Networking+ 4.2

CIAT - California Institute of Applied Technology - Networking Fundamentals, Part 1 (CIS 102 A)

  • Class Timing: Begins at 6 PM (Pacific Time)

Week 4 Night 2 Agenda

  • Review of Week 4 Night 1 topics.

  • Major Topics for Week 4 Night 2:

    • Encryption

    • Remote Access Protocols

    • Troubleshooting Network Issues

    • Lab 4.2

Week 4 Night 1 Review

  • Key Protocols Covered:

    • Protocols Summary:

    • Transmission Control Protocol (TCP)

    • User Datagram Protocol (UDP)

    • Internet Protocol (IP)

    • Internet Control Message Protocol (ICMP)

    • Address Resolution Protocol (ARP)

    • Neighbor Discovery

    • Ethernet

    • Remote Access Protocols

    • Troubleshooting Network Issues

Chapter 4 - Objectives

  • By the end of this session, students should be able to:

    1. Secure network data and transmissions using encryption protocols.

    2. Configure remote access connections between devices.

    3. Employ various TCP/IP utilities for network discovery and troubleshooting.

Encryption Protocols

  • Purpose of Encryption Protocols:

    • Use a mathematical code or cipher to scramble data into an unreadable format until reversed.

  • Evaluation Benchmarks:

    • Confidentiality

    • Integrity

    • Availability

    • These form the CIA triad, a standard security model.

Key Concepts in Encryption

  • Key Definition:

    • A random string of characters embedded within original data bits.

    • Generates a unique data block referred to as ciphertext.

    • Creation follows specific rules (algorithms).

  • Types of Encryption:

    • Private Key Encryption (Symmetric Encryption): Uses a single, shared key known only to the sender and receiver.

    • Public Key Encryption (Asymmetric Encryption): Data encrypted with a private key, decrypted with a related public key. The public key is shared through a third-party source.

Digital Certificates and Key Management

  • Digital Certificate:

    • A file that contains the user's verified identification information and their public key.

    • Issued by a Certificate Authority (CA).

  • Public-Key Infrastructure (PKI): How CAs associate public keys with particular entities.

  • Authentication: Ensures that an entity is who they claim to be.

  • Self-Signed Certificate: Signed by the entity creating it, not by a trusted CA.

Key Management Lifecycle

  • Key Management: Standards enforced throughout a key’s life cycle.

    • Includes:

    • Key creation

    • Storage

    • Access

    • Backup

    • Rotation

    • Revocation

    • Deletion

    • Managed permissions for key operations can be defined.

  • Keys and certificates are crucial for establishing secure conversations; specific protocols enable encryption processes.

SSL and TLS

  • Secure Sockets Layer (SSL) and Transport Layer Security (TLS):

    • Methods of encrypting TCP/IP transmissions.

    • SSL/TLS Connection: A unique session established with an agreement on encryption techniques.

    • Defined by an SSL handshake protocol allowing for authentication, similar to TCP's three-way handshake.

Internet Protocol Security (IPsec)

  • IPsec: An encryption protocol suite defining rules for:

    • Encryption

    • Authentication

    • Key management for TCP/IP transmissions.

  • IPsec Sequence:

    1. Initiation

    2. Key management

    3. Security negotiations

    4. Data transfer

    5. Termination

Troubleshooting Tools

Netstat

  • Command Purpose: Displays active TCP connections, listening ports, Ethernet statistics, IP routing tables, and protocol statistics.

    • Command Variants:

    • netstat -a: Displays all active connections and listening ports.

    • netstat -b: Shows executables creating each connection.

    • netstat -e: Provides Ethernet statistics.

    • netstat -n: Displays addresses and ports numerically.

    • netstat -o: Shows owning process IDs for connections.

    • netstat -r: Displays the routing table.

    • netstat -s: Shows statistics for protocols like TCP, UDP, ICMP, and IP.

