• Welcome to ForumKorner!
    Join today and become a part of the community.

Comprehensive Guide to Networks / Systems

d4rkGO

Member
Joined
Dec 19, 2012
Posts
25
Reacts
0
Reputation
0
Credits
0
[I posted this on HF as well but the skids don't get it]

Hey guys,

D4rk Here, this is for anyone who's interested in the white, grey and black hat areas of networks and is for anyone who is wanting to advance their level of information.

So, little back story... I'm a (some may say) "famous" hacker myself with a HUGE backstory but a bit of looking into it and you'll see my mistakes, downfalls, victories and epic lulz...

Onto the actual guide.

Our 4 main goals for this Guide are -
  • Knowing the types of network systems and related standards
  • Understand the hardware and software used in networking
  • Knowing the services provided by network systems
  • Understand how networked systems are made secure.

Introduction / Brief Overview

Know the types of network systems and related standards

  • Types of network: local area network (LAN); wide area network (WAN); WAN technologies eg frame relay, ISDN, ATM; value added network (VAN);
  • logical and physical topologies eg star, bus, ring, mesh; network access methods e.g. CSMA, Token passing;
  • OSI 7 layer model; choice of network to meet business need
  • Network protocols and standards: e.g. TCP/IP, AppleTalk, UDP, 802.2, 802.3, FDDI, 802.5;
  • wireless technologies e.g. 802.11, infrared, Bluetooth; factors affecting range and speed of wireless technologies
    Application layer protocols: e.g. DNS, DHCP; HTTP; FTP; SMTP

Understand the hardware and software used in networking

  • Network devices: workstations; servers eg print, mail, file, web, proxy; others eg network interface cards (NIC); features and functions
  • Interconnection devices: eg modem, repeater, bridge, router, gateway, switch, hub; wireless access points; purposes, features and functions
  • Connectors and cabling: leased line; dedicated line; media types eg STP, Category 5, coaxial, UTP, fibre optic; wireless; microwave and satellite links; cable standards eg 10Base-T
  • Software: network operating system; virus checker; firewall; other eg email client
  • Commercial systems: eg Unix, Linux, Windows, Netware, Apples

Know the services provided by network systems
  • Directory services: eg account management, authentication management
  • Telecommunication services: communication eg email, internet relay chat (IRC), discussion boards; remote access eg via mobiles
  • File services: file transfer; file sharing
  • Application services: application software eg database, web, proxy; shared resources printing; storage space; Voice over IP (VoIP); mobile working; authentication eg users, hardware

Now, you've got what we'll be going over in this guide here's the explanations/descriptions part, we'll be covering sometings in complete details and others in less.. The main points will be pointed out and hopefully after this you'll be able to know all the basics of a Computer system and how to run/use a Network or if you get into 1 or even exploit holes in the system.

Directory Services
  • Network Operating System must offer:
  • Domain control – active directory
  • Account management for groups and users
  • Authentication management

    Domain Control or Active Directory
    • A system that is provided by NOS that provides controls over computers, servers, and services – Domain
    • Each domain is managed by domain controller and backup domain controllers
    • The domain controller is a complex database with details of all users’ account, all servers, and services, printers, file system, and permissions, backups, and addressing scheme – Active directory and it is constantly being changed and up dates are being sent to additional domain controllers i.e. backup

    Directory Services
    • Servers that are part of the domain, but don’t provide access to the directory, are MEMBER SERVERS. They rely on the domain controllers to manage access to their resources. A common example of this is an Internet proxy server.
    • A simple network system will have one domain controller and may have one additional supporting domain controller -Small to medium enterprise.
    • Large organizations will have multiple domains according to the region, department or business needs.
    • A team of network administrators manage the database – Active directory
    • Domain Name – Each domain is named according to the infrastructure of the organization and network administrator will issue names using a common sense principle.
    • E.g. What will be likely domain names for the company Widgets R Us, which has offices in Seattle, San Francisco and Madrid. The office at each site has three departments: finance, production and sales

    The advantage of using a directory services structure are:
    • Each section can be managed according to the specific business need.
    • Localised management means that the system can adapt with out the management of the whole network
    • Local management also allows part of the system to be backed and restore separately – any failure will have only local impact
    • new branches of an organisation can be added at any time - the network does not have to be redesigned to adapt to a change

    Internet e-commerce and secure web page
    • For secure web page, authentication is by the use of SSL. This requires a website to issue a security certificate, which is checked by the browser as part of exchange.
    • You can purchase DomainSSL Certificates for around $150/Year as well as a range of other SSL Certificates.

