Wednesday 13 May 2015

Become A Hacker: Basics Of Networking

Become A Hacker: Basics Of Networking- picateshackz.com

After published a post 'How To Become A Hacker - Complete Guide For Beginners' there have been some questions regarding networking skills, It is very important topic to become a hacker, so this article will explain the basic networking a Ethical hacker or Penetration tester must learn.
Here is a list of basics of networking:
  1. DHCP
  2. NAT
  3. Subnetting
  4. IPv4
  5. IPv6
  6. Public vs Private IP
  7. DNS
  8. Routers and switches
  9. VLANs
  10. OSI model
  11. MAC addressing
  12. ARP

1. DHCP


As long as you're learning about your IP address, you should learn a little about something called DHCP—which stands for Dynamic Host Configuration Protocol. Why bother? Because it has a direct impact on millions of IP addresses, most likely including yours.
DHCP is at the heart of assigning you (and everyone) their IP address. The key word in DHCP is protocol—the guiding rules and process for Internet connections for everyone, everywhere. DHCP is consistent, accurate and works the same for every computer. Remember that without an IP address, you would not be able to receive the information you requested. As you've learned (by reading IP: 101), your IP address tells the Internet to send the information that you requested (Web page, email, data, etc.) right to the computer that requested it.

  • Protocols

There are more than one billion computers in the world, and each individual computer needs its own IP address whenever it's online. The TCP/IP protocols (our computers' built-in, internal networking software) include a DHCP protocol. It automatically assigns and keeps tabs of IP addresses and any "subnetworks" that require them. Nearly all IP addresses are dynamic, as opposed to "static" IP addresses that never change.
DHCP is a part of the "application layer," which is just one of the several TCP/IP protocols. All of the processing and figuring out of what to send to whom happens virtually instantly.

  • Clients and servers

The networking world classifies computers into two distinctive categories: 1) individual computers, called "hosts," and 2) computers that help process and send data (called "servers"). A DHCP server is one computer on the network that has a number of IP address at its disposal to assign to the computers/hosts on that network. If you use a cable company for Internet access, making them your Internet Service Provider, they likely are your DHCP server.

  • Permission slips

Think of getting an IP address as similar to obtaining a special permission slip from the DHCP server to use the Internet. In this scenario, you are the DHCP client—whenever you want to go on the Internet, your computer automatically requests an IP address from the network's DHCP server. If there's one available, the DHCP server sends a response containing an IP address to your computer.

  • How DHCP works

The key word in DHCP is "dynamic." Because instead of having just one fixed and specific IP address, most computers will be assigned one that is available from a subnet or "pool" that is assigned to the network. The Internet isn't one big computer in one big location. It's an interconnected network of networks, all created to make one-on-one connections between any two clients that want to exchange information.

One of the features of DHCP is that it provides IP addresses that "expire." When DHCP assigns an IP address, it actually leases that connection identifier to the user's computer for a specific amount of time. The default lease is five days.

Here is how the DHCP process works when you go online:

  1. Your go on your computer to connect to the Internet.
  2. The network requests an IP address (this is actually referred to as a DHCP discover message).
  3. On behalf of your computer's request, the DHCP server allocates (leases) to your computer an IP address. This is referred to as the DHCP offer message.
  4. Your computer (remember—you're the DHCP client) takes the first IP address offer that comes along. It then responds with a DHCP request message that verifies the IP address that's been offered and accepted.
  5. DHCP then updates the appropriate network servers with the IP address and other configuration information for your computer.
  6. Your computer (or whatever network device you're using) accepts the IP address for the lease term.

Typically, a DHCP server renews your lease automatically, without you (or even a network administrator) having to do anything. However, if that IP address's lease expires, you'll be assigned a new IP address using the same DHCP protocols.
Here's the best part: You wouldn't even be aware of it, unless you happened to check your IP address. Your Internet usage would continue as before. DHCP takes place rather instantly, and entirely behind the scenes. We, as everyday, ordinary computer users, never have to think twice about it. We just get to enjoy this amazing and instantaneous technology that brings the Internet to our fingertips when we open our browsers. I guess you could say DHCP stands for "darn handy computer process"...or something like that.

