Network Fundamentals — Part 1

LumberJohn
HackingMill
6 min readFeb 15, 2022

--

In this post, I will be talking about some network fundamentals one should have when studying cybersecurity. There will be another post that talks about protocols and another that will talk about how to exploit certain common services. Now with the intro out of the way, let’s begin.

When someone starts studying networking, almost always the first thing that is explained is the OSI model. The most important thing to know about the OSI model is that it is a conceptual framework used to describe the functions of a network system. More easily, it provides a standard for different computer systems to be able to communicate with each other.

As you can see it’s divided into seven layers, each with its own function.

  • 1. Physical — the physical layer is what represents the physical hardware components, such as cables and switches. Here occurs the transmission and reception of raw bitstreams, where it converts the digitals bits into electrical, radio, or optic signals.
  • 2. Data Link — it’s very similar to the physical layer, the difference being that the data transference happens between two devices on the same network. It takes packets from the network layer and breaks them down into frames.
  • 3. Network — provides functional and procedural means of transferring packets from one node to another one on a different network. It breaks segments received from the transport layer into smaller units called packets. It also has the job to find the best physical path for the data to reach its destination, this is called routing.
  • 4. Transport — is responsible for communication end-to-end between two devices, flow control, and error control. It receives data from the session layer and breaks it down into segments before sending them to the network layer. Flow control determines the optimal speed of transmission to ensure that the connection isn’t overwhelmed, error control ensures the data received is complete. It uses the two most famous protocols of networks, the TCP and UDP.
  • 5. Session — as the name says, it creates sessions between two computers for communication. It guarantees that the session is opened long enough to transfer all the data, and then close the session without wasting resources. It also creates “checkpoints” when the data is large to permit that the transfer resumes if there is a crash, instead of starting over.
  • 6. Presentation — the primary job of this layer is to prepare the data so that it can be used by the application layer, this includes translation, encryption, and compression of data.
  • 7. Application — it’s the only layer that interacts directly with the user. Here there are protocols and rules about how the user can interact with the data. Its functions include identifying communication partners, determining resource availability, and synchronizing for communication.

In simpler terms, layers 1 and 2 verify and validate the data, layer 3 manages IP addresses and guarantees the data is sent to the correct user, layer 4 controls the viability of a certain link by means of flux control or segmentation, layers 5, 6, and 7 connect the server to client, organizes data and verifies to each application the data goes.

Because this post is about fundamentals and I already mentioned them, this next small (I hope) section is about packets and frames.

A packet is the basic unit of communication between a source and a destination in a network. The data sent is divided into packets that are recombined by the destination devices. The main difference between a packet and a frame is the association with the OSI layers. A packet is the unit of data in the network layer, a frame is in the data link layer.

The above image has the fundamental information about them, and what distinguishes them.

It’s only logical that after mentioning packets and frames I should explain the concept of encapsulation.

In networking, encapsulation is a process where some extra information is added to the data to add some features to it. Usually, a lower-layer protocol receives the data and places it into a data portion of its frame.

This next image shows the core concept of encapsulation, and the workflow when creating a packet to send.

This idea of layers and encapsulation exists to provide some flexibility. We can make changes to the hardware without the network layer and above knowing what is happening. If it was all one layer, making changes like upgrading a network card would be much more difficult.

A good analogy to understand the need for layering and encapsulation is the following. Imagine you are sending a present to a friend abroad, you first wrap the present, add the address, give it to the post office, then the post office puts it on a plane, and when it reaches the country, the post office there sends it to the correct address. This is nothing more than a process of encapsulating, adding a header, sending the data, and decapsulating.

To keep this post short, the last thing I want to talk about is IP and MAC Addresses. I will start with MAC, or Media Control Address.

In a computer, exists a device called NIC, or Network Interface Card, which is a simple circuit card that makes it possible for a computer to connect to a network. A MAC is a unique universal address for a NIC and is linked to the hardware of network adapters. It is also called a physical address.

A MAC is composed of 48 bits, 6 pairs of 8 bits (two characters) separated by a colon (:). In this example, when A wants to send a message to B he creates a packet with the IP of B and the MAC of the switch. When the switch receives the packet, he checks the IP and changes the MAC to that of B. A MAC address to know is the address FF:FF:FF:FF:FF:FF that is the broadcast address, which means that a packet that has this address is delivered to all hosts on the local network.

An IP (Internet Protocol) address is a unique address that identifies a device on the Internet, it contains location information and makes the device accessible for communication. The internet uses them to differentiate between different computers, routes, and websites.

In this post, I will only talk about IPv4, which is the most common way of seeing IP addresses but I encourage you to search and learn about IPv6.

As you can see in the image above, an IP address is composed of 32 bits, 4 segments of 8 bits separated by a dot (.), usually depicted in decimal format (0–255). Each segment is called an octet.

There are a couple of special IP addresses that should be known:

  • Privates: these stop users external to the network from making a connection directly to a device in the network. They can be (x can be any valid number):
    - 10.x.x.x
    - 172.16.x.x — 172.31.x.x
    - 192.168.x.x
  • Loopback: these are used to send messages back to me:
    - 127.x.x.x
  • APIPA (Automatic Private IP Address): these are used when the computer can’t connect to the DHCP server (a server that automatically assigns IP addresses to devices):
    - 169.254.x.x

Well, this is all I wanted to talk about in this post. There will be a second part where I talk about other fundamentals like switches, port forwarding, VPNs and so. Also on this topic of networking, I’ll also make a post talking about some common protocols, services, and tools.

--

--