    Secure WAN connections
    • For secure WAN connections, routers use authentication method such as CHAP (challenge handshake Application protocol) or exchange updates using a MD5 hash (Message Digest) –
      (This is used across common communication system to ensure that no one attempts to add unauthorised equipment to join the system)

    Devices such as routers, servers, switches, and proxies
    • To manage many devices can be an issue for network administrator as this requires the creation and management of large number of usernames and password.
    • To coordinate this task, many systems have centralised authentication server, known as TACAC+ or RADIUS

    Wireless system
    • For wireless systems, WEP allows all members of the wireless system to share a common private key.
    • The wireless device can not join the system unless the WEP key is directly entered into the wireless settings for the mobile device.

    - Communication -

    IRC / Internet Relay Chat
    IRC is an older term for the various forms of chat used by many on the internet. Popular chat services --
    Chat operates using server which acts as relay for all conversions. Each member logs in and allows or refuses other users to create private conversion
    Many of the chat systems available also offer application sharing, video conferencing and remote assistance tools
    These feature enable professionals from many geographic location

    VoIP
    VoIP (Voice over Internet Protocol) is a great technology that allows you to make and receive telephone calls over the Internet and has been in the mainstream now for going on 9 years. It can also be referred to as an Internet Phone. VoIP(Voice over IP) enables you to make cheap telephone calls over a broadband Internet connection, (usually a DSL, broadband cable connection, or T1), instead of using your regular telephone service. You can connect to regular telephone numbers locally or in other parts of the US or Canada, or anywhere else in the world, usually all for one low price for US and Canada, eliminating long distance fees by using a VoIP service from an "Interconnected VoIP Provider", (which most VoIP providers are). In addition, you will usually have low international phone call rates to other countries. The savings can be substantial, with lower fees and taxes levied by traditional telephone carriers. Plus, most VoIP providers offer services with "unlimited" calling plans and an array of features all for one monthly fee.

    A requirement for a VoIP connection is a high speed internet connection, such as cable, DSL, T1, or even wireless, as long as the wireless provider's bandwidth meets the minimum requirements for the VoIP provider you choose and their connection is stable enough to offer a connection without packet loss and jitter.

    How does VoIP work?

    First, voice is converted by an ATA (Analog Telephone Adapter) or IP phone, from an analog signal to a digital signal. It is then sent over the Internet in data packets to a location that will be close to the destination. Then it will be converted back to an analog signal for the remaining distance over a traditional circuit switch (PSTN) (unless it is VoIP to VoIP). Your call can be received by traditional telephones worldwide, as well as other VoIP users. VoIP to VoIP calls can travel entirely over the Internet. Since your voice is changed to digital (so that it can travel over the Internet), other great features such as voice messages to email, call forwarding, logs of incoming and outgoing calls, caller ID, etc., can be included in your basic calling plan all for one low price. Many of these special features are great for the small business person who relies on their phone service to be more a information center rather than just a telephone.

    Transfer Protocols

    Remote Access
    As mobile devices have evolved, it is possible to access your primary computer system remotely via small graphic user interface applications such as MS terminal service, remote desktop and virtual network computing (VNC).
    Social networking on web browser, as well as mobiles(smart phones, net books) is now being used as a remote communication resource.

    File services – File transfer and file sharing

    Network systems allows users to share files, from documents to media files and applications.

    Peer to peer systems using software such as applications to enable common storage for users

    Windows messenger and other chat applications allow users to send each other files direct.

