Intro

Hi there! If you’re wondering who am I? I go by @iamaangx028 on the internet — you can call me Aang :)

I am a student who is trying to get into the cybersecurity field. So, as a part of that journey I would like to share my progress with all of you as Weekly blogs. And this is my Week — 2 Blog. If you haven’t read my Week — 1 blog. Check that here. Trust me, It’s a good place to start with 😌!

Day 1 — Different types of Networks (because…. why not!)

Behind the magic of computers (of course other devices too) being able to talk to each other these are spells that Network engineers created. The following are the Spells (different type of networks) that Network engineers created to help devices connect and share information!

PAN, LAN, VLAN, WLAN, CAN, SAN, MAN, WAN

PAN

PAN stands for Personal Area Network. An example for this is the case when you connect your laptop to your Phone with a USB cable. Or when you phone is connected to your other phone or laptop via Bluetooth, Infrared or NFC to share small files such as images or songs to dance 🕺!

LAN

LAN stands for Local Area Network. An example of this could be when your Internet Cafe with 5 Desktops connected, CPUs, Printer, and may be a server too! In LAN all are wired connections using Ethernets. Typically used for closed proximity areas.

VLAN

VLAN stands for Virtual Local Area Network. This is similar to LAN but even if the computers are not in same physical area, they are in same LAN virtually. VLAN can be constructed using VLAN capable Switches. In VLAN, all the computers are directly connected to that switch. And using that VLAN capable switches, we will be able to create number of LANs virtually. VLANs helps us to reduce the broadcast traffic in the network. This ensures that only traffic intended for that particular computers will be going. Even if the computers are not in physically same area, but will be in the same local area network. This is just like an invisible boundary around the computers preventing them to accessing the traffic which is not intended for them!

WLAN

WLAN stands for Wireless Local Area Network. This is an alter version of LAN but with only Wireless connections. Lets take the same Internet Cafe but with all devices connected to Wireless Access Point or a WIFIs.

CAN

CAN stands for Campus Area Network. CAN is formed by connecting two or more LANs. You can see this type of networks in Universities or colleges. Typically these are wired networks

SAN

SAN stands for Storage Area Network. This is strictly Wired and is specially designed for storage connection. SAN consists of different Storage arrays, switches and servers. This are usually not affected by the network traffic.

MAN

MAN stands for Metropolitan Area network. These are very large networks than the CANs. These are usually used to connect Cities or Towns with high speed internet cables to provide better performance. MANs are usually wired connections except some cases

WAN

WAN stands for Wide Area Network. This is the largest type of network. These are used to connected very large Geographical area like countries, continents or even whole world. Best example could be Internet.

Day 2 — Hubs, Switches, Routers and Modem

Hubs — That Loud Topper Who Answers Every Question (Even Wrong Ones)

Hubs are used to connect two or more computers/devices. These help computers to share information with each other. But hubs are considered as Non-intelligent devices which are not capable to routing packets to intended devices. Instead it just broadcasts all of the received data packets. Which is not ideal in all of the cases. And also this creates much intended network traffic. Hubs are Layer 1 devices

Switches — The traffic cop who knows where to send whom

Switches are also used to connect two or more computer/devices. These also help computers share information with each other. But the important thing is switches are intelligent enough to route packets to only intended computers/devices. Switches are Layer-2 devices. So switches know the MAC addresses of all the connected devices. So, based on the MAC address in the received packet, it is able to route the packet to intended device.

Routers — The Passport officers in networks world

Routers are devices that are capable of sending information to other networks. Hubs & switches are only used when you want share information with hosts that are within the network. But when you want to send/receive information from other networks, that’s where routers comes in. Basically Routers are Layer 3 devices. So, they deal with IP addresses. They route information based on the IP address. So, remember;

Hubs and switches are used to create networks.

But Routers are used to connect those networks with each other or even to world

Note: Modern Routers are combination of Router tech and Modem tech into one.

Modem — The old Tech but the Gold Tech

Modem were invented long before these routers and internet story begins. So, what was the exact purpose of these modem? Back in the days, people used to talk over telephones, which used analog signals to travel and can be received at the other end. But then computers came into picture and they only know digital language. The communication barrier 😭 arise. So, to solve these problems, engineers invented the modem, which i think stands for Modulate/Demodulate 🤫.

So the modem are typically used to convert the analog signals to Digital signals and vice-versa. Convert incoming analog signals to Digital signals (Demodulate) and convert the outgoing Digital signals to analog signals ( Modulate). The modems are of two types namely “Cable modems (from outcast) and DSL (from AT&T)”.

