hey everyone welcome back to another video here on tryhackme i'm john and today we're going to be taking a look at the room intro to lan learn about some of the technologies and designs that power private networks that being said let's go ahead and dive right into task one introducing land topologies local area network land topologies we'll go and collect the view site i think it's already loaded but let's make sure over the years there have been experimentation and implementation of various network designs in reference to networking when we refer to the term topology we're actually referring to the design or look of the network at hand so how everything's actually connected let's discuss the advantages and disadvantages of these topologies below first let's talk about the star topology the main premise of a star topology is that devices are individually connected via a central networking device such as a switch or a hub this topology is the most common found today because of its reliability and scalability despite the cost any information sent to the device in this topology is sent via the central device which connects everything let's explore some of these advantages and disadvantages of the topology below because more cabling and the purchase of a dedicated networking equipment is required for this topology it is more expensive than any of the other topologies and we'll discuss a few more below however despite the added cost this does provide some significant advantage or advantages for example this topology is much more scalable in nature which means that it is very easy to add more devices as the demand for the network increases unfortunately the more the network scales the more maintenance is required to keep the network functional this is incr this increased dependence on maintenance can also make troubleshooting flaw or faults much harder as there's more places there's more cables there's more things to go wrong in general furthermore the star topology is so prone to failure albeit reduced for example if the centralized hardware that connects devices fails these devices will no longer be able to send or receive data thankfully these centralized hardware devices are often very robust switches they don't die very often and when they do it's very obvious that they're dead and it's pretty easy to replace them they're usually not terribly expensive as well as far as networking hardware goes as you get ones with nicer nicer features uh they definitely go up in price but for just a basic one for home use they're like 25 bucks or something like that which and this on the scale of networking things that's not too bad but you can see in this how everything's connected via central hub bus topology this type of connection relies on a single connection which is known as the backbone cable this type of topology is similar to the leaf off a tree in the sense that the devices or leaves some from where the branches are on the cable because all data destined for each device it travels along the same cable it is very quickly prone to becoming slow and bottlenecked if devices when the topology are simultaneously requesting data this bottleneck also results in very difficult troubleshooting because it quickly becomes difficult to identify which device is experiencing issues with data all traveling along the same route however with this said bus topologies are often one of the easier and more cost effect or efficient topologies you set up because of their expense and you can see that there's this big connecting thing that there's not a lot of cabling involved there because you just have one dedicated mega cable because of their expenses such as cabling or dedicated network equipment used to connect these services so lastly another disadvantage of the bus topology is that there is a little redundancy in place in case of failures this disadvantage is because there is a single point of failure along the backbone cable if this cable were to break devices can no longer receive or transmit data along the bus let's talk about ring topology the ring topology also known as token topology boasts some similar some similarities devices such as computers are connected directly to each other to perform a loop meaning that there is little cabling required and less dependence on dedicated hardware such as networks or switches or things like that within the star topology a ring topology works by sending data across the loop until it reaches the destined device using other devices along the loop they'll forward the data so essentially it just gets passed along these points interestingly a device will only send received data from another device in this topology if it does not have any to send itself if the device happens to have data to send it will send its own data first before sending data from another device because there is only one direction for data to travel across this topology often counterclockwise or clockwise just one of the two it is fairly easy to troubleshoot any faults that arise so for example if you had a brake right here and suddenly this device can't receive data from this device well fairly obvious that the cable is probably bad there however this is a double-edged sword because it isn't an efficient way of data traveling across a network and it may have to visit multiple devices first before reaching the intended device lastly ring topologies are less prone to bottlenecks such as with any bus topology as large amounts of traffic are not traveling across the network at any time this design the design of this topology does however mean that a fault such as a cable cut or a broken device will result in the entire networking break breaking or just failing all together uh one thing to note here this is less common to see this is something that you would probably see if you have a mesh network that it might leverage a ring topology to pass thing between those uh different nodes in the network uh however that's not exactly all that common the one that you're likely to see in most cases is probably this star just because it's very common it's very easy and often enough in your homework network this is probably what you're using anyways where you have one router that has a wi-fi access point on it and everything connects