*this is a study guide that was created from lecture videos and is used to help you gain an understanding of how computer networking works.
Servers have resources, and clients want access to the resources
A web browser is a web client
Servers don’t need an interface unless they are making configurations
A server’s job is to send web pages to clients
Servers provide access to the data
Clients and servers aren’t hardware but software
Moving Data over a Network
Frames- Data moved from one comp to comp in discrete chunks with 1500 bytes of data
Frame is a series of 1’s and 0’s, binary data
Hub- repeater, computer sends frame into hub, hub makes a copy for every port and then sends to every other computer on the network
MAC- 12 hexadecimal values, separated into pairs, how you know which packet goes to the right computer
MAC address is burned into network card. First half are assigned to a particular manufacturer
When a computer receives incoming frame, it has to look at the two-part MAC address and compare it with it’s own MAC address and to decide if it is for that computer
Broadcast address- when its sent out it goes to every computer, it automatically sent to OS and are never deleted.
Broadcast domain- Anytime you have a group of computers where they are connected in such a way they can hear each other’s broadcast
Problem with hub is if you have a lot of computers then it eats into the bandwidth.
We got rid of hubs and replaced it with a switch. It is hard to tell them apart, but switches are smarter. It keeps track of the MAC addresses based on the ports.
When you have a broadcast frame with a switch, it acts like a hub.
How to protect your network equipment- Use a Wall outlet with network cable jack and a patch panel, which is the other end of the horizontal run, the horizontal run is never touched so we can count on it always working.
Connecting the computer to the switch we use patch cables, which runs from the patch panel into the switch, and a patch cable from the wall outlet into your computer
Patch panels are stored in equipment rooms.
Unshielded twisted pair/Ethernet cable- always has 4 pairs in it to work in a network.Cat levels are important as it shows much data the cable can handle.
CAT 3- 10mb per second ethernet networks
CAT 5- 100mb per second ethernet networks
CAT 5E- improved and can handle 1000 or 1gb per second
CAT 6- designed to run 10mb on shorter distances
CAT 6A- designed to run 100 meters, any building with networks is this standard
TIA/EIA 568 A- brown on far left side, blues in center, they both don’t move, oranges are in between the blue wires, for A it is green comes before orange
TIA/EIA 568 B- The orange becomes before the green, besides that it is the same
Cut them into half an inch, slide them into the crimp, use a crimper to make a connection patch cable
110 punchdown tool- use to punch down 8 wires on patch panel
Do not do it for CAT 6 or 6A unless you have a strong tool.
PVC- no fire rating, don’t put in your walls
Riser- meant for in between floors and buildings
Plenum- standard for fire protection, required by law, prevents noxious fumes from burning cable
Fiber-optic and coaxial cabling
Fiber optic cable- when regular twisted pair is not what you need. It uses light instead of electricity. It can be very long as in 40 kilometers. It is immune to electromagnetic interference.
2 types of light transmitted- laser and regular light using LED
Single mode cable use laser light, the more common and cheaper option is multimode cable which uses visible and infrared light.
Fiber optic cables come in pairs and has two connectors
Duplex cable- Two cables fused together
Fiber optic connectors
ST- round, Stick and turn
SC- Stick and click, square
Because we are running duplex cables, LC- local connector, smaller and takes less space
A lot more connectors than these!
More than one connection that shares an axis
You will have at least two conductors in each cable.
RG-6- used to connect cable to cable modem
RG-59- used to connect old cable TV boxes
Both are set at 75 ohms.
BNC- still used, with video, old network connections
F connector- threaded connection, seen on cable connections
Are the cables good and are they wired properly? Continuity and wire map
Cable tester- turn it on, tells you if right wire is plugged in, and if it is actually connected or it the wire is broken
Microscanner by microtest- tells use all wires are good and in the right place, TDR tells the length of the cable
Tone generator- helps you find stuff
Tone prob- listens for tones made from tone generator
Hardware technology used on networks standard is ethernet as it gets frame from one computer to the next.
LAN- number of computers physically connected to each other by a switch and are part of the same broadcast domain
TCP/IP- a bunch of protocols made in order for LAN’s to connect with eachother without a broadcasting issue
Router- plugged into switch and acts as intermediary between switches, does not look at MAC addresses but the logical IP addresses that we made. Routers have a MAC address and has a table where all the networks are.
