Networking Basics - Network Security

Xin

Networking Basics
Xinapse
iExploit.org

Introduction
Networks typically consist of workstations (or clients) and sometimes servers. The workstations will
typically be running day to day or business applications depending on the enviroment, such as Excel,
quickbooks or powerpoint. These clients will usually be running client operating systems such as Windows XP,
Windows 7 or Ubuntu Linux for example. In addition to these workstations the network will contain a server,
this typically has larger memory and specialised server operating system and software such as Windows
Server 2008 or Centos. These servers provide services that the clients can use such as file storage,
print services, database services web services, email services and huge amounts more. Servers tend to
have higher system specs that standard workstations as they are required to carry out more tasks, they
also should be reliable as most of the time they are left running 24/7. Users require more skill in
setting up and installing the server and services than a simple workstation.
Networks can be connected wirelessly via radio waves for example, or wired via ethernet cables, cables
are usually copper but newer fibre optic cables are being made.

On a network every device and computer connected is called a host, this can be the server, the workstation,
the printer and the file server. Networks also contain a large array of devices such as routers, switches
and firewalls but we will go into this later.

Types of Network
It is important you are familliar with basic terms used in networking such as LAN, local area network,
these are usually situated in a single building, office, or even floor. WANs Wide Area Networks are
networks accross larger spaces of land, connecting LANs together so data can be transferred, the
internet is an example of a WAN. Finally a less common type is a MAN metropolitan area network, which
is rarely used anymore is a network for a single city or area.
You must also know the difference between the internet, intranet and extranet. The internet uses
protocols such as HTTP, FTP, SMTP which can be connected to by anyone connected to the internet. The
intranet uses the same protocols but is a school, college, or company network access only these can't
be accessed by people not connected to the intranet. The extranet is where someone who isn't in the
company or college can connect to the intranet.

Peer to Peer Networks
Peers to peer networks don't have a server that the clients can connect to, in peer to peer networks
all workstations are on a equal level as each other and are used in home networks and sometimes small
businesses. These are the cheapest and easiest to setup. Theses are usually only used for small networks
of 10 and below.

Server Based Networks
Here a central server is used that can store files and run services for the clients. These are used for
businesses and larger networks where they have the funds and the skill to set one up. As i mentioned
earlier the servers can run
- Print servers
- File servers
- Web servers
- Email servers
- User directory services
- Database servers
and a lot more. These have larger memory, multiple harddrives, faster buses, more powerful and multiple
CPU's and faster equipment.

chroniccommand

Nice :)
I think I can help expand upon this. Do you mind if I PM you an addon of this paper with some of my contributions to it?

Xin

Yeah sure, i have more im adding i just wanted to get this one up.

chroniccommand

said:

Yeah sure, i have more im adding i just wanted to get this one up.

Alright. I'll get working on
TCP
UDP
Sockets
IP's
OSI model

Tell me if you're working on any of those.

chroniccommand

[--------------------------------]
Addon by Chroniccommand
[--------------------------------]

0x01 OSI Model:
To understand the underlying framework of networking, you must understand the OSI Model. First of all, OSI stands for Open Systems Interconnection. The OSI model is the standard communication system used in networking. It works on layers, layers 1 - 7. I will list the layers and explain them here.

First layer - Physical layer
The first layer is the physical layer. The physical layer deals with actual connections. It deals with things such as cables and communicating between them. The first layer mainly deals with connecting and terminating connections. But it doesn't exactly do the virtual connection. When I say it deals with connections, it deals with the communication between mediums. An example of a medium would be a router.
Subsection: What is a router?
So what exactly is a router? Well a router is just a computer. Yes, a computer. Like the one you're on now. Except it's stripped. It has a minimal Operating System, like BSD. It doesn't have a GUI or anything fancy, nor does it have a monitor. It's a piece of hardware that deals with communicating. Now when you connect to another system, your computer sends a socket to the router. The router uses the physical layer to connect from your computer to the router for computer B. So it would look a little something like this:
|----------|
| Socket A |
|----------|

chroniccommand

[--------------------------------]
Addon by Chroniccommand
[--------------------------------]

0x01 OSI Model:
To understand the underlying framework of networking, you must understand the OSI Model. First of all, OSI stands for Open Systems Interconnection. The OSI model is the standard communication system used in networking. It works on layers, layers 1 - 7. I will list the layers and explain them here.