The signals coming from the external network (like internet) are analog signals. But our computer in our offices & homes only understands Digitals signals. That’s where we use the modems.

See the following flow, you can understand better:

[Internet] → [Modem] → [Router] → [Switch] (optional in some cases) → [Devices] (like your computers and mobiles)

But these are somethings to remember in this modern time:

1. Nowadays, we have Modems that are combination of both Modem and Router into one modem box typically called as Modem Router.
2. Nowadays, we have Routers that have built-in switches that can support multiple wired connections and capable of routing packets intelligently! (Performs both Layer 2 and Layer 3 functions)
3. Nowadays, we some advanced layer 3 Switches also!

So nowadays, the above flow can also be understand as follows:

[Internet] → [Modem + Router] → [Switch] → [Devices]

So, yeah that’s all about the Hubs, switches, routers and Modems. If you want to learn more about these topics you can check them out here and here

Day 3 — Bluetooth

We are upgrading. Yeah really, from checking “whether your ethernet cable disconnected from your CPU” to “Whether your router is turned off”. We have come so long (thanks to network engineers), that we need not scratch your head in knot of cables.

We are now going wireless… Let’s us now discuss about Bluetooth, WIFI and hotspot which works on radio waves.

Bluetooth is used to share information between two devices without the need of wires or cables. When you are connected to another device via Bluetooth, then you exchange information, but at very lower speed. These waves are 2.4 GHz. All other devices such smart watches, micro-ovens all uses same 2.4 GHz band.

Day 4 — WEP, WPA, WPA2, WPA3, WPS ( Woah so many…..W’s )

Let’s try to understand What are these W’s doing in our blog!!!! s

Context: In the early days of WIFIs being used. There was concerns about the privacy. For that purpose these are the WIFI security protocols. Let us try to understand one by one.

WEP stands for Wired Equivalent Privacy. WEP was developed to wired network equivalent privacy in the wireless networks. But eventually, it was found that WEP is vulnerable to different types of attacks. WEP has only 40-bit encryption key. But later versions bumped the 40- bit encryption key to 104-bit encryption key. But still is was very easy to crack. So, hackers like it more. And It became very outdated that it is not an option in the modern router anymore.

Then comes WPA, which stands for WI-FI protected access. It is better than the WEP. WPA uses the TKIP which is Temporal Key Integrity Protocol. But still WPA is vulnerable to some kinds of attacks. This TKIP is just an duct-tape for the drawbacks of WEP. Which made it better than WEP. But you must not bet your life on it. It is vulnerable even.

Then comes the WPA2, which is WI-FI protected access 2. It is by far most used protocol I think. It uses the AES which is Advanced Encryption Standard. AES is an Symmetric encryption algorithm. It is so secure that US Govt uses it for information exchange (at least that is what he said in the YT video😅). But come on, who cares what encryption algo is used by US govt. At least I don’t care until my WI-FI router is using WPA2.

But we do have WPA3 also, which was released in the recent years. But not all WI-FI routers are having this tech. WPA3 are said to provide more privacy and protects from password guessing attacks. Even though WPA2 is secure and most used protocol, not all devices can support the WPA2. For example, my mobile phone 🥲. Just kidding, It supports WPA2. But for those type of devices, the modern routers do have an option to use the WPA & WPA2 simultaneously. So that connecting devices connects to whatever protocol it supports and more secure.

WPS is WI-FI Protected Setup. WPS is way of connecting other devices to your router. Many router have this WPS button. You click on the button and then every device within certain area will be able to connect to the router without the need of password. This is to help people with less knowledge about the router and stuff. But I think all people most of the time use this method to easily connect to the router. This feature is very useful when you try to connect your printer, TVs, and other devices. WPS sounds convenient — press a button, skip passwords. But attackers love WPS more than free Wi-Fi — it’s an easy way in if left enabled.