    HTTP website allows download
    Email can be used to send files as attachments
    Moving large amount of data is time consuming and cumbersome. To over come (ideas)
    File sharing – administrator can enable a folder to be accessible. How?
    The new law will mean that any one caught illegally downloading material will be subject to three strikes and out penalty.

    Understand how networked systems are made secure

    Basics -
    • Risk related business issues: risks to business; costs; responsibilities; systems and procedures eg password policies; disaster recovery; comparison with security issues for non-networked systems
    • Securing data: authorisation permissions and access control lists; backing up and restoring; encrypting; others eg biometrics; physical security eg CCTV, locks
    • Software: firewalls; malware (hostile, intrusive, or annoying software or program code) eg viruses, Trojans, worms, spyware, adware; levels of security risk for different malware; software protection eg antivirus, intrusion detection systems

    To Protect vs ANY Form of Network Attack, a Network Administrator must have the following enabled (some will be explained later) -

    All security software is up to date
    Firewall are checked regularly
    Privileges are checked
    No business decision will compromise the network security and vice versa.
    Authorisation techniques
    Permissions and access control lists
    Back up and restore data
    Encryption
    Biometrics
    Vetting and control of personnel
    CCTV
    Lock and key

    Authorisation permissions and access list

    Ensure that the fraudulent use doe not take place.

    To authorize a user , checks need to be made before they join the systems.
    -
    • Creation of an online account with a bank, insurer, or a credit broker depends on user place on the electoral roll; send an email to which user must reply within a time limit; ask for a phone number, which is used to contact user; Face to face meeting to which user must bring along a passport and additional identification document/
    In a corporate setting, authorizing a user follows a similar pattern. Network manager will not issue a network username unless the person has been employed by the company; supporting line manager has made suitable request; contract detailed are submitted ; contract has been signed.

    Authorization permissions and access list

    When a username is issued on any networked system, spec permissions are allocated.
    Permissions issued for a user may define where their home drive is located; storage capacity they may use; time they may access the system; location they may access the system; areas with read only permissions; areas with read and write permissions; printers servers and databases they may access; groups that they may belong to; whether they can grant local permission to other users(super user); website they can and cannot visit.
    An access control list is a tool used in network traffic management and may applied to routers and servers alike. ACLs can be used to create permit and deny rules for networks, devices,
    ACLs are applied to firewalls and can be used in temporal (time based) context, allowing or denying access to networks at certain times.

    Backing up / Restoring

    The backup and restoration of data is critical factor in all network system in order to maintain the management and reliability of the system
    Having a centrally manage backup is essential.
    • Incremental backups
    • Differential
    When considering the backup requirements of a system, you must identify the exact quantity of data that requires backup, the appropriate media that needs to be used in the backup process, the frequency of backups and where a copy of the data needs to be stored off-site.

    Other methods of securing data

    Biometrics is still evolving
    Forefinger skin
    Retinal scanners
    Vetting and control of personnel
    Checking the background and personality profile
    CCTV
    • Use cctv in key location;
    • Monitor access to server and communication rooms
    • Allow an independent check of the identity of personell
    • Limit the potential for theft
    • Authenticate that the person the computer is the authorised user
    Lock and key security
    Firewalls

    User Based Threats / Attacks
    • Malware
    • Viruses
    • Trojans
    • Worms
    • Phishing
    • Spam scam
    • Spyware
    • Adware

    Thanks for Reading this Guide, if you have any Questions on any of the Subjects related to this Guide please leave a comment below.

    Written by D4rkH4ck1ng -

    Disclaimer:
    for the VoIP Section i used - http://www.voipmechanic.com/what-is-voip.htm - As a substitute for my own limited amount of knowledge.

    If you enjoyed this Guide, i am thinking of writing similair guides or other tutorials on a wealth of my knowledge.

    Regards
    - D4rk
 
You must log in or register to reply here.

Featured

General Discussion
Inactive FK Username Requests

Share this page

Top