Imagine routers were spaced all over the US and for TCP/IP to work, routers needed to be interconnected with high speed powerful lines, in turn it can connect LAN’s. When they originally developed the protocol with three dots, it was made to ensure that you were never 3 routers away from the internet.
Network ID and Subnet Mask
A device is referred to as a node when talking about networking. Ipconfig- command that shows IP address, subnet mask and default gateway. The router also gets an IP address! Node addresses cannot be all 0’s or all 255’s.
Network ID- the 3 numbers of the IP address that defines all the computers in your network. Think of it as a street address.
Subnet mask- lets you know where the network ID is and when to send things out to the internet. It is how we tell the individual computers. If a device on a LAN doesn’t recognize the same subnet mask of the first 3 numbers, then it will send to the router for it to go outside the network. Every device on the same Network ID will have the same subnet mask.
Default gateway- the IP address of the actual router itself. Lan connection on your router. Default gateway must be .1 for last number in IP address.
Set up network in Windows 10 Statically
Control panel -> Network and sharing center -> change adapter settings -> find your ethernet card -> right click, properties -> IPV4 -> properties -> use the following IP address -> type in appropriate numbers
Dynamic IP Addressing
Most systems will provide DHCP. The DHCP server must be configured and then it will respond to devices that need an IP address.
When DHCP fails- if your DHCP server goes down
APIPA- if DHCP server goes down and you restart your computer and it is unable to find the DHCP server for any reason, then Windows has it route to APIPA. APIPA always begins with 169.254
Try to reestablish the connection -> in the CLI, type “ipconfig /renew” and it will reset your IP address. / Use “ipconfig /release” to tell your machine to forget its IP address.
If you are able to share files with others on your network, but you can’t access the internet, then it can be your DHCP server.
If it is not APIPA or your network ID then it is a Rogue DHCP server that hands out unauthorized IP addresses.
Use alternate configuration (which is found in Control panel -> Network and sharing center -> change adapter settings -> find your ethernet card -> right click, properties -> IPV4 -> properties -> alternate configuration) to set failover behavior if no DHCP server is available.
Special IP address
Broadcast- 255.255.255.255, every computer on LAN will listen and take in the packet
Loopback- 127.0.0.1 ping yourself to test your own connection
Localhost- same concept as loopback
Private IP addresses- 10.x.x.x or 172.16.x.x to 172.3.x.x or 192.168.x are not to be used on the internet itself
Routers use NAT to share a single IP address with multiple systems. Software inside the router that used for Routers to share 1 IP address among many computers. Looks inside packets -> grabs info and writes it into a “NAT” table -> then it rewrites the individual computers address and puts in it’s public IP address -> sent out to internet -> when packet comes back, the NAT uses the reference table and rewrites the original devices name back in and sends out on the network
Ping and IPconfig
Ping checks to see if a node is reachable and can perform IP address to name translation. Ping is just for the LAN.
Ping -t causes continuous pinging and control C to end it and use ping -a to force IP to name translation
IPconfig- shows basic IP configuration
Ping the router if a device can’t reach the internet
Ipconfig /all shows more IP configurations including MAC address and DNS information
Ping may or may not work outside of a LAN because of firewalls and routers being able to prevent outside network pings. You can still ping a website to find out it’s IP address!
Ipconfig /flushdns clears the dns cache
TCP, UDP, ICMP
TCP runs over IP, how we get data between computers and how we talk over the phone, most common with IP, all web browsers use it, connection oriented, negotiates to create a connection between client and server
UDP, user datagram protocol, connectionless, starts sending data and assume the server is ready, less overhead and faster than TCP. DHCP uses UDP.
ICMP- internet control message protocol, used for tiny utilities and ping, only one packet and connectionless
When the IP address alone isn’t enough to get a piece of data to a specific server. Value from 0 to 65535 and part of every TCP/UDP packet. Every packet has 2 port numbers. First number is the assumed listing port for “computer B’s” web server. Second number is an ethereal port number and is generated arbitrarily by the client. Web servers are on port 80. Email servers can differ.
