Today I started a new Path, Pre-Security, a stepping stone to start learning the basics. Too much theory, but you need a solid base to go #FromZeroToHacker.
| Table of contents |
| Introduction |
| What I have learnt today? |
| Stats |
| Resources |
Introduction
Yes, I want to hack everything in sight, but to do so you need to know how computers and networks work. So let’s start with the Pre-Security TryHackMe path!
What I have learnt today?
Different concepts, such as:
Network
A network can be formed by just 2 devices to billions. Laptops, phones, computers, traffic lights and more. We can use it to gather data for the weather, talk to friends, read a newspaper…
Internet
The internet is one giant network that consists of many smaller networks within itself.
The first iteration of the Internet was the ARPANET project in late 1960 but wasn’t until 1989 that the Internet was invented by Tim Berners-Lee
To communicate, devices must be identified and identifiable on a network. As we humans are identifiable by our name and fingerprints, devices are by an IP Address and a MAC (Media Access Control, something like a serial number).
IP Addresses
An IP (Internet Protocol) Address can be used as a way to identify a host on a network.
MAC Address
Devices on a network will all have a physical network interface. This network interface is assigned a unique address at the factory, something called MAC (Media Access Control) address. The MAC address is a twelve-character hexadecimal number split by two’s and separated by a colon.
MAC addresses can be faked or “spoofed”. This spoofing occurs when a networked device pretends to identify as another using its MAC address. For example, a device could fake a MAC address to access a network that is barred for most of the MAC addresses.
Ping (ICMP)
Ping uses ICMP (Internet Control Message Protocol) packets to determine the performance of a connection between devices. The time taken for ICMP packages traveling between two devices is measured by ping:
Intro to LAN
Local Area Network (LAN) topologies
Star topology
Devices are individually connected via a central networking device. Is the most commonly found today because of its reliability and scalability, despite the cost.
Pros:
- More scalable
Cons:
- More expensive
- The more it scales, the more maintenance is required
- If the centralised hardware fails, all devices fail.
Bus topology
Devices are connected to a single connection called ‘backbone cable’, similar to the leaf of a tree.
Pros:
- Easier and better cost-efficient
Cons:
- Prone to become slow and bottlenecked if all devices require data
- Difficult troubleshooting
- No redundancy in case of failures: If the backbone cable fails, all devices are blind
Ring topology
Devices are connected to each other, forming a loop. The data is sent across the loop until reaches the destined device, using other devices along the loop to forward the data.
Pros:
- Little cabling
- Less dependence on dedicated software compared to star topology
- Easy to troubleshoot
- Less prone to bottlenecks
Cons:
- Not an efficient way to send data across the network
- A faulty cable or broken device brings the whole network down
What is a Switch?
Switches are dedicated devices within a network that are designed to aggregate multiple devices (such as computers, laptops, printers, etc.). Normally, switches are found in larger networks such as businesses, schools o similar-sized networks.
Switches are more efficient than hubs, as they keep track of what device is connected to which port.
What is a Router?
It is a router’s job to connect networks and pass data between them, by routing (hence, the name).
Routing is the name given to the process of data traveling between networks.
Subnetting
Subnetting is the term given to splitting up a network into smaller networks within itself.
Subnetting is achieved by splitting up the number of hosts that can fit within the network.
An IP address is made up of four octets. Subnets use IP addresses in three ways:
- Identify the network address (identifies the start of the actual network and is used to identify a network’s existence)
- Identify the host address (used to identify a device on the subnet)
- Identify the default gateway (a special address assigned to a device on the network that is capable of sending information to another network)
Subnetting provides a range of benefits, including:
- Efficiency
- Security
- Full control
An example of this is the typical café or pub on the street. This place has two networks:
- 1) One for employees, cash registers, etc.
- 2) One for the general public to use as a hotspot
Subnetting allows us to separate these two use cases from each other.
The ARP Protocol
If we have a MAC address and an IP address, is thanks to the ARP (Address Resolution Protocol). The ARP allows a device to associate its MAC address with an IP to the network. Each device on a network will keep a log of the MAC addresses associated with each device.
Devices use the ARP to find the MAC address of a device it wants to communicate with.
How does ARP work?
Each device within a network has a ledger to store information, called ‘cache’. This cache stores the ID of each device within a protocol. To map MAC addresses with IP addresses, the ARP sends two messages: An ARP request and an ARP reply.
When an ARP request is sent, a message is broadcasted to every device within a network, asking for a MAC and IP address match. If the device does have the requested IP address, an ARP reply is sent to the initial device, storing the pair within its cache (an ARP entry).
The DHCP Protocol
IP addresses can be assigned manually or automatically. When in the second case, it is done by the DHCP (Dynamic Host Configuration Protocol) server.
When a device connects to a network, if it has not been assigned an IP address yet, it sends a DHCP request (DHCP Discover) to see if there is a DHCP server. The DHCP server replies back with an IP Address that the device can use (DHCP Offer). The device, then, sends a confirmation (DHCP request), and lastly, the server acknowledges the transaction (DHCP ACK):
Stats
Yesterday I ended 557.430th in the ranking, but after today’s lesson, I climbed to 397.489th. Now I’m in the top 20% of TryHackMe!
Here is also the Skill Matrix:
Resources
All resources are from TryHackMe:
