Showing posts with label CCENT Quick Reference. Show all posts
Showing posts with label CCENT Quick Reference. Show all posts

4 Apr 2012

CCENT Quick Reference

QUICK Reference (ICND 1)

Protocol :- Predefined set of rules to communicate


Network Applications

  • Email
  • Collaboration
  • Messaging
  • Web Browsing
  • Databse applications

Speed = Data Rate

Availability = Likelihood network is avialable

Scalability= How well network can scale

Topology= Physical components of network like cable, switches, router

Network Security (Type of Attacks)

Passive attack :- Sniffing aata like capturing password on the wire or wireless

Active attack :- Actively try to invade security , adding malicious code

Inside attack:- Attack from authorised users

Close in Attack :- Attack with in close physical proximity

Distribution:- Attack launched during distribution phase of any hardware of software.

Network Security Process


Security is ever evolving process

  1. Secure
  2. Monitor
  3. Test
  4. Improve

Reconnaissance attack(Gathering Information like sniffing data , Ping Sweep)

Access Attack

  • Password Attack
  • Trust Exploitation
  • Port Redirection
  • Man-in-the Middle
  • Buffer Overflow.

Application Layer Attack

  • Exploiting well known weekness in the software
  • Trojon programms that loggs the key.
  • Password stealing
  • Java or activeX codes that work maliciously

Managament / Monitoring Protocols

  • Telent (but information is sent in Plain txt)
  • SSH (secure encrypted communication)
  • Secure Socket Layer (SSL)
  • Monitoring Protocols (SNMP, syslog, NTP, TFTP)

OSI Reference Model

All People Seem To Need Data Processing


TCP UDP = Transport Layer

Router, ICMP, IGMP, IP = Network Layer

802.3 802.2 Framerelay, HDLC = Data Link Layer


Data = Application Layer

Segment = Transport Layer

Packet = Network Layer

Frames = Data Link Layer

Bits = Physical Layer


TCP = Connection Orieneted (More overheads, Confrmation of delivery)

IP, UDP= Connection Less (best effort, no recovery of lost packet)


CLASS of IP Address


CLASS A: 1.0.0.0 to 126.0.0.0

Class B: 128.0.0.0 to 191.255.0.0.

Class C: 192.0.0.0 to 223.255.255.0.

Class D: 224–239

Class E: 240 - 255


RFC 1918 Private IP Address Range


10.0.0.0 to 10.255.255.255

172.16.0.0 to 172.31.255.255

192.168.0.0 to 192.168.255.255


IPV6


16 Octet

128 Bits

A524:72D3:2C80:DD02:0029:EC7A:002B:EA73

TCP Header

URG: Urgent Pointer field significant

ACK: Acknowledgment field significant

PSH: Push Function application need data to be pushed immediately

RST: Reset the connection

SYN: Synchronize sequence numbers

FIN: No more data from sender

PORTS

  • ü 0 to 1023 are well-known ports.
  • ü 1024 to 49151 are registered ports
  • ü 49152–65535 are unregistered

TCP/IP Applications

FTP = TCP based File transfer (TCP 21 Port)

TFTP= UDP based used to transfer Cisco IOS or configuration (UDP 69 Port)

Telnet= Terminal Emuletion Command line (TCP 23)

SMTP= Email delivery (TCP 25)

SNMP= Network Manamgement Protocol. (UDP 161)

DHCP= Assign IP address automatically

DNS= Name to IP resolution (Both TCP, UDP 53)


TCP 3 Way HandShake


LAN Traffic Types


  • Unicast (one to one communication)
  • Broadcast (one to any Communication)
  • Multicast (from one to Subnet of users)

Address Translation


Inside local address =IP address assigned to a host on the inside network

Inside global address= A public IP address assigned by the ISP that represents one or more inside local IP addresses to the outside world.

Outside global address = IP address assigned to a host on the outside network

Outside local address = IP address of an outside host as it appears to the inside


When a host on an Ethernet LAN has information to send, the following steps are taken:1. A device with a frame to send listens until Ethernet is not busy CSMA/CD.
2. When the Ethernet is not busy, the sender begins sending the frame.
3. The sender listens to make sure that no collision occurred.
4. Once the senders hear the collision, they each send a jamming signal, to ensure that all
stations recognize the collision.
5. After the jamming is complete, each sender randomizes a timer and waits that long.
6. When each timer expires, the process starts over with step 1.

MAC Address

  • Layer 2 address
  • Hexa Decimal Formate
  • 48 Bits = 24 bits of Vandor ID + 24 bits of Unique ID


Wireless

IEEE 802.11a: 54 Mbps in the 5.7 GHz ISM band
IEEE 802.11b: 11 Mbps in the 2.4 GHz ISM band
IEEE 802.11g: 54 Mbps in the 2.4 GHz ISM band

IEEE 802.11n: 300 +Mbps in the 2.4 and 5GHz ISM band


Wireless Security


  • WEP (Basic Enryption , not good)
  • 802.1x EAP (Use dynamic Keys, User authentication)
  • WPA WiFi Protected access
  • WPA2 (Most Strongest uses AES for Encryption)

Configuring Port Security on Switch


SwitchX(config)# interface fa0/5

SwitchX(config-if)# switchport mode access

SwitchX(config-if)# switchport port-security

SwitchX(config-if)# switchport port-security maximum 1

SwitchX(config-if)# switchport port-security mac-address sticky

SwitchX(config-if)# switchport port-security violation shutdown



Keypoints

  • Switches increases the number of collisions domains in the network
  • Switches are multiport bridges that allow you to create multiple broadcast domains
  • Switches and bridges work on L2
  • Primary functions of a router are: Packet Switching and Path Selection
  • A straight-through cable is used to connect two different devices
  • Layer 4 functions are error recovery and flow control
  • Transport layer provides reliable networking via acknowledgments, sequencing,
    and flow control.
  • HTTPS is the secured version of the HTTP application, which normally uses 128 bit SSL
    encryption to secure the information uses port 443
  • VOIP systems utilize UDP because it is faster and uses less overhead
  • Spanning-Tree Protocol (STP) is a Layer 2 protocol
  • STP is used to avoid switching loops
  • CDP is a device discovery protocol that runs over Layer 2
  • Crossover cable is used to connect two of the same device types
  • 100BaseT (UTP, STP) has a distance restriction of 100 meter or 328 Feet
  • IEEE 802.3z standard describes 1000BASE-SX (Gigabit Ethernet)
  • Switches forward broadcast but routers do not forward broadcasts (by default)
  • RIPv2 carries subnet mask information allowing for VLSM
  • For point to point Link /30 IP address is used.
  • Network Address Translation (NAT) can be used to hide the private IP addressing
  • NVRAM-Nonvolatile RAM stores the initial or startup configuration file.
  • 0x2102, is the normal config-register