First 1024 port numbers were designed as well known ports
FTP 21, SSH 22, Telnet 23, SMTP 25, DNS 53, HTTP 80, POP3 110, IMAP 143, HTTPS 443, RDP 3389, netbios/netbt 137-139, SMB/CIFS 445, SLP 427, AFP 548
Every time 2 devices connect their are 2 port numbers associated with that connection.
Working with Connections
Netstat- shows connections to and from your computer, command on Windows CLI
Netstat -n shows network statistics numerically
Netstat -a shows everything that is going on, active or not
Tcpview- shows network connection information in graphical format, download
These allow us to know who is connecting with our computer
Billions of computers used to resolve IP addresses based off FQDN
Top level domain- .com, .gov,
Individual host name- www. is a matter of convention
Secondary domain- totalsem, cannot be more than 256 characters
The client computer never queries the DNS server itself, the client DNS server goes and creates a query and the server DNS server responds. DNS server settings are ingrained in your computer. Type ipconfig /all to show DNS server information.
Client computer asks for IP address of destination -> Client DNS server puts you on hold -> your computer gets the root hint from your DNS server to access the accurate root server -> root server gets you to a .com server -> your DNS server goes to .com server and asks for IP address destination -> client DNS server receives info and passes it off to the computer
Root hints- IP addresses that are root dns servers that are all over the world, their job is to respond back and it will get you to the closest .com server.
Google’s DNS server- 188.8.131.52 and 184.108.40.206
Dealing with DNS
DNS doesn’t go down often but it does enough where you should have a backup. You can use a public DNS as they are robust and will never go down, if it doesn’t work in your office then it is because it was designed where you can’t talk to other computers unless you go through the default DNS server.
Find your dns server -> ipconfig from command line to see the IP address of your DNS server
How to know DNS isn’t working- can’t get on internet, try to ping a well known site and if you can’t find it, then the DNS isn’t working.
NSlookup- command line utility used to talk to DNS servers, although most DNS servers don’t respond these days, you can use it for name to address translation and to find the name of a public DNS server and if it is up and running.
When you install a windows computer you do two things, give your computer a name and a network it’s in.
Workgroup- simple form of networking in windows, computers are known as peers and they are all connected to the same switch, they broadcast to one another so they can communicate easily between each other
To talk with a windows server, use remote desktop. Hom edition of Windows cannot join domains. Windows server has Windows Manager. If you join a domain, then you must have a domain account already for you so you can login. When you add a domain controller, the workgroup computers will no longer broadcast to one another but instead will speak with the domain controller.
All major operating systems support SAMBA.
Net view to see what computers your system can see within a workgroup, see whats happening on your network from command line
Net user to show what you are on the network
Net share to share files amongst your workgroup
Net accounts to get an idea for the settings you have on your accounts
Net start to show the different services that are network based that are running on the particular system
Net stop to stop a particular web server on your system
Uncommon type of command. Join a workgroup or join a domain, which is a group of computers that are under the administration of one or more Windows Server systems. These Windows Server systems are running advanced versions of Microsoft Windows called, Windows Server.
Active directory administrative center- where you can add computers to the domain
Netdom command- used to get new computers onto a specific domain, you can use this from the command prompt at a server.
Command prompt ->netdom add *computer or netdom remove *computer
Windows Name Resolution
Netbios- if you are not on a domain, you would use netbios which uses ports 137,138,139 to handle your name resolution
LLMNR- runs on UDP port 5355 and is an improved name resolving service, better than netbios
If you use Windows 10, you have both LLMNR and netbios.
Nbtstat- used to let you know if there is a problem on your network, doesn’t play well with LLMNR and a lot of commands don’t actually work, tool Command prompt -> nbtstat -n used to make sure each computer is accurately listed and shows the workgroup, computer name and functionality (registered name- name that computer owns for itself)
Type nbtstat -c used to make sure another transaction occurred with another computer and to see about all the other computers on the network through the browser manager, one computer on the network must be the browser manager.
Nbtstat -a *system name* to see the registered information for another computer
Nbtstat -r is statistics about what it has been doing lately, look for ‘resolved by broadcast’ not ‘name server’ as it is ancient technology.
