Logical vs. Physical
•Logical Devices are the Speci
fi
c Service - Firewall, Router, Modem, Access
Point
• These were, and can still be dedicated devices, but are generally built into a
single device such as a SOHO Router that has a Router, Switch, Access
Point, Firewall and even VPN built in.
• Physical Devices are the actual objects you plug into the network.
• Design/ Whiteboard based on Logic
• Build based on Physical
4.
BEWARE of CACHEING
•Systems “cache” data and store it locally so that they can respond to clients
more quickly.
• When you make a change the system you are connecting to may still respond
with cached data.
• Either wait for caches to clear, or force a cache to be “ ushed”
• “Replication” times are how long it takes for changes to be copied to all
relevant systems
5.
What is aProtocol
• Language for computers to talk to each other
• Network Protocols, Storage Protocols, Communication Protocols
• TCP/IP
• FTP
• SIP
• RTMP
• iSCSI
6.
TCP/IP v6 ???
•Tomorrow… is always a day away…
• We’ll run out of v4 addresses the day after tomorrow…
• “Legacy” systems have a nasty habit of not dying properly…
7.
Ethernet Standard
• StarTypology
• RJ45 Connectors
• MAC addresses
• CSMA/CD - Collision Domains
8.
MAC Address?
• UniversallyUnique Identi
fi
er
• Part is the Vendor ID, Part is the Serial Number
• Connection has a MAC Address
• REST API to Find Info Based on MAC Address
• https://www.macvendorlookup.com/api
9.
Layer 2 Networking
•Cross Over Cables
• Hubs
• Bridges
• Switches
• MAC address table
• Broadcast Storms
TCP/IP v4 -Routable Protocol Suite
• Protocol Suite
• TCP - Transmission Protocol
• IP - Addressing Protocol
• ICMP - Ping
12.
TCP/IP Address andSubnet Mask
• 192.168.1.1
• 192.166.1.1/24
• An IP Address contains the address for the Network and the Host
• Subnet Mask divides IP Address Into Network and Host Addresses
• A, B and C Subnets
• Scribble stu
ff
on whiteboard about octets to impress students…
• Octet Value - 2 for number of hosts
• Lower Number is Subnet, Higher is Broadcast
Switches and ARP
•Switches are layer 2 networking
• Switches contain MAC Address Tables
• ARP - Address Resolution Protocol - Resolves MAC address to IP Address
• Example - Run: arp -a
15.
TCP Ports
• 192.168.1.1:8080
•Every Protocol uses a TCP Port.
• These are generally precon
fi
gured, but can be manually set.
• SMTP - 25
• HTTP - 80
• HTTPS - 443
• FTP - 20
• SSH - 22
16.
Routers and DefaultGateways
• Routers Connect Networks Together
• The Default Gateway is the Router a Host communicates with is a computer
cannot be found on the LAN
NAT and PortForwarding
Network Address Translation
• NAT Killed IPv6…
• Numerous Connected Devices can share the same External IP Address. The
NAT Enabled Router will automatically route tra c to appropriate Hosts.
• Port Forwarding forwards inbound TCP Port Tra c to Speci c Hosts
• BEWARE - Carrier NAT…
19.
Internet Facing StaticIP Addresses
• Server is “directly” connected to the Internet
• No need for Port Forwarding
• May cost extra money
• May be limited or not available from vendor
• Many ISP’s will sell no, or limited static IP Addresses to customers
20.
Firewalls
• Block TCPPorts
• Inbound/ Outbound
• Hardware / Software
• Servers should be con
fi
gured so only speci c Hosts can connect on speci c
TCP Ports
• BE CAREFUL con
fi
guring Software Firewalls on test systems…
• Verify your setup works BEFORE implementing rewalls
21.
DNS
Domain Name Service
•Resolves Fully Quali
fi
ed Domain Names (FQDN’s) to IP Addresses
• SERVER -> 192.168.1.10
• cnn.com -> 151.101.3.5
• Resolution Order
• Hosts File
• Local DNS
• Remote DNS (ISP, CloudFlare, Google)
• Reverse DNS resolves IP Addresses to FQDN’s to Prevent Spoo ng
22.
DHCP
Dynamic Host Con
fi
gurationProtocol
• Dynamic IP Addresses
• Scope - Pool of IP Addresses that DHCP can assign from
• Lease Length - How long before Lease Expires
• Reserved Addresses /Static Addresses - Addresses reserved for devices that will have IP
Addresses that will not change. For networking equipment, possibly printers,
infrastructure servers…
• DHCP and DNS servers should talk to each other, generally they will be the same server.
• Use FQDN’s where possible in code so that if the Server IP changes it will be seamless
with a DNS update.
23.
VPN
Virtual Private Network
•Creates a Tunnel from a computer External to a LAN to make it logically appear
on the LAN.
• Allows you to use local
fi
le servers, networked printers, etc.
• Creates major vulnerabilities if VPN account is compromised
• Flaky ISP Connections can cause major issues
• Generally used to bypass geo restrictions to access restricted content on Net ix.
• In your project if you collect IP Address information what you receive will be from
VPN provider, not the actual users external address.
24.
Command Line Tools
•ping
• arp -a
• traceroute
• ifcon
fi
g /ipcon
fi
g/ ip address
25.
Labs
• lab-mac.py
• UsesREST API to
fi
nd Vendor of MAC Address
• lab-mac-arp.py
• Grabs response from “arp -a” for a list of MAC addresses and then uses REST API to show
vendors for all of them
• lab-ping.py
• Uses OS module to Ping IP Addresses in List and Print Results
• lab-ping-loop.py
• Pings a list of IP Addresses and shows latency in a continuous loop