to the same access point so just be aware that this is probably the most important one but you do need to know about these other topology types let's talk about what is a router it's a router's job to connect networks and pass data between them it does this by using routing hence the name router routing is the name or the label given to the process of data traveling across networks so what do we mean when we say across networks this means networks with different addressing schemes so maybe i have a home network and you have a home network but if i want to send something to you maybe an email that has to cross the public internet too so we have our routers that sit on the edges of those networks so where the internet comes into my house at what's called the dmarc point and then where it comes into your house at the dmarc point there and that does the translating it handles uh how routes are created and when i say routes i mean general rules of how you can talk to devices across those networks so it uses the destination as a means to break down where it needs to send things i think of the old like turn style where you'd see marvels going in and they would go out one specific end of maybe a marble contraption uh it just wraps things in in this case it'd be instead of marbles it would be packets so uses routing rules to just control where it needs to send things writing is useful when devices are connected by many paths such as in the example diagram below so you can see that maybe this is the internet here in the middle where we have my house and then your house here and i'm going to send you an email but it needs to go between those other networks or maybe just different parts of a building but you can see that these handle the translation so that this network can be its own thing and this network can be its own thing as well let's talk about switches switches are dedicated devices within a network that are designed to aggregate multiple other devices such as computers printers and or other networking capable devices using internet or ethernet rather so the actual cable these various devices plug into a switches port switches are usually found in larger networks such as businesses schools or other similar size networks where there are many devices to connect to the network switches can connect a large number of devices by having ports uh groups of ports uh 4 8 16 24 32 and 64 devices actually plug into and they can get even bigger than that um so generally speaking they're going to come in this multiple of four here it's just because it's easier to make them and it's easier to address devices in that way so uh these will not necessarily have routes such as routers do but they have a way of actually identifying which device is plugged in to that cable and from there it can kind of form a routing table internally where it knows how to send these packets along so unlike routers these devices do not perform routing as i just mentioned in the sense of directing paths along a certain route using iprotocol instead switches use a technology called packet switching to break down pieces of data into smaller more manageable chunks of data called packets this data or this technology allows for the efficiency of a network or uh because large pieces of data take up more resources if you want to send a large chunk like maybe a large part of a game download at once that's not very efficient that's a lot of data traveling and if you have to keep it all connected that is potentially just going to take up the entire network its processing however it's much much easier to transmit that in small little bite-sized pieces it's sort of the same concept as carrying up furniture or if you need to it's easier to break it down and carry light boxes rather than one really big item as it takes everything or all of your resources at that point and you can see again how it mentions the efficiency there so both switches and routers can be connected together the ability to do this increases the redundancy or the reliability of a network by adding multiple paths for the data to take if one path goes down another can be used whilst this may reduce the overall performance of a network because packets have to take longer to travel there is no downtime a small price to pay considering the alternative so quick practical attached to this task is an interactive practical featuring the discussed land topologies learning about the various ways in which they are vulnerable to breaking break the land to apologies to retrieve the flag so the first question here that we have is what does land stand for that is going to be local area network what is the verb given to the job that routers perform uh that should be routing there we go what technology do switches use to break down large pieces of data into smaller more manageable packets that is going to be packet switching what topology is cost efficient to set up uh let's see i'm guessing this is the bus topology and there we go what topology is expensive to set up and maintain so that is going to be the star because you have more networking cables and things like that and then let's go ahead and complete the interactive lab topology flaws the slide will take you through the flaws in different network topologies first we have the ring topology in ring topology all devices are connected to two others to create a full circle and then you can see packets of data travel from one device to the next until they've reached their destination one of the major flaws with a ring topology is that if a device goes down or a cable is broken then data will no longer be passed if you hover over the middle of an upper cable you can cut it to see what happens to the actual packets so here we have our scissors and we cut it and we can see that those are broken and packets can no longer travel the packets can no longer travel around the network and no devices can talk to each other bus topology with the bus topology all devices are connected to a single cable often called the backbone data is sent both left and in both left and right directions down the backbone until the packet's destination is reached a major fly and bus topology is it cannot handle a large amount of data on the next step send as many packages quickly as you