2. NAT


Stands for "Network Address Translation." NAT translates the IP addresses of computers in a local network to a single IP address. This address is often used by the router that connects the computers to the Internet. The router can be connected to a DSL modem, cable modem, T1 line, or even a dial-up modem. When other computers on the Internet attempt to access computers within the local network, they only see the IP address of the router. This adds an extra level of security, since the router can be configured as a firewall, only allowing authorized systems to access the computers within the network.
Once a system from outside the network has been allowed to access a computer within the network, the IP address is then translated from the router's address to the computer's unique address. The address is found in a "NAT table" that defines the internal IP addresses of computers on the network. The NAT table also defines the global address seen by computers outside the network. Even though each computer within the local network has a specific IP address, external systems can only see one IP address when connecting to any of the computers within the network.
To simplify, network address translation makes computers outside the local area network (LAN) see only one IP address, while computers within the network can see each system's unique address. While this aids in network security, it also limits the number of IP addresses needed by companies and organizations. Using NAT, even large companies with thousands of computers can use a single IP address for connecting to the Internet. Now that's efficient.
 NAT has many forms and can work in several ways:



  • Static NAT - Mapping an unregistered IP address to a registered IP address on a one-to-one basis. Particularly useful when a device needs to be accessible from outside the network.
  • Dynamic NAT - Maps an unregistered IP address to a registered IP address from a group of registered IP addresses.
  • Overloading - A form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports. This is known also as PAT (Port Address Translation), single address NAT or port-level multiplexed NAT.
  • Overlapping - When the IP addresses used on your internal network are registered IP addresses in use on another network, the router must maintain a lookup table of these addresses so that it can intercept them and replace them with registered unique IP addresses. It is important to note that the NAT router must translate the "internal" addresses to registered unique addresses as well as translate the "external" registered addresses to addresses that are unique to the private network. 
    This can be done either through static NAT or by using DNS and The internal network is usually aLAN (Local Area Network), commonly referred to as the stub domain. A stub domain is a LAN that uses IP addresses internally. Most of the network traffic in a stub domain is local, so it doesn't travel outside the internal network. A stub domain can include both registered and unregistered IP addresses. Of course, any computers that use unregistered IP addresses must use Network Address Translation to communicate with the rest of the world.


    3. Subnetting


subnet is a logical grouping of connected network devices. Nodes on a subnet tend to be located in close physical proximity to each other on a LAN.
Network designers employ subnets as a way to partition networks into logical segments for greater ease of administration. When subnets are properly implemented, both the performance and security of networks can be improved.
In Internet Protocol (IP) networking, devices on a subnet share contiguous ranges of IP address numbers.
A mask (known as the subnet mask or network mask) defines the boundaries of an IP subnet. The correspondence between subnet masks and IP address ranges follows defined mathematical formulas. IT professionals use subnet calculators to map between masks and addresses.


4. IPv4


The Internet Protocol version 4 was designed to be allocated to approx. imately 4.3 billion addresses. At the beginning of Internet this was considered a much wider address space for which there was nothing to worry about.
The sudden growth in internet users and its wide spread use has exponentially increased the number of devices which needs real and unique IP to be able to communicate. Gradually, an IPS is required by almost every digital equipment which were made to ease human life, such as Mobile Phones, Cars and other electronic devices. The number of devices (other than computers/routers) expanded the demand for extra IP addresses, which were not considered earlier.
Allocation of IPv4 is globally managed by Internet Assigned Numbers Authority (IANA) under coordination with the Internet Corporation for Assigned Names and Numbers (ICANN). IANA works closely with Regional Internet Registries, which in turns are responsible for efficiently distributing IP addresses in their territories. There are five such RIRS. According to IANA reports, all the IPv4 address blocks have been allocated. To cope up with the situation, the following practices were being done:
  • Private IPs: Few blocks of IPs were declared for private use within a LAN so that the requirement for public IP addresses can be reduced.
  • NAT: Network address translation is a mechanism by which multiple PCs/hosts with private IP addresses are enabled to access using one or few public IP addresses.
  • Unused Public IPs were reclaimed by RIRs.


5. IPv6

IETF (Internet Engineering Task Force) has redesigned IP addresses to mitigate the drawbacks of IPv4. The new IP address is version 6 which is 128-bit address, by which every single inch of the earth can be given millions of IP addresses.
Today majority of devices running on Internet are using IPv4 and it is not possible to shift them to IPv6 in the coming days. There are mechanisms provided by IPv6, by which IPv4 and IPv6 can co-exist unless the Internet entirely shifts to IPv6:

  • Dual IP Stack
  • Tunneling (6to4 and 4to6)
  • NAT Protocol Translation

6. Public Vs Private IP


Internet Protocol (IP) addresses are usually of two types: Public and Private. If you have ever wondered to know what is the difference between a public and a private IP address, then you are at the right place.

What are Public IP Addresses?

A public IP address is assigned to every computer that connects to the Internet where each IP is unique. Hence there cannot exist two computers with the same public IP address all over the Internet. This addressing scheme makes it possible for the computers to “find each other” online and exchange information .User has no control over the IP address (public) that is assigned to the computer. The public IP address is assigned to the computer by the Internet Service Provider as soon as the computer is connected to the Internet gateway.

