Network Services

Network Services:
In this section We will learn about the service that can run on the network like DNS,DHCP, NAT etc. We will also learn about the SDN which means that program written
In any language automatically configure the network devices.

    1. VPN:

VPN stands for Virtual Private Network.VPN is used when there are muliple office of an organization and when we interconnects these offices then data transmits through various routers and internet service providers. So in this case we need Private network and then we configure VPN. VPN helps us to transmit data in Encrypted form over the internet.
                Types of VPN:
                    Site to Site VPN:
In site to site VPN we just configure the VPN on the receiver and sender side router. If there are multiple devices between these routers then only the sending and receiving router is responsible for data encryption. Each router is considered as an end point of the tunnel.
                    Remote access VPN:
Remote access VPN is used in the situation when the user wants to connect the network with home while travelling or in other situations like this. So the user machine has some sort of VPN client to connect to the home network securely. Some operating systems provide the VPN client built in.
                    Protocols Used in VPN:
                    IPsec:
IPsec provides the facility of encapsulation of data flowing through the network. Advantages of using the IPsec is that it provides the confidentiality through the encryption, it provides integrity using hashing algorithms, and it provides the authentication and anti-replay protection.

    1. DMVPN:

Dynamic Multipoint VPN helps to transmit the traffic in Hub-spoke topology. When organization have multiple office then DMVPN is used to connect the One office with other. DMVPN is either configured on head office router so that All the other offices connected to the head office through VPN.The technology that helps us to configure the DMVPN is mGRE(multipoint Generic Routing Encapsulation)

    1. Voice Services:

Nowadays when we want to call the number with extension then a SIP(Session Initiation Protocol) is used the caller sends the SIP packet to the call agent and the call agent makes the session with the receiver.On the other hand if we know the ip address of the phone then the protocol used to initiate the call is RTP(Real Time Transport Protocol).


    1. DHCP:

Dynamic Host Configuration Protocol helps us to provide IP addresses to the host. We can configure the static IP address if we have a small number end point about to 10 to 20. On the other hand if we have thousands of end points and configuring the thousands end points is difficult and a hectic process so DHCP helps us to provide IP addresses to those thousands of end points. When any endpoint needed IP address the following process takes place.

In the above picture if laptop B wants to communicate with DHCP server then router discard the packet because laptop B is on a different subnet. so a DHCP relay agent or IP helper helps to forward the packet to the DHCP server.

DHCP Features:

  • MAC reservation

  • Pool (a.k.a scope)

  • Scope options like TTL

  • Lease Time

    1. NAT:

In organizations there are a lot of devices working so each device must have an IP address so it is difficult to assign multiple public IPs to each device. Organizations have 1 or 2 public IPs that are used to communicate to the internet. So NAT helps to translate the private IP to their public IP and voice verse.

    1. NTP:

Network Time Protocol allows network devices like routers, switches to synchronize their clocks. This helps in troubleshooting for example if we are monitoring logs of routers and switches for specific events.

    1. SDN:

Software Defined Network uses virtualization technologies to route traffic instead of using hardware routers and switches. It separates the data planes and control planes within a network. SDN separates the logic used to forward or block traffic(data plane) and the logic to identify the path to take. (Control plane).

Comments

Post a Comment

Popular posts from this blog

Analyzing Spear Phishing Email

Image
Phishing is the technique of fraudulent attempt by the attacker to obtain sensitive and confidential information i.e. Credentials, PII information, credit card, bank details. It can also be targeted attack to focus on the specific organization of individual. The attacker often tailors an email to speak directory to targeted user. There are many types of phishing as follow. I wouldn't explain the types. You can read Here . In this article you'll learn how to analyze the sophisticated phishing email. So, Let's start the case study to explain.  Spearphising :  Spearphising is the technique in which attacker aims at one person and lures him/her into providing confidential data. Attacker compile the email according to the specific user. The email would consist some of the target's email, username, designation.  Case Study: User receive the spearphising email containing the PDF attachment with double extension. Email body contains the unprofessional statement "Kindly m
Read more

Cyber Threat Intel

Image
What is Cyber Threat Intel? Threat intel is the information about the threats. Cyber threat intel is used to better understand, predict and adopt to the behavior of malicious actors. It plays an important role in preventing the zero-day attacks. " Threat information that has been aggregated, transformed, analyzed, interpreted, or enriched to provide the necessary context for decision-making processes " (NIST). Threat Intel life Cycle: Intelligence lifecycle is the process of developing raw information into finished intelligence for policymaker to use in decision making and action. CTI Life Cycle Planning and Direction Planning and direction helps in setting up the goals for the threat intel program. Priorities and requirements are defined in this phase. Collection: Collection means gathering of data to produce the finished intelligence. Data includes logs(Firewall, IPS/IDS, Endpoints), threat feeds and OSINT(reports, social media, public forums). Collection Types of Collectio
Read more

Authentication Services

Image
  Authentication Services: In this section we will discuss the authentication services. The main goal of these services are to ensure that unencrypted credentials are not sent across the network. In other words they ensure that credentials are not sent in clear text. Kerberos: It is a network authentication mechanism mostly used in both windows active directory domain and some Unix environments. Kerberos provides mutual authentication that can help prevent MITM attacks and uses tickets to help prevent replay attacks. Working of Kerberos: The KDC(key distribution center) uses a complex process of issuing TGTs(Ticket granting tickets) and other tickets. The KDC packages user credentials within the ticket. Tickets provide authentication for users when they access resources such as files on the file server. These tickets are sometimes referred to as tokens. NTLM: New Technology LAN Manager is a suite of protocols that provide authentication, integrity, and confidentiality within windows sy
Read more