Beruflich Dokumente
Kultur Dokumente
Network Applications
Speed = Data Rate Availability = Likelihood network is avialable Scalability= How well network can scale Topology= Physical components of network like cable, switches, router
4. Improve
Reconnaissance attack(Gathering Information like sniffing data , Ping Sweep) Access Attack
Password Attack Trust Exploitation Port Redirection Man-in-the Middle Buffer Overflow.
Exploiting well known weekness in the software Trojon programms that loggs the key. Password stealing Java or activeX codes that work maliciously
Telent (but information is sent in Plain txt) SSH (secure encrypted communication) Secure Socket Layer (SSL) Monitoring Protocols (SNMP, syslog, NTP, TFTP)
TCP UDP = Transport Layer Router, ICMP, IGMP, IP = Network Layer 802.3 802.2 Framerelay, HDLC = Data Link Layer
Packet = Network Layer Frames = Data Link Layer Bits = Physical Layer
TCP = Connection Orieneted (More overheads, Confrmation of delivery) IP, UDP= Connection Less (best effort, no recovery of lost packet)
CLASS of IP Address
CLASS A: 1.0.0.0 to 126.0.0.0 Class B: 128.0.0.0 to 191.255.0.0. Class C: 192.0.0.0 to 223.255.255.0. Class D: 224239 Class E: 240 - 255
TCP Header URG: Urgent Pointer field significant ACK: Acknowledgment field significant PSH: Push Function application need data to be pushed immediately RST: Reset the connection SYN: Synchronize sequence numbers FIN: No more data from sender
PORTS
0 to 1023 are well-known ports. 1024 to 49151 are registered ports 4915265535 are unregistered
TCP/IP Applications FTP = TCP based File transfer (TCP 21 Port) TFTP= UDP based used to transfer Cisco IOS or configuration (UDP 69 Port) Telnet= Terminal Emuletion Command line (TCP 23) SMTP= Email delivery (TCP 25) SNMP= Network Manamgement Protocol. (UDP 161) DHCP= Assign IP address automatically DNS= Name to IP resolution (Both TCP, UDP 53)
Unicast (one to one communication) Broadcast (one to any Communication) Multicast (from one to Subnet of users)
Address Translation
Inside local address =IP address assigned to a host on the inside network Inside global address= A public IP address assigned by the ISP that represents one or more inside local IP addresses to the outside world. Outside global address = IP address assigned to a host on the outside network Outside local address = IP address of an outside host as it appears to the inside
When a host on an Ethernet LAN has information to send, the following steps are taken: 1. A device with a frame to send listens until Ethernet is not busy CSMA/CD. 2. When the Ethernet is not busy, the sender begins sending the frame. 3. The sender listens to make sure that no collision occurred. 4. Once the senders hear the collision, they each send a jamming signal, to ensure that all stations recognize the collision. 5. After the jamming is complete, each sender randomizes a timer and waits that long. 6. When each timer expires, the process starts over with step 1.
MAC Address
Layer 2 address Hexa Decimal Formate 48 Bits = 24 bits of Vandor ID + 24 bits of Unique ID
Wireless IEEE 802.11a: 54 Mbps in the 5.7 GHz ISM band IEEE 802.11b: 11 Mbps in the 2.4 GHz ISM band IEEE 802.11g: 54 Mbps in the 2.4 GHz ISM band IEEE 802.11n: 300 +Mbps in the 2.4 and 5GHz ISM band Wireless Security
WEP (Basic Enryption , not good) 802.1x EAP (Use dynamic Keys, User authentication)
WPA WiFi Protected access WPA2 (Most Strongest uses AES for Encryption)
Configuring Port Security on Switch SwitchX(config)# interface fa0/5 SwitchX(config-if)# switchport mode access SwitchX(config-if)# switchport port-security SwitchX(config-if)# switchport port-security maximum 1 SwitchX(config-if)# switchport port-security mac-address sticky SwitchX(config-if)# switchport port-security violation shutdown
Keypoints
Switches increases the number of collisions domains in the network Switches are multiport bridges that allow you to create multiple broadcast domains Switches and bridges work on L2 Primary functions of a router are: Packet Switching and Path Selection A straight-through cable is used to connect two different devices Layer 4 functions are error recovery and flow control Transport layer provides reliable networking via acknowledgments, sequencing, and flow control. HTTPS is the secured version of the HTTP application, which normally uses 128 bit SSL encryption to secure the information uses port 443 VOIP systems utilize UDP because it is faster and uses less overhead Spanning-Tree Protocol (STP) is a Layer 2 protocol STP is used to avoid switching loops CDP is a device discovery protocol that runs over Layer 2 Crossover cable is used to connect two of the same device types 100BaseT (UTP, STP) has a distance restriction of 100 meter or 328 Feet IEEE 802.3z standard describes 1000BASE-SX (Gigabit Ethernet) Switches forward broadcast but routers do not forward broadcasts (by default) RIPv2 carries subnet mask information allowing for VLSM For point to point Link /30 IP address is used. Network Address Translation (NAT) can be used to hide the private IP addressing NVRAM-Nonvolatile RAM stores the initial or startup configuration file. 0x2102, is the normal config-register