Dipti's Technical Learning Library

This blog is created for sharing knowledge only. The contents provided here are related to computer, hardware, software, networking, telecom, cyber security and other new technologies. As well there are some advisories provided for digital safety and cyber practices. The information provided here are just for basic understandings. The idea is to keep all technologies and information at one address. If you like it, then follow and share it with others. Put your comments and suggestions. Thanks !

Tuesday, September 29, 2020

Basics of Network Security

Basics of Network Security

Security can be combination of technology, devices, applications, processes and peoples. Network security is a set of policies or measures to keep the network secure from attacks, threats. Network Security combines several layers of defenses at the network. It helps to protect the information and reputation of every organization.

Security Solutions now a days;

There are the some common types of network security devices that can help in securing the network against attacks and cyber threats at smaller to large organizations such as;

Firewall
IDS (Intrusion Detection System)
IPS (Intrusion Prevention System)
UTM (Unified Threat Management)
Proxy Server
Web Filter
Network Load Balancer (NLB)
Spam Filter
DDoS Protector
Ethernet Encryption Device
SIEM (Security Information and Event Monitoring)

Some Application level security which can also play big role in larger networks are as below;

Email Security
Antivirus
Data Leak Prevention (DLP)
SOAR (Security Orchestration, Automation and Response)
Vulnerability Assessment and Penetration Testing Tools
Encryption tools
Network Scanner
Traffic Analyzer

Security is a measure priority now a days.

An administrator needs to implement administrative, physical and technical controls. Everyone plays a role in securing one organization's information and system. It saves the reputation of the Organization.

The attacks are to breach Confidentiality, Integrity and Availability (CIA) of an organization's assets.

CIA are the three pillars of Information Security domain. We will cover this later.

-DR

Basics of NTP

NTP

Network Time Protocol

NTP is known as Network Time Protocol, and is an Internet protocol used to synchronize the clocks of computers/domain to specify time. It applies both on protocol and client-server programs.

The NTP client sends a time-request to the NTP server, then the client measures the link delay and adjust its local clock to match the clock at the server's end.

Primary NTP Server: Primary NTP servers are synchronized to a reference clock that is directly traceable to UTC (Coordinated Universal Time).These servers then distribute this time data to NTP secondary servers and NTP clients down stream.

Advantages

During billing services we are able to know the time accurately to provide the clear-cut charges free from any wrong billing.
Tracking security breaches and incidents which could affect a large number of devices and applications can be nearly impossible if timestamps in logs are inaccurate. Time is often the critical factor for logging any security event or incident over a network.
Financial services like transactions need highly accurate time reference.
It helps the critical travel and transportation system.
Stock market communications and transactions require careful synchronization of time.
Email and network communications can be tough if timestamps are incorrect.

-DR

Saturday, September 26, 2020

Basics of VPN

VPN

VPN stands for Virtual Private Network. It uses the Point-to-Point Tunneling Protocol (PPTP) or Layer Two Tunneling Protocol (L2TP). We use VPN to securely access resources on a network by connecting to a remote access server through the Internet or other network.

The use of both private and public networks to create a network connection is called a virtual private Network.

Advantages

The connection over internet is encrypted and secure.
Keeps you anonymous and prevent spying.
New authentication and encryption protocols are enforced by the remote access server.
Sensitive data is hidden from Internet users, but made securely accessible to appropriate users through a VPN.
Very useful for daily internet users, corporate, small and medium business organizations.
This is first line of defense.
A VPN can be set up across any link.

Many VPN services available now a days, however the paid service is better than the free one.

There are basically three types of VPN used in business.

Remote Access VPN
Point to point VPN
Extranet VPN

Remote Access VPN: It allows remote users to securely access the corporate network anytime through a secure login credential.

Some VPN tools present in the market are such as;

NORD VPN
Express VPN
Proton
Checkpoint IPSec
Open VPN
Netmotion

As a common feature, all VPN solutions have primary goal of Access control, User authentication, encryption and secure network connectivity.

So this is just basic. Feel free to post your suggestions and comments below.

-DR

Basics of MPLS

MPLS

Multiprotocol Label Switching

Multiprotocol Label Switching (MPLS) is a routing technique or method used in high-performance telecommunications networks that directs packet or data from one network node to the next based on short path labels rather than long network addresses, avoiding complex lookups in a routing table. The labels classify virtual links (paths) between distant nodes rather than endpoints. MPLS can encapsulate packets of various network protocols. MPLS supports a collection of technologies, such as T1, E1, DSL and ATM.

MPLS is used to speedup the traffic in a network.

MPLS uses combination of both circuit switching and packet switching.

MPLS operation

MPLS works by prefixing packets with an MPLS header, containing one or more labels. This is called a label stack. Each label stack entry contains four fields:

A 20-bit label, 3 bit label, 1 bit label, 8 bit ttl.

These MPLS-labelled packets are switched after a label lookup/switch instead of a lookup into the IP table. when MPLS was conceived, label lookup and label switching were faster than a routing table lookup.

Routers that perform routing based only on the label are called label switch routers (LSRs). The entry and exit points of an MPLS network are called label edge routers (LERs), which, respectively, push an MPLS label onto an incoming packet and pop it off the outgoing packet.

MPLS works in conjunction with IP and its routing protocols, such as the Interior Gateway Protocol (IGP).

Dis advantage.

It does not offer encryption, for which it will enable cyber attacks in the network.

-DR

Friday, September 11, 2020

Basics of OSPF

OSPF (Open Shortest Path First)

This is an open standard routing protocol. It finds a best route (own shortest path) from source to destination address (Router to Router).

This is a link state protocol and similar to RIP (Distance Vector Protocol).
It can be considered as one of the IGP (Interior Gateway Protocol) protocol.
It uses multi cast address for normal communications.
It Supports both IPV4 and IPV6.
It can be run on most routers.
It can link up with network in few seconds and can provide loop free paths.
It have full support for sub nets and is easily scalable.
This is basically used for largest size of network.
Industry standard use.

OSPF offers a feature named "Routing Area" which means dividing routers and communicating between them.

Routers used, called as per areas are:

Internal Router
Backbone Router
Area Border Router
Autonomous System Boundary Router (ASBR)
Designated Router
Back up Designated Router

Messages used by OSPF

Hello Message

Database Description

Link State Request (LSR)

Link State Update (LSU)

Link State Acknowledgement (LSA)

OSPF routers generate this above messages and exchanges with neighboring routers.

OSPF creates three tables in the router, Neighbor table, database table and routing table.

-DR