can to try to take down the network so we'll go ahead and just click this a lot send a lot of uh traffic and we'll see that very quickly this is gonna start getting overwhelmed and there we go we can see it's now down because there's just too much stuff sitting on the network and then we have this star topology with the star topology all devices are connected with their own cable to a central switch hub every packet is sent through this switch which means if the network goes down the network no or if the switch goes down rather the network will no longer work see if you can somehow break the switch uh and it looks like it's giving us a hammer that's wonderful and now we can see the network is down and we've gone ahead and completed our practical let's go and copy that over paste that flag topology flaws and there we go let's move into task five a primer on subnetting as we've previously discussed throughout the module so far networks can be found in all shapes and sizes ranging from small to large subnetting is the term given to splitting up a network into smaller miniature networks within itself think of it as slicing up a cake for your friends there's only a certain amount of cake to go around but everybody wants a piece subnetting is how you decide who gets what slice and reserving such a slice of this metaphorical cake take a business for example you will have different departments such as accounting finance and human resources you need to somehow split up your network between these uh different uh departments though and here we can see we have a diagram demonstrating exactly that where we have the internet with our router on the edge and then a switch connecting everything in a star topology and then we can see this is further broken up where we have our individual sections which is where subnetting comes in once you know where to send information in real life to connect or to the correct department networks need to know this as well network administrators use subnetting to categorize and assign specific parts of a network to reflect this subnetting is achieved by splitting up the number of hosts that can fit within the network represented by a number called a subnet mask let's refer back to our diagram on the first room in this module and here we can see that we have our ipv4 address with the 0255 octets as we recall an ipv address is made up of four sections called octets the same goes for a subnet mask which is also represented by a number of 8 bytes 32 bits ranging from 0 to 255. subnets use ip addresses in three different ways to identify the network address to identify the host address and identify the default gateway let's talk about what these actually mean let's split these three up to understand their purposes in the table below so first off we have the network address this is a bit of a confusing topic but know that this is a very simple idea in concept this address identifies the start of the actual network and used to identify a network's existence so this is the network that sits at the start you'll very rarely see this dot zero address in use by a device because it belongs to the actual network so for example a device with the ip address of 192.168.1.100 will be on a network identified by 192.168.1.0 because that belongs to the network this can be split up a little bit further but just know that generally that zero is going to be what identifies the network itself let's talk about the host address an ip address here that is used to identify a device on a subnet so this is just something that belongs to your device so for example a device will have the network address of 192.168.1.10. so this could be a device address with the network address still being this.0 up here and you can see another example here where just that last octet is actually changing default gateway the default gateway address is a special address assigned to a device that is capable of sending sending information to another network so this is going to be a router this is essentially how everything needs to go out think of if you are in a building that has one way out uh that is your default gateway because that's how you need to exit the building or enter it any data that needs to go to a device on uh that isn't on the same network will have to go through this default gateway uh these devices can use host addresses but usually use either the first or the last host address in a network uh it's very common to see this be that one i believe i mentioned that either in the previous video or earlier in this room where this dot one is often enough going to be a router or the dot 254 it could be a router as well now in small networks such as at home you will be on one subnet as there is an unlikely chance that you need more than 254 devices connected at one time however places such as businesses and offices will have much more of these devices so you have pcs printers cameras sensors and so on and so forth and that's where you really need to have subheading come into play subnetting provides a range of benefits including efficiency security and full control of how the network is actually split up we'll come on to explore exactly how subnetting provides these benefits at a later date however for now all we need to understand is the security element to it because we're focused on becoming security professionals let's take the typical cafe on the street this cafe will have two networks one for employees cash registers and other devices for the facility uh hopefully this is on its own network because of pci i won't go too far into that generally speaking your cash registers need to be on their own network and they won't fit the general public and hopefully there is no way that these can communicate because that's where you start having bad things uh subnetting allows you to separate these two use cases from each other whilst having the benefits of a connection to a larger network such as the internet so know that subnetting generally speaking is just how we can separate things off that's really the big idea out of this section what is the technical term for dividing up a network into smaller pieces that is going to be subnetting how many bits are there in the subnet mask that should be 32 what is the range of a section octet uh