Understanding the OSI Model and Network Protocols

Physical Layer

1-electrical and physical components

Data Link Layer

2- provides connection with host on same network

Network Layer

3- Provides connection to the host on different networks

Transport Layer

4- provides transparent transfer of data- TCP & UDP

Session Layer

5- controls dialogue between two computers

Presentation Layer

6- Provides a context for communication between layers. Encryption and decryption, compression. EX: firewalls, gateways

Application Layer

7- Network Applications- mail, web, file transfer ex: PCs, phones

Bits

Data at Layer 1

Frame

Data at Layer 2

Packet

Data at Layer 3

Segment

Data at Layer 4

Upper Layer Data

Data at Layers 5-7

Hub

Layer 1- Physical layer- Broadcast data to all connected devices.

Switch

Layer 2, Data Link layer, Connect devices within a network and enable efficient data using MAC address

Router

Layer 3, network layer- Route to the best path for a network

Domain Name System (DNS)

Translates domain names into IP addresses so you can get on the internet. Also called white pages

Subnet Mask

32 bit number that distinguishes the network address and the host address within an IP address

Default Gateway

Network node that acts as a forwarding host between a user's network and other networks.

Private/Internal IP Class A

10.0.0.0-10.255.255.255

Private/Internal IP Class B

169.254.0.0-169.254.255.255

Private/Internal IP Class C

192.168.0.0-192.168.255.255

Firewall

Protects a computer network by monitoring and regulating incoming traffic and outgoing network traffic.

Ipconfig

Finds the IP address of the pc or whatever you are working on

Tracert

Provides a map of how data on the internet travels from its source to its destination

Nslookup

Domain name server lookup

Ping

Determines whether a particular host is reachable across the internet.

TCP

Transmission Control Protocol- Secure- exchange messages over the network

UDP

User Datagram Protocol- Unsecure- best effort connections and no flow controls, faster than TCP but not guaranteed

Localhost IPv4

127.0.0.1

Localhost IPv6

0000:0000:0001

IPv4 Advantages

Simplicity, widespread use, established infrastructure.

IPv4 Disadvantages

Address exhaustion, network complexity, security

IPv6 Advantages

Larger address space, simplified network config, improved security.

IPv6 Disadvantages

Adoption Changes, complexity in transition, learning curve

Decimal Subnet Mask

255.255.255

Binary Subnet Mask

11.111111111

Network ID

The amount of 255s in a subnet mask

Host ID

Everything after the network ID in an IP address

Class A Default Subnet Mask

255.0.0.0

Class B Default Subnet Mask

255.255.0.0

Class C Default Subnet Mask

255.255.255.0

Managed Switch

Allows more control over network, can switch on/off

Unmanaged Switch

Plug and play, can't manage it.

TCP Handshake

Three step process to establish connection. SYN> SYN-ACK > ACK

SYN

Synchronize- send packet to ensure connection

SYN-ACK

Synchronize-Acknowledgement- server receives SYN and responds with SYN-ACK to inform the receipt

ACK

Client receives SYN-ACK and sends ACK back to server to acknowledge this transfer

Common Port 25/252/465/587

SMTP simple mail transfer Protocol, TCP

Common Port 80/443

HTTP/ HTTPS- hypertext transfer protocol, TCP

Common Port 110/995

POP3- post office protocol, TCP

Common Port 143/993

IMAP-internet message access Protocol, TCP & UDP

Common Port 23

Telnet- TCP

Common Port 20,21

FTP- TCP

Common Port 53

DNS, TCP & UDP

Common Port 3389

Remote desktop protocol, RDP, TCP

Well-Known Ports

0-1023- assigned by Internet assigned Numbers Authority

Registered Ports

1024-49151- managed by IANA, design for specific applications that are not Well-known ports

Dynamic/Private Ports

49152-65535-not assigned by IANA, typically used for temp connections

Inbound Ports

Used for incoming connections from the outside

Outbound Ports

Used for outgoing connections

DHCP

Dynamic Host Configuration Protocol- automatically assigns IP addresses within a network

Bit

0 or 1

Byte

Normally 8 bits, can represent 256 values (0-255)

MAC Address

Physical address on the NIC, uniquely identified on a local network

Firewall Purpose

Security device that controls incoming & outgoing traffic in a network by rule based filtering

Host Based Firewalls

Installed on an individual host

Network Based Firewalls

Protect entire network

Virus

Malicious program that attaches itself to files or programs

Trojan Horse

Disguised as legit software, it is actually a virus

Spyware

Software that spies on a user's activity

Logic Bomb

Piece of code that is triggered by a specific action

Ransomware

Virus that attacks for money

Cyber Threats

Malware- malicious software

Denial of Service (DOS)

Overloading a network with traffic to shut it down

Security Breaches

Someone gains access to unauthorized places

Web Attacks Hijacking

Session control of a web app, allows them to install malware and see their data

DNS Poisoning

Corrupt the DNS Cache, users can be directed to fraudulent websites

Insider Threats

Security risks posed by workers of the company

SQL Injections

Code injection technique where attackers insert malicious code

Zero-Day

Attack unknown vulnerabilities that has no patch/fix

Man-In-The-Middle

Attack between a user and the internet

Risk Assessment

Process of analyzing risks

Network Address Translation (NAT)

Mapping IP addresses between public and private networks. Used to protect private networks from public networks

White Hats

Ethical hackers improving security

Black Hats

Malicious hackers

Gray Hats

Hackers operating in a morally ambiguous space

Sneakers

Ethical hackers testing systems

Ethical Hackers

Professionals hired to secure systems

Script Kiddies

Inexperienced hackers

Hacktivist

Use hacking to promote political views or social changes

Cybercriminals

Engage in stealing illegal info for money

Nation State

Government affiliated hackers who do cyber espionage

Cyberterrorists

Non-state actors using cyber attacks to instill political fear

Competitor Threat

Actions taken by rival competitors in the industry to steal the company's info/plans

Cyberwarfare

Nation-state that tries to achieve military strength by cyber attacks

Address Resolution Protocol (ARP)

Maps a device's IP address to its MAC Address