The OSI Model Demystified

The OSI Model


Layer 7 -- Application Layer -- The layer users interact with

Layer 6 -- Presentation Layer -- Generally the layer the Operating System is on

Layer 5 -- Session Layer -- The layer that controls the communication session between two computers

Layer 4 -- Transport Layer -- The layer that controls Windowing and other tasks related to communication

Layer 3 -- Network Layer -- The layer that Routers and IP addresses operate at

Layer 2 -- Data Link Layer -- The layer that Switches, MAC Addresses and ARP reside at

Layer 1 -- Physical Layer -- The layer that cabling resides on



TCP/IP and Subnetting

TCP/IP Overview (2:32)

How TCP/IP Works (16:53)

TCP/IP Numbering (43:00)

Subnet Masking (48:17)

Final Thoughts (64:03)

Class Notes


1. TCP/IP

Is technically a Protcol Suite

IP Routes Traffic

Layer 3 OSI Model Network

Routable Networks (sub networks)

TCP controls transmission between connected systems

Layer 4 OSI Model Transport

Windowing is the process of sending data from one computer to another in TCP/IP version 4


2. How TCP/IP Works

IP Addresses -- Every device on a TCP/IP network needs an individual IP Address

DNS (Domain Name Service/Server) resolves Domain names into IP Addreses

DHCP (Dynamic Host Control Protcol) Servers automatically assign IP information to clients for a specific time period (Lease). Clients try to renew leases at 50% expiration point.

Default Gateway (Router) connects networks. If an IP Address cannot be found on the local network the computer tries to use the Default Gateway to find the target.

Subnets and Subnet Masking -- Subnets are individual networks. Subnet Masks divide IP Addresses in Subnet Number and Host Number

What the Number Mean

IP Addresses and Subnet Masks are made of 4 Octets of Bits

128-64-32-16-8-4-2-1

Subnet Masking

IP Addresses contain the Subnet Number and Host Number. The Subnet Mask tells you where the subnet number ends and the host number begins.

Classful Networks A, B, C,D,E Gone now use CIDR

The Highest Address in a Subnet Range is the Broadcast address

To determine the number of subnets (n is the number of bits used)= 2n

To determine number of Hosts = 2n -2




Hacking DNS


This class teaches students how use DNS to redirect computer or network users to alternate websites or servers for security or malicious purposes.

Topics Covered


How DNS Works

Editing the HOSTS file

Alternate Public DNS

Planning a DNS Hack

Reasons to Hack DNS

Class Notes


Introduction

DNS resolves Domain Names to IP Addresses

Warning: Use at your own risk

DNS

HOSTS file is the local file that resolves Domain Names

Windows Location = C:\Windows\System32\drivers\etc

Example = 10.1.10.2 www.elithecomputerguy.com

In Vista/ Windows 7 First Open Notepad using "Run as Administrator" and then open the HOSTS file. Otherwise you will not be able to save your edits.

Computers FIRST try to Resolve a Domain Name with the HOSTS file, they then Go To the LOCAL DNS Server, and then they Query the PUBLIC DNS Server. If any server has a record the computer does not ask any other sources. SO if the HOSTS file has a record the computer uses that record and stops.

Using Alternate DNS

You do not have to use the Public DNS IP Addresses that your ISP gave you. You can use Alternate Public DNS Servers.

The benefit of using a server like OpenDNS.org is that they will prevent Domain Names for malicious websites from resolving. This is a HUGE security tool.

You can create your own Public DNS Server for Good/ Bad Purposes.

The DNS Attack

HOSTS file can be compromised either through manual editing, or through scripting. If users are logged in as USERS vs. ADMINISTRATORS there is far less chance that a script will be able to modify the HOSTS file.

By Wardriving or Plugging Into an Unsecured Network Jack You May be able to Hack the DNS Server. Routers/ Modems with default passwords are easy to Hack.

A clever, well disguised DNS Hack is very difficult to detect once it has been successfully implemented, and it is moderately difficult to circumvent if it is done by a network administrator to secure a network.

Final Thoughts

Hacking DNS is the EASIEST way to either protect or attack a network or computer


Virtual Private Networking