First layer - Physical layer
The first layer is the physical layer. The physical layer deals with actual connections. It deals with things such as cables and communicating between them. The first layer mainly deals with connecting and terminating connections. But it doesn't exactly do the virtual connection. When I say it deals with connections, it deals with the communication between mediums. An example of a medium would be a router.
Subsection: What is a router?
So what exactly is a router? Well a router is just a computer. Yes, a computer. Like the one you're on now. Except it's stripped. It has a minimal Operating System, like BSD. It doesn't have a GUI or anything fancy, nor does it have a monitor. It's a piece of hardware that deals with communicating. Now when you connect to another system, your computer sends a socket to the router. The router uses the physical layer to connect from your computer to the router for computer B. So it would look a little something like this:


|----------|
|Packet A  |   Contains header info etc
|----------|
     |
     |
     |                                        |-----------|
|----------|                                  |Computer B |
|Router A  |                                  |-----------|
|----------|      
     |                                             |
     |                                             |
     |                                             |
|----------------------------------|               |
|Passed through physical data layer| --------&gt; |----------|
|----------------------------------|           |Router B|
                                               |----------|

So computer A sends packet A which contains all info. It is then sent to router A. Router A just sends this packet through the physical data layer to Router B(Of course hitting other places in the process). Router B then identifies the packet and sends it to Computer B.

Anyway, back to the OSI model.
Layer 2 - Data link layer
The second layer in the OSI model is the Data link layer. This layer will transfer data and correct errors in the Physical layer. That's all I'll go into for now with this layer.

Layer 3 - Network layer
The third layer is the Network layer. This layer is another layer I won't go too much into. This layer is responsible for transporting data sequences. It also fragments and re-assembles network connections.

Layer 4 - Transport layer
The fourth layer is the Transport layer. This layer is mainly responsible for transfer of data between end users. TCP and UDP both use this layer, so know this layer!

Layer 5 - Session layer
This layer is the fifth layer. The Session layer. It manages and terminates connections between both remote and local connections. It is also responsible for closing connections in TCP.

Layer 6 - Presentation layer

chroniccommand

[--------------------------------]
Addon by Chroniccommand
[--------------------------------]

0x01 OSI Model:
To understand the underlying framework of networking, you must understand the OSI Model. First of all, OSI stands for Open Systems Interconnection. The OSI model is the standard communication system used in networking. It works on layers, layers 1 - 7. I will list the layers and explain them here.

First layer - Physical layer
The first layer is the physical layer. The physical layer deals with actual connections. It deals with things such as cables and communicating between them. The first layer mainly deals with connecting and terminating connections. But it doesn't exactly do the virtual connection. When I say it deals with connections, it deals with the communication between mediums. An example of a medium would be a router.
Subsection: What is a router?
So what exactly is a router? Well a router is just a computer. Yes, a computer. Like the one you're on now. Except it's stripped. It has a minimal Operating System, like BSD. It doesn't have a GUI or anything fancy, nor does it have a monitor. It's a piece of hardware that deals with communicating. Now when you connect to another system, your computer sends a socket to the router. The router uses the physical layer to connect from your computer to the router for computer B. So it would look a little something like this:


|----------|
|Packet A  |   Contains header info etc
|----------|
     |
     |
     |                                        |-----------|
|----------|                                  |Computer B |
|Router A  |                                  |-----------|
|----------|      
     |                                             |
     |                                             |
     |                                             |
|----------------------------------|               |
|Passed through physical data layer| --------&gt; |----------|
|----------------------------------|           |Router B|
                                               |----------|

So computer A sends packet A which contains all info. It is then sent to router A. Router A just sends this packet through the physical data layer to Router B(Of course hitting other places in the process). Router B then identifies the packet and sends it to Computer B.

Anyway, back to the OSI model.
Layer 2 - Data link layer
The second layer in the OSI model is the Data link layer. This layer will transfer data and correct errors in the Physical layer. That's all I'll go into for now with this layer.

Layer 3 - Network layer
The third layer is the Network layer. This layer is another layer I won't go too much into. This layer is responsible for transporting data sequences. It also fragments and re-assembles network connections.

Layer 4 - Transport layer
The fourth layer is the Transport layer. This layer is mainly responsible for transfer of data between end users. TCP and UDP both use this layer, so know this layer!

Layer 5 - Session layer
This layer is the fifth layer. The Session layer. It manages and terminates connections between both remote and local connections. It is also responsible for closing connections in TCP.

Layer 6 - Presentation layer
The sixth layer is the Presentation layer. This is another layer I won't go much into. All you really need to know is that it will provide independence from representation of data.

Layer 7 - Application layer
The seventh and last layer of the OSI model is the Application layer. This layer will interact with network applications. That's the basics of that layer.

