Basic networking Flashcards
Explain DNS briefly
Domain Name System. Protocol within TCP/IP protocol suite. It turns a user-friendly text domain name into an IP address. It manages a massive database that maps domain names to these IPs.
DNS name resolution
When your computer uses a DNS server to look up the requested domain name.
TLS
Successor to SSL. Protocol used to implement HTTPS. TLS sits at a lower level on the OSI model than HTTP. TLS uses Public Key Cryptography and Symmetric Key Cryptography.
Hubs
Known as repeaters. Connects network devices. Layer 1. Unable to process Layer 2 or 3 traffic, so it cannot process MAC or IP addresses. It can only transfer data to every port, excluding the port from which data was generated. Can only operate in half-duplex (connected devices can send or receive, not at same time). Prone to collisions with more connected devices. Collisions occur when more than 1 device sends out data at same time. If collisions occur, all data is rejected and hub signals for devices to resend data.
Static IP
address assigned to machine does not change.
Dynamic IP
IP address is assigned on a fixed lease basis.
DHCP
Dynamic Host Configuration Protocol. DHCP servers are configured to assign IP addressed within a defined range.
Ensures no IP conflict
Public Key Cryptography (Encryption)
Enables users to securely communicate over an insecure public connection. It is used to generate shared secrets as well as authentication via certificates/digital signatures.
Each side has both public & private key, mathematically linked to one another. The client and server uses their private key along with shared, public info to agree upon a shared secret key. This is all made possible by the Diffie-Hellman key exchange which results in the generation of a shared secret key.
Symmetric Key Cryptography
Uses shared secrets for encrypting requests and responses.
Using a private shared secret and a suite of encryption algorithms, client and server can communicate securely.
Diffie-Hellman key exchange
Overview: The two parties agree on a SMALL root number and a LARGE prime number (300+ digits). This info can be shared publicly.
Each sides calculates their “mixture”, which is:
root ^ ‘private key’ % prime.
Each side shares their mixture. More math:
received mixture ^ ‘private key’ % prime.
This becomes the shared secret for the session.
Certificates
Public key certificates are security files that have a digital signature to bind a public key with an identity (domain name). Certificates are verified and digitally signed by a CA (certificate authority).
Switches
Operates on Layer 2. “Intelligent” hubs. Support full duplex data transfer, unlike hubs. They operate on hardware addresses to transfer data across devices connected to them, by building an address table in hardware to keep track of different hardware addresses and the port to which each hardware address is associated.
The reason why they are compared to hubs because a switch, when started fresh, acts just like a hub. Suppose there are 3 devices connected to a switch. Lets call these devices as deviceA, deviceB and deviceC. Now, after a fresh start, if deviceA sends out a message to deviceB then just like a hub, switch will send it out to each port. But, it will store the hardware address and corresponding port in its hardware table. This means that whenever any other device will send any packet destined to deviceA then switch will act intelligently and send it to the correct port and not to all the ports. This way as more and more interaction takes place, the hardware table of switch grows and after a certain period of time switch becomes full blown intelligent version of a hub.
As layer 2 protocols headers have no information about network of data packet so switches cannot forward data based or networks and that is the reason switches cannot be used with large networks that are divided in sub networks.
Routers
Operate at Layer 3. Layer 3 can access logical addresses (IP) so routers have ability to forward data across networks.
Known as layer 3 switches.
They maintain a routing table for data forwarding.
