Networking and Web Basics for Cybersecurity
In 2022, where the digital world is progressing rapidly, the interaction between people over the internet is almost inevitable. There are times when we hear or experience servers getting crashed, unable to access certain websites, etc., so what is all this about? Let us learn some basics of networking and the web!
Networking Basics
A network is a system of interconnected devices that exchange data, meaning one can send or receive data on a network with other devices which are connected through either a wired or a wireless connection. A device can be anything that allows file transfer over the network; mobile phones, laptops, computers etc., are the devices we use daily to communicate with others over the network. The internet is a worldwide network of computers comprising several networks. It is a network of networks.
All devices over the internet communicate using specific protocols and rules. Some servers provide data, and clients receive them. This means that some computers in the network are servers which provide services to other computers which use these services and are called clients. The servers getting crashed refers to some error while using the services provided by that server to the clients. No data can be transferred without adhering to specific rules, generally called protocols in networking.
IP Address
An IP (Internet Protocol) address is used to communicate and transfer data between devices over a network. Without an IP address, you cannot transfer data over the internet. Let us understand a bit about IP addresses.
There are two types of IP addresses:
- Private IP addresses of a device are used for communication within the network.
- Public IP addresses are provided by the ISP (Internet Service Providers) to transfer data within the network.
An IP address consists of 4 octets, each ranging from 0–255 (255 excluded), for example, 192.111.34.122. As mentioned above, there are two types of IP addresses, one of the device itself (private) and the other provided by the ISP (public).
Example
Suppose, I wish to send a PDF file to my friend through email. The Public IP address of my device and my friend’s device would already be registered on a particular server that allows us to send an email. After receiving my request, the server will verify my IP address by looking into its database, verify my friend’s IP address (private IP address), and send the email.
This is just an overview of how IP addresses are used to transfer data over the internet, there are several other things to take into account but that is beyond the scope of our current discussion.
Recently IPv6 numbers are also coming into the picture, consisting of 8 hexadecimal numbers. Due to their long range of numbers, it is considered much safer, but practical applications are still limited.
MAC Address
MAC (Media Access Control) address is used to identify a device by the NIC (Network Interface Controller) over a network. It is a twelve-character hexadecimal number consisting of 6 pairs separated by colons. The first three parts contain the number associated with the company that made the network interface. In comparison, the last three parts of the MAC address are unique to a device. MAC addresses are unique to a device and are used to track a device in case of a cyber attack, as IP addresses can be duplicated, and proxy servers can be used to carry out an attack.
Networks are arranged in different topologies like a star, ring, bus, etc. Still, those require further understanding of networking concepts and can be skipped for now.
Web Basics
Requests
Now that we have a basic understanding of a network and how it works, let us learn how websites generally work. A web server allows four kinds of requests:-
- GET request — The client uses this to obtain information from the web server. E.g., Download a PDF/image.
- POST request — The client uses this to submit data to the server and potentially create new records. E.g., Creating an account on a website.
- PUT request — The client uses this to submit data to the server to update information. E.g., Updating profile information.
- DELETE request — The client uses this to delete information/records from a web server. E.g., Delete a post from a website.
URL Structure
To access web servers, we need web browsers that allow us to access websites through URLs (Uniform Resource Locator). A basic URL has the following structure:-
- HTTP is a protocol designed for communication between web browsers and web servers.
- user:password contains the user profile information stored on the website.
- example.com is a domain name for the server. The length of a domain name can be, at most, 253 characters.
- 3000 is the port through which we are accessing the request.
- view-file is the path on the server which we are trying to access.
- The rest of the components include a query string and a fragment tag which may or may not be present in every request.
Basic Commands
Try the following commands in your Linux terminal:
ping — this command is used to learn more about our network connection details (speed, signal strength, etc.)
ping 192.121.23.7 #IP address/ website URLcurl — this command enables data transfer over various network protocols. It communicates with the web server by specifying the relevant URL for sending /receiving data.
curl google.comSSh — (Secure Shell) this command allows us to establish a secure encrypted connection between two hosts over an insecure network.
ssh <username@<URL> -<port>wget — This command helps us download files directly from the command line.
wget google.comAlthough we use several other commands to analyze a web server and establish a connection, they require a more profound understanding of the topic.
Conclusion
I hope that we have a basic understanding of how networks and the web work. We learned what IP addresses and MAC addresses are and how a network is established and managed using them. We also learned some basics of the web and various kinds of requests we can make on a web server. We also learned some commands we can try out on the command line involving web servers.
Blog by Sanjit Vyas, The Programming Club, IIT Indore