If you'd like to learn more about the OSI model, google :p

0x02 Sockets
So what exactly is a socket? You probably hear it all the time when you're talking about networking. But do you really know what it is? Well basically a socket allows bi-directional communication flow. Basically it looks kinda like this.
Socket 1 <------------> Socket 2

Sockets will let you send packets information over a network and lets you communicate. Sockets are the base of every networking application. There are 2 main socket types, and one not so known one.
[list=1]
[*]TCP(Transmission Control Protocol)[/*:m]
[*]UDP(User Datagram Protocol)[/*:m]
[*]Raw[/*:m][/list:o]
Now to go over the basics of each.
TCP
TCP stands for Transmission Control Protocol. TCP is part of the IP(Internet Protocol) suite. TCP provides a reliable connection using sockets. With a TCP socket, data is sent as one continuous stream until the connection is closed. This is more reliable than UDP, as UDP sends data less reliably and it may even lose parts of the message.

UDP
UDP stands for User Datagram Protocol. It works a bit differently from TCP. As I stated above, it sends data less reliably and parts of the message may even be lost. Even though this may happen, UDP has its uses. Some users for UDP are:
[list]
[*]DNS[/*:m]
[*]VoIP[/*:m]
[*]Online games[/*:m][/list:u]

Raw
A raw socket is the most simple type of socket out of the three. Basically it allows sending of data without encapsulating the packet for the Operating System. Basically that's all there is to really know about Raw IP packets.

0x03 IP
IP stands for Internet Protocol. It is used for communication using sockets. It is also responsible for mapping packets across networks. There are currently two major versions of IP
[list]
[*]IPv4[/*:m]
[*]IPv6[/*:m][/list:u]
IPv4 is the first major version. It is currently used the most. An IPv4 address looks like so:

255&#46;255&#46;255&#46;255

This allows for tons of combinations of IP's. Unfortunately, IPv4 addresses are rapidly running out. Mainly because of the boom of mobile devices that require/have internet.

chroniccommand

[--------------------------------]
Addon by Chroniccommand
[--------------------------------]

0x01 OSI Model:
To understand the underlying framework of networking, you must understand the OSI Model. First of all, OSI stands for Open Systems Interconnection. The OSI model is the standard communication system used in networking. It works on layers, layers 1 - 7. I will list the layers and explain them here.

First layer - Physical layer
The first layer is the physical layer. The physical layer deals with actual connections. It deals with things such as cables and communicating between them. The first layer mainly deals with connecting and terminating connections. But it doesn't exactly do the virtual connection. When I say it deals with connections, it deals with the communication between mediums. An example of a medium would be a router.
Subsection: What is a router?
So what exactly is a router? Well a router is just a computer. Yes, a computer. Like the one you're on now. Except it's stripped. It has a minimal Operating System, like BSD. It doesn't have a GUI or anything fancy, nor does it have a monitor. It's a piece of hardware that deals with communicating. Now when you connect to another system, your computer sends a socket to the router. The router uses the physical layer to connect from your computer to the router for computer B. So it would look a little something like this:


|----------|
|Packet A  |   Contains header info etc
|----------|
     |
     |
     |                                        |-----------|
|----------|                                  |Computer B |
|Router A  |                                  |-----------|
|----------|      
     |                                             |
     |                                             |
     |                                             |
|----------------------------------|               |
|Passed through physical data layer| --------&gt; |----------|
|----------------------------------|           |Router B|
                                               |----------|

So computer A sends packet A which contains all info. It is then sent to router A. Router A just sends this packet through the physical data layer to Router B(Of course hitting other places in the process). Router B then identifies the packet and sends it to Computer B.

Anyway, back to the OSI model.
Layer 2 - Data link layer
The second layer in the OSI model is the Data link layer. This layer will transfer data and correct errors in the Physical layer. That's all I'll go into for now with this layer.

Layer 3 - Network layer
The third layer is the Network layer. This layer is another layer I won't go too much into. This layer is responsible for transporting data sequences. It also fragments and re-assembles network connections.

Layer 4 - Transport layer
The fourth layer is the Transport layer. This layer is mainly responsible for transfer of data between end users. TCP and UDP both use this layer, so know this layer!

Layer 5 - Session layer
This layer is the fifth layer. The Session layer. It manages and terminates connections between both remote and local connections. It is also responsible for closing connections in TCP.

Layer 6 - Presentation layer
The sixth layer is the Presentation layer. This is another layer I won't go much into. All you really need to know is that it will provide independence from representation of data.

Layer 7 - Application layer
The seventh and last layer of the OSI model is the Application layer. This layer will interact with network applications. That's the basics of that layer.