Nbtstat -rr used to take all registered information and rebroadcast it
Nbtstat -r used to clear the cache table
Interconnect broadcast domains, each network card inside a router has an IP address, routers do not care where packets come from but only where they go to. A router’s job is to ensure packets go to the right place and it is done by using a routing table. A router’s job is to stop broadcast. Routers eliminate broadcasts when they receive a packet.
Default gateway IP address for router is 192.168.1.1. Routers use web servers as primary configuration tool.
Setting up LAN- Plug in router -> ipconfig, to see the router’s default gateway and if it is up and running -> type IP address into browser -> login by using information provided by manual -> go to ‘setup’ -> you can change Device IP addresses third value to 15 instead of 1 for a more secure router -> ipconfig /renew to reset for router new address ->
Connect to Internet Service Provider- login to router -> setup -> network -> WAN setting -> WAN1 configuration
Change password on router- login to router -> setup -> password
NAT allows 1 IP address to be shared by a bunch of different devices. Routers are NAT by default and runs automatically, it is difficult to turn off. DHCP also works automatically. The downside with DHCP here is that if you plug it into the modem and plug your computers into the LAN, then you will have internet but you will have absolutely no security.
Advanced Router Configuration
What’s the router IP address- ipconfig
Change IP address for router -> login to router via browser and IP address -> advanced tab -> setup tab -> LAN setup tab -> change LAN IP address to 10.10.10.1 which is a private IP -> reset the router -> ipconfig to check the router’s new LAN IP address
Port Forwarding tells router to accept incoming unsolicited request from the internet and directs a single inbound port to a single IP host – login to router -> advanced tab -> Setup tab -> advanced setup -> port forwarding/port triggering -> HTTP service name -> add service IP address of device
Port triggering opens a range of ports to direct to a single IP host -> login to router -> advanced tab -> advanced setup -> port forwarding/port triggering -> add service -> add name -> port number
DMZ or demilitarized zone directs all inbound ports to a single IP host, basically DMZ says anything that comes from the internet on any port number send to a certain device, it is dangerous to do as it opens up your computer to the internet unprotected -> login to router -> advanced tab -> setup tab -> WAN setup tab -> check default DMZ server
QOS or Quality of Service prioritizes network traffic management by category -> login to router -> applications and gaming tab -> internet access priority which is how we monitor a fixed amount of bandwidth to give to different devices -> choose applications and priority level, what it does is tell router that a certain device gets a certain amount of bandwidth reserved
Wireless Network Hardware
802.11 is the standard primary wireless technology that we use for wireless networks, made in 1997.
Wireless NIC- what a PC needs to connect to a wireless network
Wireless Access Point- its function is to act as a bridge between a wireless and ethernet network and only has 1 ethernet connection in the back. Many wireless Access points are packaged with switches and routers.
To setup a wireless network, you either use Ad-Hoc mode which doesn’t use a WAP, you have a number of computers and one person initiates an ad-hoc network and people then join it or infrastructure mode, which you configure a WAP and then have the clients connect to the WAP and is generally more common.
We need radio frequencies, the 802.11 uses the ISM which are public bands that are used in order to make 802.11 work. 2.4GHZ and 5.0GHZ depending on the version of 802.11.
A band is a range of frequencies. 802.11 breaks into 11 Channels and when you set up your WAP you tell it to choose a particular channel, this is done to ensure that you can delegate different channels.
802.11B is the first big popular 802.11 and ran with 2.4GHZ and was 11MB/S, had a wider range than A. B took over the world.
802.11A came out around the same time and ran with 50.GHZ and was 54MB/S, had technical issues when it first came out.
802.11G is the Wifi standard that took over the world. IT is the best of both worlds. It is 2.4GHZ and 54MB/S. It is not compatiblity with 802.11A
802.11N ran at both 2.4 and 5.0 and ran at 600MB/S and introduced MIMO. MIMO introduced data streams meaning you could create a stream and send more than one piece of data to groups of clients. The downside is it would work with the 2.4GHZ band, and 5GHZ is for the native 802.11N features.2.4GHZ is for backward compatibility with 802.11B and G.