Yeah that’s all I know about the WI-FI Security! Check out the YT video I mentioned in the middle, the guy explained these concepts with awesome animations. Way too easy to understand 🕺

2.4 GHz Vs 5 GHz — Brothers also Enemies also

2.4 GHz is a standard frequency that most devices use for wireless communication like routers, Bluetooth, micro-oven ..etc. Due which 2.4 GHz WI-FI routers face a lot interference issues resulting in slower rate of data transmission. So, to overcome this problem, engineers have come up with 5 GHz frequency band. This is not widely used. Which means less network network traffic, which means less or no interference. Resulting in a much higher data transmission speeds. But there are some limitations too! Take a look at the following image :)

If you want learn more about this topic. Check out the video

Some modern routers support dual band connections. Meaning they support both 2.4 GHz and 5 GHz frequencies simultaneously to be able to connect to both newer & older devices. But some routers only support one band (either 2.4 GHz or 5 GHz). So checkout the description whenever you are to buy a WI-FI router 😅.

WI-FI Router Vs Wireless Access Point (WAP)

We often confuse with WI-FI router and Wireless access point. Well, at least I was confusing until I clearly learned the difference. I used to think these two terms are inter changeable. But NOT. Here’s why:

WI-FI Router is able to connect to the modem directly and computers can directly connect to the WI-FI router. This WIFI router can provide internet to devices both wired and wirelessly given a modern WIFI router has a built-in switch for connecting 4 devices wired. WIFI router produces the radio waves through which devices like cell phones, ovens …etc. can connect and work.

But whereas, a Wireless AP is only capable of connecting to Router. WAP cannot directly connect to a modem. A WAP is connected to router with a ethernet cable, then it will be capable of sending the radio signals to the wireless devices. It is mainly used in medium to large organizations. Router a strategically placed in some areas. But it is possible that some places of organizations don’t or get weak signals. So, in those situations we use these WAPs. It is easy to use WAPs and manage them instead of using many WIFI routers.

Day 5 — ARP Poisoning: The old age attack

Before discussing about the ARP Poisoning. We need to understand the ARP…. which stands for Address Resolution Protocol. ARP is used to resolve an IP address to a MAC address. In other words, ARP helps devices find the MAC address of another device using its IP address. Picture this;

Computer A wants to send information to computer B which is in same LAN. Now whenever computer A wants to send information to computer B, it first checks ARP cache in its own memory. If it doesn’t find the respective device’s MAC address then it will broadcast a message to all the devices on that network for MAC address of the device with the IP (ex: 10.0.15.1). Then the respective computer B will respond and sends the MAC address to computer A. Once the computer A gets the MAC address from computer B then it store that MAC address in the ARP cache for future reference. Curious to find what your computer’s ARP cache containing! then run ``` arp -a ```. You may find IP address and respective MAC address along with Dynamic/Static type.

Dynamic is when the computer finds the MAC address by itself like above. But Static is when the computer administrator enters it manually.

Okay, But why do hackers Poison it!!

Yes, sometimes we need to poison the ARP for our use. Given I am still learning these concepts, I am only familiar with MITM attack. ARP poisoning is done for achieving the Man-in-the-middle attack. The way this is done is very easy to understand. Let’s take the example where computer A and Computer B are both connected to the same WIFI-Router. The computer A is surfing the web for sensitive information. Then computer B tries out the ARP poisoning attack to place themself in the Middle of the traffic. The way this attack works is as follows:

Computer A with MAC address (XX.XX.XX.XX.XX.XX)

Computer B with MAC address (YY.YY.YY.YY.YY.YY.YY) → Attacker

WIFI Router with MAC address ( ZZ.ZZ.ZZ.ZZ.ZZ.ZZ)

1. Computer B sends spoofed ARP replies to Computer A that MAC address of the WIFI Router has changed to Y.Y.Y.Y.Y.Y.Y
2. Computer B spoofed ARP replies to WIFI Router that MAC address of Computer A has changes to Y.Y.Y.Y.Y.Y.Y
3. Computer A then believes that WIFI’ Router’s MAC address has changed. So it will send the Data packets to computer B thinking that it is still sending to WIFI Router.
4. This way the Computer B has place itself in the middle of the communication of Computer A and WIFI router.

This is the classic ARP poisoning. But even if the attacker has placed himself in the middle. If the traffic is sent over HTTPS then attacker cannot understand what information is being sent and received. But if the victim is sending and receiving the information over HTTP. Then attacker can see the information that is being transferred.