Tracert

  • Command Functionality: Diagnoses network issues by tracing the packet path to a destination.

    • Uses ICMP echo requests with increasing Time-To-Live (TTL) values.

  • Command Variants:

    • tracert <hostname>: Basic usage to trace route.

    • tracert -d <hostname>: Prevents hostname resolution for speed.

    • tracert -h <maximumhops> <hostname>: Sets maximum hops (default is 30).

    • tracert -w <timeout> <hostname>: Sets timeout in milliseconds.

    • tracert -4 <hostname>: Forces IPv4 usage.

    • tracert -6 <hostname>: Forces IPv6 usage.

Tcpdump

  • Tool Overview: A free, command-line packet sniffer for Linux and Unix OSs.

    • Captures network traffic.

    • Must use sudo or be logged in as root to access.

Solving Common Network Problems

  • Duplicate MAC Addresses:

    • When two devices have the same MAC address, it poses a security risk known as MAC spoofing.

    • Switches can detect duplication and produce error messages, requiring configuration updates for affected devices.

  • Hardware Failure:

    • Issues may arise from failed routers, switches, NICs, etc.

    • Suggested Solutions:

    • Use tracert or traceroute for diagnostics.

    • Target nodes for precise feedback instead of the malfunctioning device.

    • Utilize ping to test for connectivity.

Lab 4.2 - Hands-On Exercise

  • Topics Covered:

    • Subnetting

    • Virtual LANs (VLANs)

    • Routing

    • Layer 3 Switching

    • VLAN Trunks

Remote Access Protocols

  • Definition: Services allowing clients to connect and log in to remote servers, LANs, or WANs.

  • Requires a Remote Access Server (RAS). Types of remote access include:

    • Remote file access

    • Terminal emulation (remote virtual computing)

    • VPN (Virtual Private Network)

Remote File Access

  • File Transfer Protocol (FTP): Utility for transferring files in plaintext.

    • Alternative Technologies:

    • FTPS: FTP with added SSL/TLS protection.

    • SFTP: Secure FTP using encryption and authentication based on SSH.

    • TFTP: Simple FTP without authentication or security.

Terminal Emulators

  • Definition: Software allowing control of one computer from another.

  • Examples:

    • Command-line: Telnet, SSH.

    • GUI-based: Remote Desktop (Windows), VNC, LogMeIn Rescue, TeamViewer.

Telnet and SSH

  • Telnet: Allows remote control with limited security; no encryption.

  • SSH (Secure Shell): Collection of protocols offering secure authentication and encryption, protecting against unauthorized access, data interception, IP spoofing, and DNS spoofing.

Remote Desktop Protocol (RDP)

  • RDP: A Microsoft protocol for remote computer control.

  • Out-of-Band Management (OOBM): Dedicated connections for network administration.

  • Management Options:

    • Attached remote management cards to network devices.

    • Use centralized management via devices such as console servers.

Virtual Private Networks (VPN)

  • Definition: Protects online privacy by creating an encrypted tunnel for internet traffic, securing data from interception and making tracking difficult.

  • Types:

    • Site-to-Site

    • Client-to-Site

    • Client-to-Client

    • Host-to-Host

VPN Tunneling Protocols

  • Purpose: To securely carry various data types through VPNs via encapsulation.

  • Common Protocols:

    • L2TP: Layer 2 Tunneling Protocol for VPN support.

    • GRE: Generic Routing Encapsulation by Cisco for encapsulation of diverse protocols.

    • OpenVPN: Open-source protocol for secure connections.

    • IKEv2: Part of IPsec for establishing secure communication channels.

Summary of Key Learning Outcomes

  • Students should now be able to:

    1. Describe the functions of core TCP/IP protocols.

    2. Secure network data and transmissions using encryption protocols.

    3. Configure remote access connections between devices.

    4. Employ various TCP/IP utilities for network discovery and troubleshooting.