802.11AC is exclusively 5GHZ and runs at 1GB/S, they have built in antennas. It has up to 8 streams with MIMO. It also has MU-MIMO and supports up to 4 clients at once.
Basic WAP setup
Login to router -> advanced tab -> setup tab -> wireless setup tab -> Change SSID- service set identifier names your wireless connection -> Set channel- auto or manual selection -> Mode up to highest amount -> Add smart connect to optimize 80211.AC
Setup Security -> WPA, WPA2-PSK (TKIP/AES) which is personal shared key, WPA2 Enterprise options. Choose WPA2-PSK(AES) option -> type in IP address for RADIUS server IP address and know that the RADIUS server port is 1812.
Anybody can talk to a WAP but you need encryption to get passed it. WEP was not useful at all because you encrypted packets and mathematically people could figure it out. Not going to worry about authentication unless for advanced networks and fixed WEP except couldn’t add AES. WPA was created based off the 802.11I except for AES encryption. It takes around an hour to crack into but better than WEP.
Network card and WAP’s increased and WPA2 was made. Has slight vulnerabilities but difficult to crack into.
Inside WAP -> enable encryption -> type in 40 bit/10 character network key
WPA personal- pass a passphrase between the WAP and the client, Short passphrases make it hackable
WPA Enterprise- connect to a Radia server, which has to be configured
WPA2- difference from WPA is that it turns on AES, if you’re not using AES then you are using TCIP
Wireless Problem Scenarios
Interference- other WAPS, mice and keyboards and microwaves could cause inerference on a network. What speed have I agreed with my WAP to run at, check via Windows resource monitor -> Go to WiFi status -> If speed is decreasing, it is usually interference -> use windows utility to check wireless speeds -> kill the interference by getting rid of a certain device or manually set the channel for your WAP’s frequency which is further away from everyone else
Connected but can’t get on the internet -> Check your IP address, if you have 169.254 APIPA address, then you have the wrong password
When you are on a network, and suddenly you can’t get on -> view Wireless Connection Properties -> changes made to WAP settings will no longer match client profiles -> ‘forget this network’ and then reconnect to re-establish if there is a password needed
Connecting to a WiFi Network
Wireless connections -> right click ‘properties’ to get details on network connection -> run ipconfig to see a legitimate IP address
WPS- made for devices that do not have an interface to easily connect to a wireless network, you can press the router and then press the device and then they will setup OR the router has an 8 digit code that can act like a password that you can type in
WPS is incredibly hackable. Do not use it and turn it off. It is currently a big problem
Troubleshooting Wireless Connections
You didn’t configure your WAP correctly. Antennas on the WAP tend to want to be straight up, experiment with them.
Figure out what wireless networks are out there and how strong their signals are.
Check the network connections to see what is out there and there signal strength.
Login to router -> ap isolation allows you to hook up to your wireless device but you can’t see any other devices on that network.
Login to router -> TX power to transmit more power to take care of dead spots automatically, install dd-wrt to replace your firmware
High gain antennas will improve your signal power but watch out for the wire being long as there will be reduction and gain and you will get less signal
Make sure you have the people you want on a network -> login to router -> MAC address filtering/Wireless MAC filter, it is a pain, instead go into your router and setup a secondary SSID that you can turn on and off.
Profiles – example is telephone and audio profiles on a bluetooth connection with a car
PAN- where two devices share data between each other
Pairing- one device must be discoverable and the other device must see it and provide a passcode
3 classes of bluetooth devices on how far away they can be from each other -> class 1 = 100m, class 2 = 10m, class = 1m, most devices are class 2 or 3.
Big routers are located around certain countries and fiber optic cables run underground to connect between where network operation centers are. Half of the US has the Western area with fiber optic cables and the other half on the Easten area. They are competitors that have what is called a Peering agreement and that is Tier 1. 9 companies are Tier 1 providers, everything off the internet is run off them
The smaller fiber optic cables are tier 2 as they have some peering agreement although they also pay Tier 1 to connect to them.
The smallest connecting fiber optic cables are paying tier 1 or tier 2 and considered tier 3.
Internet service providers are typically used to connect to the internet and are considered tier 3 companies.
