Sie sind auf Seite 1von 6

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

ICND1 CRAMM SHEET

QUICK Reference (ICND 1)


Protocol :- Predefined set of rules to communicate

Network Applications

Email Collaboration Messaging Web Browsing Databse applications

Speed = Data Rate Availability = Likelihood network is avialable Scalability= How well network can scale Topology= Physical components of network like cable, switches, router

Network Security (Type of Attacks)


Passive attack :- Sniffing aata like capturing password on the wire or wireless Active attack :- Actively try to invade security , adding malicious code Inside attack:- Attack from authorised users Close in Attack :- Attack with in close physical proximity Distribution:- Attack launched during distribution phase of any hardware of software. Network Security Process

Security is ever evolving process 1. Secure 2. Monitor 3. Test

4. Improve

Reconnaissance attack(Gathering Information like sniffing data , Ping Sweep) Access Attack

Password Attack Trust Exploitation Port Redirection Man-in-the Middle Buffer Overflow.

Application Layer Attack


Exploiting well known weekness in the software Trojon programms that loggs the key. Password stealing Java or activeX codes that work maliciously

Managament / Monitoring Protocols


Telent (but information is sent in Plain txt) SSH (secure encrypted communication) Secure Socket Layer (SSL) Monitoring Protocols (SNMP, syslog, NTP, TFTP)

OSI Reference Model

All People Seem To Need Data Processing

TCP UDP = Transport Layer Router, ICMP, IGMP, IP = Network Layer 802.3 802.2 Framerelay, HDLC = Data Link Layer

Data = Application Layer Segment = Transport Layer

Packet = Network Layer Frames = Data Link Layer Bits = Physical Layer

TCP = Connection Orieneted (More overheads, Confrmation of delivery) IP, UDP= Connection Less (best effort, no recovery of lost packet)

CLASS of IP Address

CLASS A: 1.0.0.0 to 126.0.0.0 Class B: 128.0.0.0 to 191.255.0.0. Class C: 192.0.0.0 to 223.255.255.0. Class D: 224239 Class E: 240 - 255

RFC 1918 Private IP Address Range


10.0.0.0 to 10.255.255.255

172.16.0.0 to 172.31.255.255 192.168.0.0 to 192.168.255.255 IPV6

16 Octet 128 Bits A524:72D3:2C80:DD02:0029:EC7A:002B:EA73

TCP Header URG: Urgent Pointer field significant ACK: Acknowledgment field significant PSH: Push Function application need data to be pushed immediately RST: Reset the connection SYN: Synchronize sequence numbers FIN: No more data from sender

PORTS

0 to 1023 are well-known ports. 1024 to 49151 are registered ports 4915265535 are unregistered

TCP/IP Applications FTP = TCP based File transfer (TCP 21 Port) TFTP= UDP based used to transfer Cisco IOS or configuration (UDP 69 Port) Telnet= Terminal Emuletion Command line (TCP 23) SMTP= Email delivery (TCP 25) SNMP= Network Manamgement Protocol. (UDP 161) DHCP= Assign IP address automatically DNS= Name to IP resolution (Both TCP, UDP 53)

TCP 3 Way HandShake LAN Traffic Types


Unicast (one to one communication) Broadcast (one to any Communication) Multicast (from one to Subnet of users)

Address Translation

Inside local address =IP address assigned to a host on the inside network Inside global address= A public IP address assigned by the ISP that represents one or more inside local IP addresses to the outside world. Outside global address = IP address assigned to a host on the outside network Outside local address = IP address of an outside host as it appears to the inside

When a host on an Ethernet LAN has information to send, the following steps are taken: 1. A device with a frame to send listens until Ethernet is not busy CSMA/CD. 2. When the Ethernet is not busy, the sender begins sending the frame. 3. The sender listens to make sure that no collision occurred. 4. Once the senders hear the collision, they each send a jamming signal, to ensure that all stations recognize the collision. 5. After the jamming is complete, each sender randomizes a timer and waits that long. 6. When each timer expires, the process starts over with step 1.

MAC Address

Layer 2 address Hexa Decimal Formate 48 Bits = 24 bits of Vandor ID + 24 bits of Unique ID

Wireless IEEE 802.11a: 54 Mbps in the 5.7 GHz ISM band IEEE 802.11b: 11 Mbps in the 2.4 GHz ISM band IEEE 802.11g: 54 Mbps in the 2.4 GHz ISM band IEEE 802.11n: 300 +Mbps in the 2.4 and 5GHz ISM band Wireless Security

WEP (Basic Enryption , not good) 802.1x EAP (Use dynamic Keys, User authentication)

WPA WiFi Protected access WPA2 (Most Strongest uses AES for Encryption)

Configuring Port Security on Switch SwitchX(config)# interface fa0/5 SwitchX(config-if)# switchport mode access SwitchX(config-if)# switchport port-security SwitchX(config-if)# switchport port-security maximum 1 SwitchX(config-if)# switchport port-security mac-address sticky SwitchX(config-if)# switchport port-security violation shutdown

Keypoints

Switches increases the number of collisions domains in the network Switches are multiport bridges that allow you to create multiple broadcast domains Switches and bridges work on L2 Primary functions of a router are: Packet Switching and Path Selection A straight-through cable is used to connect two different devices Layer 4 functions are error recovery and flow control Transport layer provides reliable networking via acknowledgments, sequencing, and flow control. HTTPS is the secured version of the HTTP application, which normally uses 128 bit SSL encryption to secure the information uses port 443 VOIP systems utilize UDP because it is faster and uses less overhead Spanning-Tree Protocol (STP) is a Layer 2 protocol STP is used to avoid switching loops CDP is a device discovery protocol that runs over Layer 2 Crossover cable is used to connect two of the same device types 100BaseT (UTP, STP) has a distance restriction of 100 meter or 328 Feet IEEE 802.3z standard describes 1000BASE-SX (Gigabit Ethernet) Switches forward broadcast but routers do not forward broadcasts (by default) RIPv2 carries subnet mask information allowing for VLSM For point to point Link /30 IP address is used. Network Address Translation (NAT) can be used to hide the private IP addressing NVRAM-Nonvolatile RAM stores the initial or startup configuration file. 0x2102, is the normal config-register