Network Fundamentals & Classifications
What is a Network?
Computer Network: A collection of computers connected together to enable data transfer from machine to machine, allowing users to share resources (like printers), exchange messages, save time, and reduce costs.
The need to share information and resources among different computers has led to linked computer systems called networks. Without networks, each computer would be an isolated island of data.
Network Classifications by Scope
| Type | Scope | Size | Example |
|---|---|---|---|
| LAN (Local Area Network) |
Single building or campus | Small | University computers in a building |
| MAN (Metropolitan Area Network) |
City-wide | Medium | Corporate networks across a city |
| WAN (Wide Area Network) |
Multiple cities/countries | Large | Internet, corporate global networks |
Cybersecurity Perspective: Network Perimeters
Understanding network scope is crucial for security architecture:
- LAN Security: Focus on internal threats, insider attacks, and physical access control
- WAN Security: Requires encryption, VPN tunnels, and perimeter defenses
- Boundary Protection: Firewalls are placed at network boundaries to control traffic flow
- Zero Trust Model: Modern security assumes no trust based on network location alone
Network Topologies
Network Topology Definition
Network Topology: The pattern in which machines are connected to form a network. It defines both the physical layout and logical communication paths.
🚌 Bus Topology
All machines connect to a common communication line called a bus or backbone.
- Communication: Machines communicate directly on the shared medium
- Historical: Popularized in the 1990s under Ethernet standards
- Failure Point: If the main bus fails, the entire network goes down
- Cable Type: Coaxial cable historically used
Security Concern:
Bus topology uses shared medium - all devices can potentially see all traffic (like a hub), making eavesdropping easier without switching.
⭐ Star Topology
One machine serves as a central focal point (Access Point) to which all others connect.
- Communication: All traffic passes through the central device
- Popular: Currently popular in wireless networks (WiFi)
- Central Device: Access Point (AP) or Switch manages connections
- Failure Resilience: If one connection fails, others remain operational
Security Concern:
The central device is a single point of failure and compromise. If the AP/switch is hacked, all traffic can be intercepted.
Key Difference:
The difference between Bus and Star is not just physical arrangement. In Bus, machines communicate directly on the shared medium. In Star, machines communicate indirectly through an intermediary central machine (Access Point).
Network Interconnection Devices
Connecting Networks Together
To create extended communication systems, networks are connected using specialized devices that operate at different layers of the network architecture.
🔁 Repeater
The simplest device that passes signals back and forth between two buses.
- Operates at the physical layer (Layer 1)
- Amplifies or regenerates signals to extend distance
- No intelligence - forwards everything
- Does not filter traffic
🌉 Bridge
More complex than a repeater. Connects two buses but filters traffic.
- Operates at the data link layer (Layer 2)
- Looks at destination MAC addresses
- Only forwards messages destined for the other side
- Reduces unnecessary network traffic
🔀 Switch
Essentially a bridge with multiple connections.
- Connects several buses (spokes)
- Considers destination of all messages
- Forwards only to the appropriate spoke
- Creates separate collision domains per port
🛣️ Router
Special-purpose computer for forwarding messages between networks with incompatible characteristics.
- Operates at the network layer (Layer 3)
- Maintains forwarding tables (routing tables)
- Connects different network types (WiFi to Ethernet)
- Performs Network Address Translation (NAT)
How Routers Work
Routers provide links between networks while allowing each network to maintain its unique internal characteristics.
Step 1: Machine sends message to its Access Point (AP)
Step 2: AP sends message to associated Router
Step 3: Router forwards to Ethernet network's router
Step 4: Message reaches destination machine
Note: Each machine has two addresses - its original address within its own network and its internet address (IP).
Router Security Implications
- Routing Table Poisoning: Attackers can inject false routes to redirect traffic
- Default Credentials: Routers often ship with default passwords that must be changed
- Man-in-the-Middle: Compromised routers can intercept and modify traffic
- ACLs: Access Control Lists on routers provide basic firewall functionality
Communication Models: Client/Server vs P2P
Client/Server Model
Client: Process/machine that makes requests of other processes
Server: Process/machine that satisfies/responds to client requests
Examples:
- Print Server: Shared printer on network
- File Server: Central storage for organization records
- Web Server: Delivers web pages to browsers
Characteristics:
- Centralized control and management
- Single point of failure (server)
- Better security control
- Easier to backup and maintain
Peer-to-Peer (P2P) Model
P2P: Machines can act as both client and server simultaneously. No central authority.
