I attended CCNA training today at trainpro academy.
The following provides summary of what I grasped during the lecture. A very good down memory lane of college days and even more.
Security:
-Packet filtering
-Signature Inspection
SQL server, Exchange server, ISA server (Firewall, VPM, Proxy - block web site) --> knowledge valuable for security.
Nobody would use Windows as first line of defense.
There is one certification for wireless from Cisco.
Wireless (A, B, G)
80211B - 11Mbs
G - 64Mbs
80211N -108Mbs (New technology coming soon)
Security:
1. WEP Key : 5-13 characters
DLink-65 - you can grasp packets from the air.
Collecting all packets and study the encryption, and then try to define its algorithm.
2. WPA 2 - Temporal Key IP (new technology)
3. Yahoo and GMail doesn't implement SSL unlike hotmail. you have to pay for it.
4. arp -a (Address Resolution Protocol cache)
You can check who has pinged you.
-d (flush the cache)
-s (create entry to the ARP mapping)
i.e 172.16.20.168 aa-aa-aa-aa-aa-aa
5. Within a LAN, you only require to use the MAC address.
6. Using ethereal
- packet sniffer software
7. Man-in-the-middle
- ARP poisoning (have to inside the network)
Cheat the network that you are all the IP addresses that other uses. so that the gateway will broadcast a copy of all packets to you.
8. Network Neighbourhood uses Netbios
9. VPN - For you to connect through a WAN (Internet) into a LAN. L2TP - IP security TTTP - IPv4 - IP address 32 bit.
IPv6 - IP address 128 bit. (8 hexas)
Windows XP already support IPv6.
The main problem of low adoption is becoz of the long winded addresses which you have to use.
10. If you can work with Cisco 2500, you can work with most Cisco router.
11. Inside the server room, there will be usually more than one router stack, each server "should" reserve for one company. There will be a main router for people to telnet in from other places and work with the other routers.
12. CCNA
1st Module - Basic (IP subneting)
3rd Module - Routing protocols
4th Module - Access control list (NAT)
5th Module - Web technology. PPP, HTLC, Frame-Relay, SLIP (outdated)
- PPP (Point to Point) - connection between PC.
NAT - Allows you to hide behind a public address.
13. BSCI - Routing OSPF, BGP (used for ISP), ISIS (used for ISP) - Policy based routing. - Route maps.
BCMSN - Switching (Port channel, high availability, spanning tree protocol, SNMP) - Design
BCREN - WAN technologies (DSL, ATM) CIT - Troubleshooting
14. Active directory - Centralized point of authentication.
Introduction to Internetworking:
1. 4 basic requirements:
1a. Addressing
1b. Error detection and correction
1c. Time synchronization
1d. Transmission coordination.
2. The first networking device was the Hub. Repeats everything --> not very secure.
1 broadcast domain only
1 collision domain only
Gigabit channel - Uses CAT-6 instead of CAT-5
5-4-3 rules. (Avoid collisions)
3. Switch is better than hub bcoz it can create virtual circuit.
1 broadcast domain - by default Multiple broadcast domin- virtual circuit.
4. The whole Internet has around 2k routes. Malaysia has two internet routes. This is becoz TM has the monopoly (only TM has the rights to build infrastructure)
5. Routing concept.
Similar LAN packets don't go through the router.
6. Streamyx modem is a bridge.
7. ATM - high end, or high speed transfer. Receives huge data and send out huge data.
8. Comm. server (for big companies) = Connected to PSTN.
9. MODEM CSU/DSU - TA/NT1 CSU (Channel service unit)DSU (data service unit)
10. WAN bandwidth switch - Bandwidth allocator. 1 timeslot = 64k
11. OSI - serve as reference model.
Port -
21 : FTP
22 : SSH
53: DNS
C:\WINDOWS\system32\drivers\etc
Transport - Protocols
Network - IP addresses
Data link - MAC addresses
Physical - Connections
Just two cents from a networking expert.
