A wide knowledge of networking is important for learning how to perform ethical hacking. This book offers very little scope for learning networking in a wider sense, as I don’t want to deviate from the original plan of you learning how to use Kali Linux hacking-related tools. However, you must accept the fact that the security layer starts at the top with networks or communication links. Therefore, network security is extremely important to ethical hackers.
In this chapter, I will give a brief introduction to how networking works, and as you progress with ethical hacking and Kali Linux, you’ll want to learn more about networking on your own. Ethical hacking and networking are closely related.
Networking Layers
Data travels through many layers. Once ethical hackers understand these layers, they can understand the movement of data and therefore track and block data or retrieve data.
You can easily create a computer network by hooking together all the computers with cables using the computer’s network interface. This interface is an electronic circuit that resides inside the computer and has a special jack on the computer’s backside. You need to tweak a few simple settings in the computer’s operating system, and the network will start working. If you don’t want to use cables, you can create a wireless network; in this type of network, the computers work via a wireless networking adapter.
All modern laptops have a built-in wireless adapter, but for desktop computers, you need to buy a separate wireless network adapter that plugs into the computer’s USB port. To connect many computers with a network cable, you need a central device called a switch . This switch manages the “sharing.”
Networking is all about sharing three things: files, resources, and programs.
In this chapter, you’ll see how internetworking models work. You will look into the different types of networking models. You will also learn about the devices that comprise a network.
How devices send and receive data from web servers through the Internet
You can conclude that a network primarily connects users so they can use these services. That is a network’s first job. Its second job is also important. A network always maintains a system so that the devices allow the users to share the resources more efficiently.
A security chart and the related categories
As you see in Figure 4-2, networking tops the chart. The ebb and flow of the security starts at the top, it gradually comes down, and it disintegrates in a shower of fragments and branches. This network has many complexities. I’ll cover them briefly.
Generally, a problem becomes obvious when the term networking surfaces. This is not a trivial problem. Think about it: the hardware and software manufacturers don’t know each other. They might even be in different countries, with diverse cultures.
When networking first came into use, it was found that the hardware and the software weren’t matching up. This became a problem.
As I mentioned, a network is a collection of devices. These devices mainly consist of hardware and software that are talking in different languages. Therefore, they needed to find a common solution.
To solve this problem, a common network model with communication functions was needed so that dissimilar devices could interoperate.
Internetworking Models
The importance of internetworking models is clear. First, they encourage interoperability. Second, they provide a reference to which data will be communicated. Third, they facilitate modular engineering.
The Open Systems Interconnection (OSI) reference model
The Transmission Control Protocol/Internet Protocol (TCP/IP) model
OSI
Application (layer 7)
Presentation (layer 6)
Session (layer 5)
Transport (layer 4)
Network (layer 3)
Data link (layer 2)
Physical (layer 1)
Seven layers of the OSI model
Let’s briefly try to understand how this model works.
Suppose a user tries to open a web page. The first thing he does is send a request to the server that is located several thousand miles away. Here the server’s hard disk or hardware is the last layer (layer 1), which is termed physical. So, the user’s request first knocks on the application layer (7) door, which is the nearest, and then it proceeds.
Every process in each layer involves a complicated “bits and bytes” functioning. A computer only understands zeros and ones.
Let’s break the process into more detail.
In the application layer (7), the user interacts with the device, which could be a personal computer or smartphone or anything you might think of. So, the application layer basically handles the user’s interaction. The name of the datagram is data. The user requests the data and ultimately retrieves the data. What happens when the user sends a request from layer 7?
The request enters the next layer (6), which is the presentation layer. The process of encapsulation starts. Data is formatted and encrypted. Next, layer 5, which is the session layer, enters the scene. This layer manages the end-to-end communication. Suppose you type a password and log into your social media account. This layer maintains the end-to-end (user-to-server) communication so that you can remain logged into your page. Up until this layer, the name of the datagram is data.
To assist you in maintaining your session, the next three layers work very hard. They are transport (layer 4) , network (layer 3), and data link (layer 2). The name of the datagram at the transport layer is segment. Why this is called segment? It is called segment because it breaks your request into several fractions. First, it adds source and destination port numbers. Next, it tries to make it reliable by adding sequence numbers. So, in a nutshell, it provides flow control, sequencing, and reliability.
What happens next?
Your request enters layer 3, which is called network . The name of the datagram is now packet. This layer adds source and destination IP addresses. It also helps your request find the best path to reach the destination.
Now your data request has almost reached the final stage. It enters into layer 2, which is the data link layer. It is nearing the endpoint, which is the server’s hardware. So, this layer adds source and destination Media Access Control (MAC) addresses. Next, it goes through Frame Check System (FCS) processes. It checks frame by frame whether the source requests have reached the right destination. That is why the datagram is known as frame.
It now enters its final destination, which is layer 1, or the physical layer. There are only bits over the physical medium. The name of the datagram is now bits and bytes.
Imagine a small office with one router, two switches, and a few desktops, laptops, printers, and servers. The router is connected to the switches, and the switches are connected to the devices such as desktops, laptops, printers, and servers. Here desktops, laptops, printers, and servers belong to layer 1, which is physical. The switches belong to layer 2, which is data link, and the router fits in layer 3, which is network.
Routers are layer 3 devices and perform a few definite tasks. They do packet switching, packet filtering, and provide a path of selecting and finally communicating. The task of packet switching involves the process of getting a packet to the next devices. Here the next devices are the switches. Packet filtering suggests in its name what it does. It either permits or blocks packets depending on certain criteria. Path selecting is determining the best path through the network to the destination. Communication is another important part of this layer. Routers communicate with other networks like the Internet.
Between routers (layer 3 devices) and the end application (physical layer 1) devices, there are switches, which are layer 2 devices. In some cases, switches perform the task of layer 3 devices. Switches basically deal with frame filtering and forwarding. They also maintain the connection between layer 3 and layer 1.
TCP/IP
Application layer
Transport layer
Internet layer
Network access layer
The network access layer corresponds to a combination of the data link layer and physical layer of the OSI model. Different authors interpret the TCP/IP model differently, where the network access layer is split into two: the link layer and the network access layer. Anyway, they both correspond to the physical layer. This turns the TCP/IP protocol into five layers.
The session and presentation layers of the OSI suite are considered to be the application layer of the TCP/IP model.
The Internet layer of TCP/IP corresponds to the network layer of the OSI model. Protocols like IP belong to this layer, and they are responsible for delivering packets from the source to the destination.
The transport layer of the TCP/IP suite corresponds to the same transport layer of the OSI model. This layer assures that the end-to-end communication is error free.
Further Reading
Networking for Dummies, tenth edition, by Doug Lowe. Part Two: Setting up a network.
TCP/IP Protocol Suite, fourth edition, by Behrouze A. Forouzan, Chapter Two: The OSI Model and the TCP/IP Protocol Suite.
TCP/IP Illustrated, Volume One, by W. Richard Stevens, Traceroute Program, and IP Routing.
TCP/IP Illustrated, Volume One, by W. Richard Stevens, Other TCP/IP Applications.