high-speed data communication using frequencies of light.

◦Has higher installation costs and is more difficult to repair than copper, but can communicate over long distances.

◦Used extensively in the WAN core for very high data rates and is increasingly appearing at premises for business and home use.

Cable (Internet Connection)

Broadband technology transmitting across multiple frequencies for different traffic types

DSL (Digital Subscriber Line)

Uses existing telephone lines for internet connectivity

Cellular Networks

◦Used by mobile devices ("cell" phones).

◦Land areas are divided into "cells," each covered by an antenna using specific frequencies.

◦Allows for tethering (turning your phone into a wireless router) and standalone mobile hotspots.

WISP (Wireless Internet Service Provider)

Provides terrestrial internet access using wireless technologies

LAN (Local Area Network)

◦A network covering a building or group of buildings with high-speed connectivity.

◦Commonly uses Ethernet and 802.11 wireless technologies.

WAN (Wide Area Network)

◦A network spanning a large geographical area, often connecting LANs across distances.

◦Generally much slower than a LAN.

◦Includes various technologies like point-to-point serial and Multiprotocol Label Switching (MPLS), both terrestrial and non-terrestrial.

PAN (Personal Area Network)

◦Your own private network for connecting devices over a short range

◦Uses technologies like Bluetooth, IR, and NFC

MAN (Metropolitan Area Network)

A network that covers a city, larger than a LAN but often smaller than a WAN

SAN (Storage Area Network)

A specialized, high-speed network that provides servers with access to a shared pool of storage devices

WLAN (Wireless LAN)

A Wireless Local Area Network that uses 802.11 technologies

IPv4 Addresses (Internet Protocol version 4)

◦A Layer 3 address in the OSI model.

◦Supports approximately 4.29 billion addresses.

◦Public IPv4 addresses are unique on the Internet.

◦Network Address Translation (NAT) is used to manage scalability issues due to the limited number of addresses.

Private IP Address Ranges

A private IP address is in the range of 10.x.x.x, 172.16-31.x.x, or 192.168.x.x.

IPv6 Addresses (Internet Protocol version 6)

◦A 128-bit address, allowing for a very large number of addresses to address the scalability issues of IPv4.

◦The first 64 bits are generally the network prefix (/64), and the last 64 bits are the host network address.

◦DNS is very important for IPv6 due to its complexity.

IP Address

◦Every device on a network needs a unique IP address.

Subnet Mask (e.g., 255.255.255.0)

◦Used by the local device to determine what subnet it's on.

◦Usually not transmitted across the network.

Default Gateway (e.g., 192.168.1.1)

The router that allows you to communicate outside of your local subnet

Static IP Addressing

An IP address that does not change without manual configuration

APIPA (Automatic Private IP Addressing)

Uses the range 169.254.0.0 through 169.254.255.255

DHCP Reservations

◦A method to assign a "static" IP address dynamically from the DHCP server.

◦Involves associating a specific MAC address with a particular IP address in the DHCP server's configuration.

◦Preferred over disabling DHCP and manually configuring the IP address on the device itself for better management.

Local host IP

127.0.0.1

Routers

◦Their primary function is to route traffic between IP subnets.

◦They make forwarding decisions based on IP addresses.

◦Often connect diverse network types (LAN, WAN, copper, fiber).

◦Routers integrated into switches are sometimes called "layer 3 switches".

Switches

◦Perform bridging in hardware using Application-Specific Integrated Circuits (ASICs).

◦Forward traffic based on the data link (MAC) address.

◦Form the core of an enterprise network with many ports and features, including optional Power over Ethernet (PoE) capabilities.

Multilayer Switch

A type of switch that includes routing functionality.

Unmanaged Switches

◦Offer very few configuration options (essentially "plug and play").

◦Have a fixed configuration with no VLAN support and minimal integration with other devices.

◦Typically have a low price point.

Managed Switches

◦Provide VLAN support and can interconnect with other switches via 802.1Q.

◦Offer features like traffic prioritization (e.g., voice traffic), redundancy support (for uptime), and port mirroring (to capture packets).

◦Allow external management using protocols like SNMP (Simple Network Management Protocol).

Access Point (AP)

◦Not a wireless router (a wireless router combines a router and an AP).

◦Functions as a bridge that extends the wired network onto the wireless network.

◦Makes forwarding decisions based on MAC addresses.

Patch Panels

◦A combination of punch-down blocks and RJ-45 connectors.

◦Cable runs from desks are permanently punched down to the panel, while connections from the patch panel to a switch can be easily changed using patch cables.

Firewalls

◦Filters traffic by port number (OSI layer 4), and some can filter based on the application.

◦Can encrypt traffic entering or leaving the network to protect traffic between sites.

◦Can also proxy traffic as a security technique.

◦Most firewalls can act as layer 3 devices (routers) and typically sit at the ingress/egress (entry/exit) of the network.

PoE (Power over Ethernet)

◦Technology that provides power on an Ethernet cable, allowing one wire for both network connectivity and electricity.

◦Useful for devices like phones, cameras, and wireless access points in difficult-to-power areas.

◦Power can be provided directly by the switch (endspans) or by an inline power injector (midspans).

PoE, PoE+, PoE++

◦Different standards for Power over Ethernet, offering increasing wattage:

▪PoE: Original specification, provides 15.4 watts DC power.

▪PoE+: Provides 25.5 watts DC power.

▪PoE++: Provides 51 W (Type 3) or 71.3 W (Type 4) DC power, with Type 4 supporting PoE with 10GBASE-T.

◦It's important to compare the power requirements of a device with the switch's support.

Cable Modem

◦Uses broadband transmission across multiple frequencies for different traffic types.

◦Carries data on the "cable" network using DOCSIS (Data Over Cable Service Interface Specification).

◦Provides high-speed networking, commonly up to 1 Gigabit/s or more, and supports multiple services like data, voice, and video.

DSL Modem (Digital Subscriber Line)

◦Uses telephone lines for internet connectivity.

◦Characterized by asymmetric speeds, where download speed is faster than upload speed (e.g., 200 Mbit/s downstream / 20 Mbit/s upstream).

◦Has a limitation of approximately 10,000 feet from the central office (CO), with faster speeds possible closer to the CO.

ONT (Optical Network Terminal)

◦Used in Fiber to the Premises deployments.

◦Connects the ISP fiber network to the internal copper network at the demarcation point (demarc).

◦Serves as the line of responsibility where one side belongs to the ISP and the other to your network.

NIC (Network Interface Card)

◦The fundamental network device; every device on a network (computers, servers, printers, etc.) has one.

◦Specific to the network type (e.g., Ethernet, WAN, wireless).

◦Often built into the motherboard or added as an expansion card.

◦Contains the Media Access Control (MAC) address, which is a unique hardware designation.

LAN (Local Area Network)

A group of devices in the same broadcast domain

VLAN (Virtual Local Area Network)

A group of devices in the same broadcast domain, created virtually rather than physically.

VPN (Virtual Private Network)

Provides encrypted (private) data communication traversing a public network

Client-to-site VPN

Provides on-demand access from a remote device, where software connects to a VPN concentrator

Site-to-site VPN

◦An "always-on" VPN connection.

◦Often, firewalls act as the VPN concentrators for these connections.

Resource Records (RR)

Database records of the domain name services

A Records (Address Records)

◦Defines the IPv4 address of a host.

◦This is the most popular query type for DNS.

AAAA Records

Defines the IPv6 address of a host

CNAME Records (Canonical Name Records)

Establishes a name as an alias of another, canonical name. Allows one physical server to host multiple services

MX Records (Mail Exchanger Record)

Determines the host name for the mail server