Examples:
- Instant Messaging: Written conversations over internet
- File Sharing: Music, video distribution (BitTorrent)
- Skype/VoIP: Voice communication
Characteristics:
- Distributed architecture
- No single point of failure
- Collection of peers called a "swarm"
- More difficult to secure and monitor
Security Model Comparison
- Client/Server: Easier to implement security policies, authentication, and logging at the central server
- P2P: Harder to control as every peer is autonomous. Risk of malware distribution and anonymous attacks
- Hybrid Approaches: Many modern systems use both models (e.g., cloud services with local P2P sync)
Internet Addressing & DNS
IP Addressing
IP Address (Internet Protocol): Unique numerical identifier for every machine on the internet. Originally 32-bit (IPv4), now expanding to 128-bit (IPv6).
Dotted Decimal Notation: IP addresses are written with bytes separated by periods:
Binary: 11000000.11001111.10110001.10000101
Each byte (0-255) represents 8 bits of the 32-bit address
| Version | Bits | Address Space | Example Format |
|---|---|---|---|
| IPv4 | 32 bits | ~4.3 billion addresses | 192.168.1.1 |
| IPv6 | 128 bits | 340 undecillion addresses | 2001:0db8:85a3::8a2e:0370:7334 |
Domain Name System (DNS)
Since humans prefer mnemonic names over numbers, the Internet uses an alternative addressing system based on domains.
Domain: A region of the internet with a unique mnemonic domain name.
DNS (Domain Name System): Internet-wide directory system translating domain names to IP addresses.
Name Server: Servers that perform the translation (DNS lookup).
Structure: computer.organization.type
- Top-Level Domain (TLD): .com (commercial), .edu (educational), .org (non-profit), .ps (country code for Palestine)
- Sub-domains: Represent different networks within the domain (e.g., comp.nowhere.edu)
- Registration: Handled by ICANN through registrars
r2: Specific computer name
comp: Sub-domain (computer department)
nowhere.edu: Domain (organization + TLD)
Addressing Security Threats
- IP Spoofing: Attackers forge source IP addresses to hide identity or impersonate trusted systems
- DNS Spoofing/Poisoning: Corrupting DNS caches to redirect traffic to malicious sites
- DNSSEC: Security extensions to DNS using digital signatures to verify responses
- Private IP Ranges: 192.168.x.x, 10.x.x.x are reserved for internal networks (NAT)
Internet Applications
📧 Electronic Mail (Email)
System for transferring messages among Internet users using mail servers.
- SMTP: Simple Mail Transfer Protocol - transfers mail between servers
- MIME: Multipurpose Internet Mail Extensions - converts non-ASCII data to SMTP-compatible format
- Structure: username@domain (e.g., NNN@ucas.edu.ps)
Security Concerns: Spam, phishing, email spoofing, lack of encryption in transit (mitigated by TLS)
📁 File Transfer Protocol (FTP)
Protocol for transferring files across the Internet.
- Allows uploading and downloading files
- Can provide limited access via passwords
- FTP sites host files for distribution
Security Concerns: Sends credentials in plaintext (use SFTP or FTPS instead)
📞 Voice over IP (VoIP)
Uses Internet infrastructure for voice communication similar to traditional telephone systems.
- Two processes transfer audio data via P2P model
- Examples: Skype, Zoom, Microsoft Teams
- Converts analog voice to digital packets
Security Concerns: Eavesdropping, call interception, toll fraud
Application Layer Security
All these applications operate at the application layer (Layer 7) and require specific security measures:
- Encryption: TLS/SSL for securing email, web, and VoIP communications
- Authentication: Verifying sender/receiver identities
- Integrity: Ensuring data isn't modified in transit
- Firewalls: Control which applications can communicate through network boundaries
World Wide Web & HTML
WWW Architecture
World Wide Web (WWW): A global web of hypertext/hypermedia documents residing on different machines, spanning the entire globe.
- Hypertext: Documents containing links (hyperlinks) to other documents
- Hypermedia: Expanded hypertext including images, audio, and video
- Web Page: Individual hypertext document
- Web Site: Collection of closely related web pages
Implementation Components:
- Browser (Client): Software that requests and presents materials (Chrome, Firefox, Edge)
- Web Server: Software containing hypertext documents to be accessed
- HTTP: HyperText Transfer Protocol - transfers documents between browser and server
Uniform Resource Locator (URL)
Unique address given to each document on the WWW consisting of four segments:
| | | |
Proto Domain Port Path
1. Protocol: http:// or https://
2. Mnemonic Address: www.example.com
3. Port Number: :80 (optional, default for HTTP)
4. Directory Path: Specific file location on server
If path is omitted, the server returns a predetermined home page.