SSL/TLS — The Unsung Heroes Behind a Secure Internet

You are entering your Credit/Debit card details and uploading your Personal documents. But Did you ever stop a second and what if an attacker sniffing through your network. Or hacker is listening to the traffic over the internet. In the above topic I mention that even if the attacker successfully performed the MITM attack. They are not able to see the traffic that is being transferred. Why? We all know that ‘S’ in HTTPS stands for secure, which is right. But what exactly is happening behind the scenes. That’s where SSL and TLS comes in;

SSL stands for Secure Socket Layer. SSL encrypts the information between and browser and Server. SSL uses the Public Key encryption (Asymmetric Encryption) to encrypt the data. let me explain you the SSL Handshake:

1. Whenever you try to open an website in a browser. If it is the first time your trying to access that website, then browser asks the website to prove their identity.
2. By providing a copy their website’s SSL Certificate it will prove themselves. Then browser checks it!
3. Once this is done an secure SSL session will be opened and all of the traffic is then encrypted. No one can decrypt until they the Decryption key. So most of the time Data will sent securely over the internet.

TLS is the successor of the SSL. TLS uses the cryptographic encryption to encrypt the traffic and send securely over the internet. Let me share with you an interesting Interview question here that I was asked!

What type of Cryptographic Encryption is done in the SSL/TLS? I said Asymmetric !!😭😅 Then Interviewer said No! Then I said then it will Symmetric. Then again Interviewer said No! I was Like whattttttttt the heck!

Actually its BOTH. Let me explain. SSL/TLS both uses the both A/Symmetric type of encryptions at different stage of SSL Handshake. Asymmetric Encryption is used for Initial Handshake and Establish a shared secret key. Post SSL Handshake, then the data transmission is done with Symmetric Encryption. Because the Symmetric encryption is faster. Whereas, Asymmetric encryption is slower and not feasible for encrypting the web traffic.

TCP Vs UDP — The Layer 4 Magic

Ever wondered how web pages and other files that you may download over the internet are in prefect order. Like web pages are not upside down. All text are in order, you got my point. right? This is all because some protocol working hard behind the scenes to make it all possible → TCP and UDP.

TCP stands for “Transmission Control Protocol”. It is a Connection-oriented and reliable protocol. By the word “connection-oriented” I do not mean WI-FI nor wires nor ethernet cables. I mean that before the transmission happen between your browser (client) and Website server, TCP establishes a secure Three way Handshake. Three way Handshake;

Computer (client sends )→ → SYN → → Server

Computer (client receives) ← ← SYN + ACK ← ←Server

Computer (client sends ) → → ACK → → Server

These three steps takes place to open connection-oriented session. The sender and receiver agree upon and starts the sending data. In TCP, receiver will be keeping an eye out if the data missing. If any data is lost in the transit, that particular packet is asked to resend by the sender. Once all of the data is received then, all packets are arranged in a sequence order to form that correct form/web page/message. This protocol is used for web surfing and other things. Give the complexity in the Three way handshake, TCP is slow compared to UDP.

UDP stands for “User Datagram Protocol”. It is a connectionless oriented and non-reliable protocol. By the word “connectionless” I mean, UDP do not establish any session before sending out the data. In this case the sender doesn’t care whether the receiver is receiving all of the sent data or not nor it has way to check. It’s like reckless person😂! Given this there is no complexity, hence UDP is faster compared to TCP. Used in Video streaming …etc. By the just to remember, TCP and UDP are Layer 4 Protocols.

Just for remembering that following are Layers and corresponding Protocols:

• Application Layer — Apps, HTTP, FTP, etc.
• Presentation Layer — Data formatting, encryption
• Session Layer — Session management
• Transport Layer — TCP, UDP (handles data delivery between systems)
• Network Layer — IP, routing, addressing (e.g., IPv4, IPv6)
• Data Link Layer — MAC addresses, frames (e.g., Ethernet, Wi-Fi)
• Physical Layer — Cables, radio waves, fiber, etc.

That’s just lil bit about the TCP and UDP. There is so much to learn if go in depth of these topics. But I am just covering things that are crucial as a beginner. You can check out this YT video for animated explanations!

Some Final Chit-Chats

Yeah I agree this so much to consume in a day. But if you have read this far. Respect 🫡to you!

I am actually trying to cover network side basics first before starting the Web basics. I may have missed some important topics though. Please let me know those in the comments.

As I said before, If you haven’t checked my last week’s blogs. Check it out. It will be good, at least I hope 😅! Also I am trying to mention some interviews here and there. Those questions are kinda important to remember i guess. Because don’t mess up things like me in interviews. If you wonder why I write more on somedays, very less on other days. Its just because, some days I dont learn more due to obvious reasons. But, yeah trying to be consistent 🥴 though!

There are some grammatical mistakes i think 😅I am sorry for those too!

Hit me up on X if you have something interesting to discuss!