Computer security lab manual

Lab Manual / Principles of Computer Security Lab Manual, Fourth Edition / Nestler / 655-1 / Blind Folio 1

Networking Basics: How Do Networks Work?

Know thyself.

—Oracle at Delphi

Securing a network can be a tricky business, and there are many issues to consider. We must be aware of the vulnerabilities that exist and their corresponding threats and then estimate the probability of the threat acting upon the vulnerability. Measures are implemented to mitigate, avoid, or transfer risk. However, regardless of the effort to minimize risk, there is always the possibility of harm to our information, so we must develop plans for dealing with a possible compromise of our network. Yet before we can really protect our network from attackers, we must first know our network and, ideally, know it better than they do. Hence, we need to learn about what the network does and how it does it so we can develop an understanding of our network’s abilities and limitations. Only then can we truly see our network’s vulnerabilities and do what is necessary to guard them. We cannot secure our network if we do not know how it works.

Part I will demonstrate how devices communicate on a local area connection and cover IP addressing, routing, the three-way handshake, and some of the basic network applications. It will

PART I

01-ch01.indd 1 24/07/14 5:00 PM

2

Lab Manual / Principles of Computer Security Lab Manual, Fourth Edition / Nestler / 655-1 /

Part I: Networking Basics: How Do Networks Work?

also introduce tools that will be used throughout the remainder of the book, such as ping, arp, nslookup, and Wireshark.

This part is divided into three chapters that will discuss the different aspects of the TCP/IP protocol stack. Chapter 1 will cover exercises relating to the network access and Internet layer, Chapter 2 will deal with the transport layer, and Chapter 3 will discuss the application layer. As you go through the labs in this part, you should be constantly asking yourself one question: How is this network vulnerable to attack, and how can it be exploited? It might seem strange to think about how something can be broken when you are learning about how it works, but this is a good opportunity for you to start thinking the way an attacker thinks.

This part will also prepare you for the labs that are to come in Part II.

01-ch01.indd 2 24/07/14 5:00 PM

Lab Manual / Principles of Computer Security Lab Manual, Fourth Edition / Nestler / 655-1 / Chapter 1 Blind Folio 3

Workstation Network Configuration and Connectivity

Labs

Lab 1.1w Windows Client Configuration

Lab 1.1l Linux Client Configuration

Lab 1.1 Analysis Questions

Lab 1.1 Key Terms Quiz

Lab 1.2w Name Resolution in Windows

Lab 1.2 Analysis Questions

Lab 1.2 Key Terms Quiz

Lab 1.3w Windows IPv6 Basics (netsh/ping6)

Lab 1.3 Analysis Questions

Lab 1.3 Key Terms Quiz

Chapter 1

01-ch01.indd 3 24/07/14 5:00 PM

Chapter 1: Workstation Network Configuration and Connectivity4

Lab Manual / Principles of Computer Security Lab Manual, Fourth Edition / Nestler / 655-1 / Chapter 1

This chapter contains lab exercises designed to illustrate the various commands and methods used to establish workstation connectivity in a network based on Transmission Control Protocol/Internet Protocol (TCP/IP). The chapter covers the basics necessary to achieve and monitor connectivity in a networking environment, using both Windows PCs and Linux-based PCs. In this chapter, you will be introduced to some basic commands and tools that will enable you to manipulate and monitor the network settings on a workstation. This is necessary as a first step toward learning how to secure connections.

The chapter consists of basic lab exercises that are designed to provide a foundation in network connectivity and tools. In later chapters of this book, you will use the skills from these lab exercises to perform functions that are necessary to secure a network from attack and investigate current conditions. Built upon the premise that one learns to crawl before walking and to walk before running, this chapter represents the crawling stage. Although basic in nature, this chapter is important because it provides the skills needed to “walk” and “run” in later stages of development.

Depending on your lab setup and other factors, you won’t necessarily be performing all the lab exercises presented in this book. Therefore, to help you identify which lab exercises are relevant for you, each lab exercise number is appended with a letter: “w” labs are built using the Windows environment; “l” labs are built using the Linux environment; “m” labs are built using a combination of Windows and Linux; and “i” labs require an Internet connection.

Lab 1.1: Network Workstation Client Configuration For two computers to communicate in a TCP/IPv4 network (IPv6 is discussed later, in Lab 1.3), both computers must have a unique Internet Protocol (IP) address. An IP address has four octets. The IP address is divided into a network address and a host address. The subnet mask identifies which

01-ch01.indd 4 24/07/14 5:00 PM

Mohammed Khalid
Lab 1.1: Network Workstation Client Configuration 5

Lab Manual / Principles of Computer Security Lab Manual, Fourth Edition / Nestler / 655-1 / Chapter 1

portion of the IP address is the network address and which portion is the host address. On a local area network (LAN), each computer must have the same network address and a different host address. To communicate outside the LAN, using different network IP addresses, a default gateway is required. To connect to a TCP/IP network, normally four items are configured: the IP address (this is both the network portion and the host portion), the subnet mask, the IP address for a Domain Name System (DNS) server, and the IP address for the gateway machine. To communicate within a LAN only, you need the IP address and subnet mask. To communicate with other networks, you need the default gateway. If you want to be able to connect to different sites and networks using their domain names, then you need to have the address of a DNS server as well.