In order to connect to the internet via modem, you will need two things: ISP with phone number to connect to and a modem itself. On a Windows XP -> Control panel -> Modem and phone -> fill out location information -> Add Hardware/Install New Modem.
Only devices that truly use modem are old school dial up networks. Everything else uses a terminal adaptor, but we still call them a modem.
Control panel -> network connections -> create a new connection -> connect to internet ->setup connection manually -> connect using dial up -> ISP name -> phone number and username/password supplied by ISP
Dial up is not always on and you have to tell the computer where you are based off your location.
ISDN is digital solution that came about in the 90’s as an alternative to dial-up. ISDN had special phones that made the connection and was double the speed being digital.
Telephone line or RJ11 for DSL, coax for cable, fiber optic for fiber. RJ45 is used for output for all connections. All manifest as a box.
DSL- “smallest tube” and based off telephone system and lines, it uses a filter anywhere you are going to use your phone. Upload speeds are small percentage of download speeds. PPPOE was used instead of plugging 3 or 4 computers into 1 DSL connection and requires a username/password and it is setup in windows or router.
Cable- coax is great way to carry data. It is a shared network. You are guaranteed a certain amount of speed.
Fiber Optic- Fios by Verizon or U-Verse for AT&T, they are high speed DSL connections but you can’t use your phone.
Cellular WAN- designed for analog and voice at first, now for data and voice such as LTE. Generations are 3G, 4G and so on. 4G has LTE and WIMAX, similar as they have 15-30 mile range and have antennas on cell towers. WIMAX is fading to LTE which is proprietary standard.
802.11- more than a WAP. They can be used as hotspots setup to work as a MAN.
Satellite- floats around the earth and buildings have antennas create a connection. It is the slowest but you can always connect. It has latency that you should watch out for.
TCP, primary protocol to move data between two computers, reliable data vs UDP, used when you are not worried about the data applications. 95% is TCP. UDP is faster.
Internet applications use ports to ensure that data is sent and received properly
Telnet- uses port 23. Downside is that it is unsecure. used to remotely connect to someone else’s command prompt. command line -> telnet -> open ‘ip address’ -> server login and password ->
SSH- encrypted and uses port 22. Putty is a very flexible terminal emulator program, client for remote connectivity. Used today.
Https is port 443. Regular http uses port 80. Run netstat -f to show dns names, command line. With every web page there can be lots of connections. Netstat -n -a displays numerical output and active connections. You can easily install a web server on any computer.
SMTP used to send emails and on port 25. To download from the internet you either use pop3 on port 110 or IMAP on port 143. It is whatever your email server uses. IMAP you can use files on the server. POP3 uses email on the clients.
Thunderbird from Mozilla is a free email client -> create account with email acct information given -> you need to setup username, imap or pop3 server and set up SMTP server.
Move files around on the internet. Runs on port 21 and also port 20. FTP client is mozilla filezilla ftp client. Login to ftp client -> host info -> username -> password -> port, provided -> drag over the files you want to download from the host. The downside is that their is no encryption.
Secure FTP/SFTP- runs on port 22 and is secure. We usually use FTP.
Remote Desktop Connections
Telnet been around since the internet, uses port 23, you need telnet client to run, which is putty. Login to telnet client -> host name IP address -> username info. You can’t use telnet for file transfers, only control on the command line.
Alternative is SSH, you need SSH server and client, runs on port 22. Putty is also used. SSH is more than telnet, you can use it for secure FTP and as a tunneling system.
RDP runs off port 3389 and is a remote desktop. Computer -> properties -> remote settings. Remote Desktop allows the client to not see what you are doing while remote assistance lets them see what your mouse is doing.
Accessories -> remote desktop connection OR type mstsc in search to find remote desktop in windows.
Folder sharing as an internet protocol. Network connections -> properties -> file and print sharing to share files or turn on client for microsoft networks to access shared resources
Netbios/Netbt- old protocol that worked over TCP/IP. SMB for sharing files over TCP/IP in Windows, is new term and is used today and CIFS is considered an obsolete term.
TCPView -> localports ->ports 137-139 CIFS/netbios over IP. SMB is port 445.
Port 548 is apple filing protocol, but today Mac uses SMB as well.
Samba was based off SMB and made from Linux.