A public IP address can be either static or dynamic. A static public IP address does not change and is used primarily for hosting webpages or services on the Internet. And another one a dynamic public IP address is chosen from a pool of available addresses and changes each time one connects to the Internet. Most Internet users will only have a dynamic IP assigned to their computer which goes off when the computer is disconnected from the Internet. Thus when it is re-connected it gets a new IP.

  You can check your public IP address by visiting www.whatismyip.com

  What is private address?

An IP address is considered private if the IP number falls within one of the IP address ranges reserved for private networks such as a Local Area Network (LAN). The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private networks (local networks):

                  10.0.0.0 – 10.255.255.255 (Total Addresses: 16,777,216)
                  172.16.0.0 – 172.31.255.255 (Total Addresses: 1,048,576)
                  192.168.0.0 – 192.168.255.255 (Total Addresses: 65,536)

Private IP addresses are used for numbering the computers in a private network including home, school and business LANs in airports and hotels which makes it possible for the computers in the network to communicate with each other. Say for example, if a network A consists of 30 computers each of them can be given an IP starting from 192.168.0.1 to 192.168.0.30. Unlike the public IP, the administrator of the private network is free to assign an IP address of his own choice

Devices with private IP addresses cannot connect directly to the Internet. Likewise, computers outside the local network cannot connect directly to a device with a private IP. It is possible to interconnect two private networks with the help of a router or a similar device that supports Network Address Translation.

If the private network is connected to the Internet (through an Internet connection via ISP) then each computer will have a private IP as well as a public IP. Private IP is used for communication within the network where as the public IP is used for communication over the Internet. Most Internet users with aDSL/ADSL connection will have both a private as well as a public IP.

You can view your private IP in windows commend prompt by typing  ipconfig IPV4 Address   is your private IP which in most cases will be command in the command prompt. The number that you see against “192.168.1.1 or 192.168.1.2. Unlike the public IP, private IP addresses are always static in nature.


7. DNS

DNS is an acronym for Domain Name Server, and is the system used to translate word-based addresses of systems (such as WWW.EXAMPLE.COM) to the numerical IP (Internet Protocol) address of the computer or system that should be located at that address. All computers and systems on the Internet use addresses that look similar to: 5.8.15.16
When you use an alphanumeric address such as WWW.EXAMPLE.COM, your computer needs to understand what numerical IP addresses it needs to contact, and this is accomplished through DNS servers. The answer is delivered back to the requesting computer via the DNS listed for the domain name.
All domains have at least two DNS servers as seen through WHOIS lookups such as NS1.EXAMPLE.COM andNS2.EXAMPLE.COM, and your request for anything related to the domain name gets sent to one of these servers.  In response, the DNS server sends back the IP address that you should contact.  This works for the Web Site, Mail Servers, and anything else based on the domain name.

8. Routers and switches


Network routers,switches and hubs are all common components of wired Ethernet networks.
Hubs, switches and routers are mostly small plastic or metal box-shaped electronic gadgets. Each is designed to allow computers to connect to it. Each features a number of physical ports on the front or back of the unit that provide the connection points for these computers, a connection for electric power, and a number of LED lights to display device status.

  • Routers Are Smarter In Other Ways Too

Additionally, broadband routers contain several features beyond those of traditional routers such as integrated DHCP server and network firewall support. Wireless broadband routers even incorporate a built-in Ethernet switch for supporting wired computer connections (and enabling network expansion via connecting additional switches if needed).

  • Switches vs. Hubs

Switches are higher-performance alternatives to hubs. Both pass data between devices connected to them, but hubs do so by broadcasting the data to all other connected devices, while switches first determine which device is the intended recipient of the data and then sends it to that one device directly.


9. VLANs


A VLAN is a group of devices on one or more LANs that are configured to communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are extremely flexible. 


VLANs define broadcast domains in a Layer 2 network. A broadcast domain is the set of all devices that will receive broadcast frames originating from any device within the set. Broadcast domains are typically bounded by routers because routers do not forward broadcast frames. Layer 2 switches create broadcast domains based on the configuration of the switch. Switches are multiport bridges that allow you to create multiple broadcast domains. Each broadcast domain is like a distinct virtual bridge within a switch.


You can define one or many virtual bridges within a switch. Each virtual bridge you create in the switch defines a new broadcast domain (VLAN). Traffic cannot pass directly to another VLAN (between broadcast domains) within the switch or between two switches. To interconnect two different VLANs, you must use routers or Layer 3 switches.

  • What are VLAN's?