If you'd like to learn more about the OSI model, google :p

0x02 Sockets
So what exactly is a socket? You probably hear it all the time when you're talking about networking. But do you really know what it is? Well basically a socket allows bi-directional communication flow. Basically it looks kinda like this.
Socket 1 <------------> Socket 2

Sockets will let you send packets information over a network and lets you communicate. Sockets are the base of every networking application. There are 2 main socket types, and one not so known one.
[list=1]
[*]TCP(Transmission Control Protocol)[/*:m]
[*]UDP(User Datagram Protocol)[/*:m]
[*]Raw[/*:m][/list:o]
Now to go over the basics of each.
TCP
TCP stands for Transmission Control Protocol. TCP is part of the IP(Internet Protocol) suite. TCP provides a reliable connection using sockets. With a TCP socket, data is sent as one continuous stream until the connection is closed. This is more reliable than UDP, as UDP sends data less reliably and it may even lose parts of the message.

UDP
UDP stands for User Datagram Protocol. It works a bit differently from TCP. As I stated above, it sends data less reliably and parts of the message may even be lost. Even though this may happen, UDP has its uses. Some users for UDP are:
[list]
[*]DNS[/*:m]
[*]VoIP[/*:m]
[*]Online games[/*:m][/list:u]

Raw
A raw socket is the most simple type of socket out of the three. Basically it allows sending of data without encapsulating the packet for the Operating System. Basically that's all there is to really know about Raw IP packets.

0x03 IP
IP stands for Internet Protocol. It is used for communication using sockets. It is also responsible for mapping packets across networks. There are currently two major versions of IP
[list]
[*]IPv4[/*:m]
[*]IPv6[/*:m][/list:u]
IPv4 is the first major version. It is currently used the most. An IPv4 address looks like so:

255&#46;255&#46;255&#46;255

This allows for tons of combinations of IP's. Unfortunately, IPv4 addresses are rapidly running out. Mainly because of the boom of mobile devices that require/have internet.

IPv6 is less used, but will soon be used by almost everything as we slowly transition from 4 to 6. IPv6 is a bit more advanced than IPv4. A typical IPv6 address will look something like this:

2001&#58;0db8&#58;85a3&#58;0000&#58;0000&#58;8a2e&#58;0370&#58;7334&#46;

This is of course more hard to remember than

255&#46;255&#46;255&#46;255

Packets
Packets are sent over a socket. Packets contain information such as a header and a body. Much like a letter. Think of it like this.
Computer A crafts a packet with header information and body information. Much like a letter. Computer A sends it over to Computer B. Computer B gets the packet, dissects it and reads the header information, and proceeds to read the body.

Packets are a big part of networking as without packets we couldn't really communicate information.

Security against packets
A typical security issue is Packet sniffing. This involves capturing packets using an MITM(Man In The Middle) attack. The packet is then dissected to get the header and body information. This can be used to see what computer A is doing, since computers send packets to communicate information. This can of course be stumped by SSL. But of course SSL can be stripped.

Another security issue against packets is packet crafting. This involves an MITM attack. The man in the middle(the attacker), crafts a packet and sends it to computer A. Thus tricking computer A to think it's an official packet, even though it's the crafted packet created by the attacker.

Xin

Sounds good but post it as your own paper, i dont want to mix content up in things like this, that is what the wiki is for

Sh3llc0d3

LAN: Computers connected together by usually ethernet cabling then connected to a server or the internet.
WAN: Serveral LANs connected via a 'leased line' from the ISP.
MAN: Usually connecting various LANs via a backbone link such as fibre-optic cable. Rare, as it is so expensive to implement.

Good job though mate :)

Xin

said:

LAN: Computers connected together by usually ethernet cabling then connected to a server or the internet.
WAN: Serveral LANs connected via a 'leased line' from the ISP.
MAN: Usually connecting various LANs via a backbone link such as fibre-optic cable. Rare, as it is so expensive to implement.

Good job though mate :)

Yeah this is just from one source it may be slightly wrong, although LANs dont always connect to the internet, or even a server. Where did you get your info from WAN/MAN s

Sh3llc0d3

God knows, originally I did an online course in networking, and several books since. We've just done a quick refresh on it on the course i'm on at the moment too. Pretty sure wikipedia will have a little info on 'wide are network' or 'metropolitan area network' if you do a search.

Quick search and this is a fairly good resource for networking basics... check out area networks and topologies.
http://compnetworking.about.com/od/basi ... basics.htm

Howdy, Stranger!

Top Posters

Who's Online (1)