The following provides summary of what I grasped during the lecture. A very good down memory lane of college days and even more.
Security:
-Packet filtering
-Signature Inspection
SQL server, Exchange server, ISA server (Firewall, VPM, Proxy - block web site) --> knowledge valuable for security.
Nobody would use Windows as first line of defense.
There is one certification for wireless from Cisco.
Wireless (A, B, G)
80211B - 11Mbs
G - 64Mbs
80211N -108Mbs (New technology coming soon)
Security:
1. WEP Key : 5-13 characters
DLink-65 - you can grasp packets from the air.
Collecting all packets and study the encryption, and then try to define its algorithm.
2. WPA 2 - Temporal Key IP (new technology)
3. Yahoo and GMail doesn't implement SSL unlike hotmail. you have to pay for it.
4. arp -a (Address Resolution Protocol cache)
You can check who has pinged you.
-d (flush the cache)
-s (create entry to the ARP mapping)
i.e 172.16.20.168 aa-aa-aa-aa-aa-aa
5. Within a LAN, you only require to use the MAC address.
6. Using ethereal
- packet sniffer software
7. Man-in-the-middle
- ARP poisoning (have to inside the network)
Cheat the network that you are all the IP addresses that other uses. so that the gateway will broadcast a copy of all packets to you.
8. Network Neighbourhood uses Netbios
9. VPN - For you to connect through a WAN (Internet) into a LAN. L2TP - IP security TTTP - IPv4 - IP address 32 bit.
IPv6 - IP address 128 bit. (8 hexas)
Windows XP already support IPv6.
The main problem of low adoption is becoz of the long winded addresses which you have to use.
10. If you can work with Cisco 2500, you can work with most Cisco router.
11. Inside the server room, there will be usually more than one router stack, each server "should" reserve for one company. There will be a main router for people to telnet in from other places and work with the other routers.
12. CCNA
1st Module - Basic (IP subneting)
3rd Module - Routing protocols
4th Module - Access control list (NAT)
5th Module - Web technology. PPP, HTLC, Frame-Relay, SLIP (outdated)
- PPP (Point to Point) - connection between PC.
NAT - Allows you to hide behind a public address.
13. BSCI - Routing OSPF, BGP (used for ISP), ISIS (used for ISP) - Policy based routing. - Route maps.
BCMSN - Switching (Port channel, high availability, spanning tree protocol, SNMP) - Design
BCREN - WAN technologies (DSL, ATM) CIT - Troubleshooting
14. Active directory - Centralized point of authentication.
Introduction to Internetworking:
1. 4 basic requirements:
1a. Addressing
1b. Error detection and correction
1c. Time synchronization
1d. Transmission coordination.
2. The first networking device was the Hub. Repeats everything --> not very secure.
1 broadcast domain only
1 collision domain only
Gigabit channel - Uses CAT-6 instead of CAT-5
5-4-3 rules. (Avoid collisions)
3. Switch is better than hub bcoz it can create virtual circuit.
1 broadcast domain - by default Multiple broadcast domin- virtual circuit.
4. The whole Internet has around 2k routes. Malaysia has two internet routes. This is becoz TM has the monopoly (only TM has the rights to build infrastructure)
5. Routing concept.
Similar LAN packets don't go through the router.
6. Streamyx modem is a bridge.
7. ATM - high end, or high speed transfer. Receives huge data and send out huge data.
8. Comm. server (for big companies) = Connected to PSTN.
9. MODEM CSU/DSU - TA/NT1 CSU (Channel service unit)DSU (data service unit)
10. WAN bandwidth switch - Bandwidth allocator. 1 timeslot = 64k
11. OSI - serve as reference model.
Port -
21 : FTP
22 : SSH
53: DNS
C:\WINDOWS\system32\drivers\etc
Transport - Protocols
Network - IP addresses
Data link - MAC addresses
Physical - Connections
Just two cents from a networking expert.
Comments