In a traditional LAN, workstations are connected to each other by means of a hub or a repeater. These devices propagate any incoming data throughout the network. However, if two people attempt to send information at the same time, a collision will occur and all the transmitted data will be lost. Once the collision has occurred, it will continue to be propagated throughout the network by hubs and repeaters. The original information will therefore need to be resent after waiting for the collision to be resolved, thereby incurring a significant wastage of time and resources. To prevent collisions from traveling through all the workstations in the network, a bridge or a switch can be used. These devices will not forward collisions, but will allow broadcasts (to every user in the network) and multicasts (to a pre-specified group of users) to pass through. A router may be used to prevent broadcasts and multicasts from traveling through the network.

The workstations, hubs, and repeaters together form a LAN segment. A LAN segment is also known as a collision domain since collisions remain within the segment. The area within which broadcasts and multicasts are confined is called a broadcast domain or LAN. Thus a LAN can consist of one or more LAN segments. Defining broadcast and collision domains in a LAN depends on how the workstations, hubs, switches, and routers are physically connected together. This means that everyone on a LAN must be located in the same area.


10. OSI model


The OSI model defines networking in terms of a vertical stack of seven layers. Upper layers of the OSI model represent software that implements network services like encryption and connection management. Lower layers of the OSI model implement more primitive, hardware-oriented functions like routing, addressing, and flow control.
Data communication in the OSI model starts with the top layer of the stack at the sending side, travels down the stack to the sender's lowest (bottom) layer, then traverses the physical network connection to the bottom layer on the receiving side, and up its OSI model stack.
The OSI model was introduced in 1984. Designed to be an abstract model and teaching tool, the OSI model remains a useful for learning about today's popular network technologies like Ethernet and protocols like IP.Computer Networking
Also Known As: Open Systems Interconnection (OSI) reference model, OSI seven layer model
Examples: Internet Protocol (IP) corresponds to the Network layer of the OSI model, layer three. TCP and UDP correspond to OSI model layer four, the Transport layer. Lower layers of the OSI model are represented by technologies like Ethernet. Higher layers of the OSI model are represented by application protocols like TCP and UDP.


11. MAC addressing



In computer networking, the Media Access Control (MAC) address is every bit as important as an IPaddress. Learn in this article how MAC addresses work and how to find the MAC addresses being used by a computer.

  • What Is a MAC Address?

The MAC address is a unique value associated with a network adapter. MAC addresses are also known as hardware addresses or physical addresses. They uniquely identify an adapter on a LAN.

MAC addresses are 12-digit hexadecimal numbers (48 bits in length). By convention, MAC addresses are usually written in one of the following two formats:

MM:MM:MM:SS:SS:SS

MM-MM-MM-SS-SS-SS


The first half of a MAC address contains the ID number of the adapter manufacturer. These IDs are regulated by an Internet standards body (see sidebar). The second half of a MAC address represents the serial number assigned to the adapter by the manufacturer. In the example,

00:A0:C9:14:C8:29


The prefix



00A0C9


indicates the manufacturer is Intel Corporation.

  • Why MAC Addresses?

Recall that TCP/IP and other mainstream networking architectures generally adopt the OSI model. In this model, network functionality is subdivided into layers. MAC addresses function at the data link layer (layer 2 in the OSI model). They allow computers to uniquely identify themselves on a network at this relatively low level.

  • MAC vs. IP Addressing 

Whereas MAC addressing works at the data link layer, IP addressing functions at the network layer (layer 3). It's a slight oversimplification, but one can think of IP addressing as supporting the software implementation and MAC addresses as supporting the hardware implementation of the network stack. The MAC address generally remains fixed and follows the network device, but the IP address changes as the network device moves from one network to another.
IP networks maintain a mapping between the IP address of a device and its MAC address. This mapping is known as the ARP cache or ARP table. ARP, the Address Resolution Protocol, supports the logic for obtaining this mapping and keeping the cache up to date.
DHCP also usually relies on MAC addresses to manage the unique assignment of IP addresses to devices.

12. ARP


Stands for "Address Resolution Protocol." ARP is a protocol used for mapping an IP address to a computer connected to a local network LAN. Since each computer has a unique physical address called a MAC address, the ARP converts the IP address to the MAC address. This ensures each computer has a unique network identification.
The Address Resolution Protocol is used when information sent to a network arrives at the gateway, which serves as the entrance point to the network. The gateway uses the ARP to locate the MAC address of the computer based on the IP address the data is being sent to. The ARP typically looks up this information in a table called the "ARP cache." If the address is found, the information is relayed to the gateway, which will send the incoming data to the appropriate machine. It may also convert the data to the correct network format if necessary.
If the address is not found, the ARP broadcasts a "request packet" to other machines on the network to see if the IP address belongs to a machine not listed in the ARP cache. If a valid system is located, the information will be relayed to the gateway and the ARP cache will be updated with the new information. By updating the ARP cache, future requests for that IP address will be much quicker. While this may seem like a complex process, it usually takes only a fraction of a second to complete. If only it was just as easy to find old receipts when you need them.


Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)