HTML Basics
HTML (HyperText Markup Language): System of tags describing how documents should appear and behave on screen.
Document Structure:
<head>
Preliminary information (title, metadata)
</head>
<body>
Content to be presented
<h1>Heading</h1>
<p>Paragraph</p>
<a href="link">Link</a>
<img src="image.jpg">
</body>
</html>
| Tag | Purpose | Example |
|---|---|---|
| <h1> to <h6> | Headings (levels 1-6) | <h1>Title</h1> |
| <p> | Paragraph | <p>Text here</p> |
| <a href=""> | Anchor/Link | <a href="url">Click</a> |
| <img src=""> | Image | <img src="photo.jpg"> |
Web Security Considerations
- HTTP vs HTTPS: HTTPS uses TLS/SSL encryption to secure data in transit
- XSS (Cross-Site Scripting): Injecting malicious scripts into web pages viewed by other users
- SQL Injection: Attacking databases through web forms
- Input Validation: Always validate data received from web forms
- Session Management: Secure handling of cookies and session tokens
OSI Model Overview
The 7 Layers of OSI
The Open Systems Interconnection (OSI) model is a conceptual framework that standardizes network communication into seven layers. Understanding it helps in troubleshooting and securing networks.
| Layer | Name | Example Protocols/Devices |
|---|---|---|
| 7 | Application | HTTP, FTP, SMTP, DNS |
| 6 | Presentation | SSL/TLS, JPEG, ASCII |
| 5 | Session | NetBIOS, RPC |
| 4 | Transport | TCP, UDP |
| 3 | Network | IP, ICMP, Routers |
| 2 | Data Link | Ethernet, MAC, Switches, Bridges |
| 1 | Physical | Cables, Hubs, Repeaters |
Security at Each Layer
- Physical: Tamper-proof cables, secure facilities
- Data Link: MAC filtering, port security
- Network: Firewalls, IPsec, VPNs
- Transport: TLS/SSL, TCP Wrappers
- Session: Authentication tokens
- Presentation: Encryption, encoding checks
- Application: Input validation, application firewalls
Homework Assignment - Week 4
Submission Method: PDF document via Google Classroom
Instructions: Answer all questions. Show work for calculations.
Part 1: Network Fundamentals (30 points)
- Compare LAN, MAN, and WAN networks in terms of:
- Geographic scope (5 points)
- Ownership and management (5 points)
- Speed and latency characteristics (5 points)
- Explain the main difference between Bus and Star topologies, specifically regarding:
- Single points of failure (5 points)
- How devices communicate (direct vs indirect) (5 points)
- Security implications of each (5 points)
Part 2: Networking Devices & Protocols (35 points)
- Explain the difference between: (15 points)
- Repeater vs Bridge (Layer 1 vs Layer 2)
- Switch vs Router (Layer 2 vs Layer 3)
- When would you use a router instead of a switch?
- Compare Client/Server and P2P architectures: (20 points)
- List 3 advantages of Client/Server (5 points)
- List 3 advantages of P2P (5 points)
- Which is more secure and why? (5 points)
- Give 2 real-world examples of each (5 points)
Part 3: Internet Addressing & HTML (35 points)
- IP Address Conversions: (15 points)
- Convert 172.16.45.10 to binary
- Convert 11000000.10101000.00000001.00000010 to decimal
- What is the binary representation of the subnet mask 255.255.255.0?
- DNS Explanation: (10 points)
- What is DNS and why is it necessary?
- Explain the process of DNS lookup when you type www.google.com
- HTML Coding: (10 points)
- Write HTML code to create a web page with: Title "My First Page", Heading "Welcome", Paragraph "This is my first web page", and a link to https://www.ucas.edu.ps
- Explain the difference between HTTP and HTTPS (security perspective)
Bonus Question (10 points)
Research the OSI Model (7 layers). Create a table listing each layer, its name, and one example protocol or device that operates at that layer. How does understanding the OSI model help cybersecurity professionals?
💡 Study Tips:
- Use the Windows command
tracert(ortracerouteon Linux/Mac) to see how packets travel through routers - Open Chrome Developer Tools (F12) → Network tab to see HTTP vs HTTPS connections
- Practice binary conversions using the Windows Calculator in Programmer mode
Connecting the World, Securing the Future
Understanding how networks function is fundamental to cybersecurity. Every connection is a potential pathway for data - both legitimate and malicious. By mastering network fundamentals, you can better understand how to protect information as it travels across local networks and the global Internet.
The concepts learned this week - IP addressing, routing, and web protocols - form the foundation for advanced topics in penetration testing, network defense, and security architecture.
Continue to Week 5