Networking Devices - Explaied
Thead Owner : Houga,
Category : Technology and Devices,
1 Comment,
63 Read
Viewers:
1 Guest(s)
08-11-2014, 12:42 AM
Router - a router is a device that connects two or more networks together. It uses Layer 3 (Network Layer) to communicate which uses IP addresses. It still keeps a MAC address table, but it does not use MAC addresses to move between networks. Instead, they use routing tables to keep track of how to access other networks. They usually have only a few physical ports, each representing space on separate networks/subnets, but are often expandable.
Hub - a hub, like a switch, uses Layer 2 to switch packets/frames to other devices. However, hubs are considered “dumb devices” as they perform no checking of the destination nor do they keep a MAC address table (MAC Address tables are more commonly referred to as CAM Table = Content Addressable Memory). They simply receive a packet or frame and send it out every physical port except the one used to enter the hub. The theory behind this is that the packet will eventually reach its destination. A security flaw is that, since the packets are being broadcasted, each device receives the packet. This means that if one person sends unencrypted data to a server, every other person on the hub can easily and undetectably receive it.
Switch - as previously learned, a switch „switches‟ packets/frames to other devices on the network. It uses a MAC address table (CAM Table) to store information about which MAC address(es) is/are connected to which physical port(s). Switches usually come in 6, 12, 24, or 48 physical ports and can be stacked to be connected and become a singular, virtualized switch. This is getting more into SDN (software defined networking) and I won‟t be going over that. Each switch port is its own collision domain, but each switch, by default, has only one broadcast domain. More broadcast domains can be created with VLANs.
Bridge - a bridge is very much like a switch. It, too, is a “smart device” in the sense that it does keep a CAM table. However, bridges only have two ports. For this reason, they are very rarely used in large networks, and even home networks. Since Ethernet cables bought for home uses are almost always straight-through, they cannot be directly connected to a router. For this reason, you‟d use a bridge. However, most home routers now have switchport modules that come preinstalled.
Firewall - a firewall can have many uses in a network. Two common uses are: 1. Firewalls can be used to monitor the number of connections from a single IP and block
them if it detects too many connections as this would be considered a Denial of Service attack. 2. Firewalls are often used to stop and/or filter data enting a virtual port and can monitor
data usage. There are also two different modes a firewall can be in: Stateless and Stateful. The difference is that a stateful firewall will keep track of TCP streams. This is definitely important if you‟d like to maintain connection while still securing ports.
Also, there are two main types of firewalls. Network Layer Firewalls perform the two aforementioned tasks. They can act as attack mitigation tools and can filter data on ports. Application Layer Firewalls intercept and process only data on the Application Layer of the OSI model.
IDS/IPS - Intrusion Detection Systems and Intrusion Prevention Systems are devices (usually running on a host system) that are used to detect malicious activity and anomalous traffic on a network.
IPSes tend to take active measures and try to block the malicious traffic. There are quite common in secure networks, though they do present a vulnerability. These systems can often be faked by means of encoding, session splicing, polymorphism, etc, but they don‟t need to be secretly bypassed. An attacker can spam an IDS with thousands upon thousands of false positives making it impossible for a network admin to find the real attack.
Modems - (amalgamation of “Modulate” and “Demodulate”) a modem is a device that converts the digital frequencies of data carried along wires/cables to an analog signal to be carried over a phone line via a process called modulation (ask your physics teacher). A router on the other end will receive and demodulate the analog signal into a computer-readable digital signal.
-H
Houga@entropy.cat
Hub - a hub, like a switch, uses Layer 2 to switch packets/frames to other devices. However, hubs are considered “dumb devices” as they perform no checking of the destination nor do they keep a MAC address table (MAC Address tables are more commonly referred to as CAM Table = Content Addressable Memory). They simply receive a packet or frame and send it out every physical port except the one used to enter the hub. The theory behind this is that the packet will eventually reach its destination. A security flaw is that, since the packets are being broadcasted, each device receives the packet. This means that if one person sends unencrypted data to a server, every other person on the hub can easily and undetectably receive it.
Switch - as previously learned, a switch „switches‟ packets/frames to other devices on the network. It uses a MAC address table (CAM Table) to store information about which MAC address(es) is/are connected to which physical port(s). Switches usually come in 6, 12, 24, or 48 physical ports and can be stacked to be connected and become a singular, virtualized switch. This is getting more into SDN (software defined networking) and I won‟t be going over that. Each switch port is its own collision domain, but each switch, by default, has only one broadcast domain. More broadcast domains can be created with VLANs.
Bridge - a bridge is very much like a switch. It, too, is a “smart device” in the sense that it does keep a CAM table. However, bridges only have two ports. For this reason, they are very rarely used in large networks, and even home networks. Since Ethernet cables bought for home uses are almost always straight-through, they cannot be directly connected to a router. For this reason, you‟d use a bridge. However, most home routers now have switchport modules that come preinstalled.
Firewall - a firewall can have many uses in a network. Two common uses are: 1. Firewalls can be used to monitor the number of connections from a single IP and block
them if it detects too many connections as this would be considered a Denial of Service attack. 2. Firewalls are often used to stop and/or filter data enting a virtual port and can monitor
data usage. There are also two different modes a firewall can be in: Stateless and Stateful. The difference is that a stateful firewall will keep track of TCP streams. This is definitely important if you‟d like to maintain connection while still securing ports.
Also, there are two main types of firewalls. Network Layer Firewalls perform the two aforementioned tasks. They can act as attack mitigation tools and can filter data on ports. Application Layer Firewalls intercept and process only data on the Application Layer of the OSI model.
IDS/IPS - Intrusion Detection Systems and Intrusion Prevention Systems are devices (usually running on a host system) that are used to detect malicious activity and anomalous traffic on a network.
IPSes tend to take active measures and try to block the malicious traffic. There are quite common in secure networks, though they do present a vulnerability. These systems can often be faked by means of encoding, session splicing, polymorphism, etc, but they don‟t need to be secretly bypassed. An attacker can spam an IDS with thousands upon thousands of false positives making it impossible for a network admin to find the real attack.
Modems - (amalgamation of “Modulate” and “Demodulate”) a modem is a device that converts the digital frequencies of data carried along wires/cables to an analog signal to be carried over a phone line via a process called modulation (ask your physics teacher). A router on the other end will receive and demodulate the analog signal into a computer-readable digital signal.
-H
Houga@entropy.cat