of a subnet mask that should be 0 to 255 what address is used to identify the start of a network that would be the network address what address is used to identify devices within a network that'll be the host address what is the name used to identify the device responsible for sending data to and from another network that is going to be your gateway that should be your default gateway here there we go let's move into task three the arp protocol recalling from our previous tasks that devices can have different or two identifiers a mac address and an ip address the art protocol or address resolution protocol for short is the technology responsible for allowing devices to identify themselves on a network simply the art protocol allows a device to associate its mac address with an ip address on the network each device on a network will keep a log of the mac addresses associated with other other devices so think of it this way again your ip address that can change you can swap houses with your neighbor you can do whatever you want with that but your mac address is in theory globally unique so you probably won't have the same mac address as your neighbor and that's something that can be used to identify you uniquely so even if you move you still have that mac address when devices wish to communicate with another they will send a broadcast to the entire network searching for the specific device devices can use their art protocol to find the mac address and therefore the physical identifier of a device for communication think of it this way yell out into a crowd and you say i need the person with this specific mac address that person responds hopefully if they're not spoofing their mac address that's what arp is doing it's very simple and it's just a way of trying to find that unique identifier how does art work each device within a network has a ledger to store information on which is called a cache that is specifically the arp cache in the context of the art protocol this cache stores the identifiers of other devices in the network so once you've done that yelling out in the crowd to figure out who has what mac address you can check your cache because you've already done it before why do it multiple times when you know you're going to be sending a lot of data to and from that device and that saves on network traffic because again remember we only have so much data that we can send at once we want to keep that as as limited as we can just because we want to have bandwidth for other things in order to map these two identifiers together the ip address and the mac address the art protocol sends two types of messages we have an arp request which is that yelling out into the crowd and then the reply which is the person in the crowd yelling back that hey i have that when an ark request is sent a message is broadcasted to every other device found on the network by the device ask or buy the device uh that's has it in theory asking whether or not the device's mac address matches the requested ip address if the device does not have the requested ip address an art reply is returned to the initial device to acknowledge this the initial device will now remember this and store it within its cache so again we yell out we say hey do you have this mac address uh or hi uh mac address you have this ip address and it'll reply back and confirm it and then we have that cached what does arp stand for that is going to be just up here at the top and that is going to be address resolution protocol and again that's just so that we can find we can match uh ip addresses or mac addresses up with ip addresses and then there's reverse arp which does the opposite where we can match an ip address with a mac address there we go what category of art packet asks a device whether or not it has a specific ip address that should be a request as we're asking it what is used as a physical identifier for a device on a network that is going to be a mac address and then what address is used is a logical identifier for a device on a network that is going to be the ip address because this is just a logical one this can change let's move into task for the dhcp protocol ip addresses can be assigned either manually by entering them physically into a device or automatically and most commonly by using the dhcp dynamic host configuration protocol server uh you do not need to know what this shortens to that's just a fun little tidbit you know you'll call this dhcp every single time what a device connects to a network if it has not already been manually assigned to an ip address it sends out a request a dhcp discover to see if there are any dhcp uh servers on the network so it says hey i don't have an address is there a server out there that can give me one and you can see the problem with having multiple dhcp servers because they might both reply and it might have two ip addresses that are incorrect the dhcp server replies back with an ip address the device could use so a dhcp offer the device then sends a reply confirming it wants the offered ip address the dhcp request so it says hey i like what you offered i want to actually forwardly request that one and then lastly the dhcp server sends a reply acknowledging that this has been completed and the device can start using the ip address so it'll send back an acknowledgement and we can see that broken down here where we have hey i just joined this network who can give me an ip address the server itself is going to say sure let me go ahead and give you this one does that work for you yes that works uh i would like to formally request that one and then it acknowledges it and usually you have a default time span of 24 hours for that let's move into the actual questions here what type of dhcp packet is used by a device to retrieve an ip address that is going to be a dhcp discover what type of dhcp packet does a device send once it has been offered an ip address for by the dhcp server that is going to be dhcp request because we've already been offered it we want to say hey this is my formal acceptance of it i do want this address that you've given me finally what is the last dhcp packet that is sent from a device uh to a device rather from the dhcp server that is going to be our acknowledgement that says the server says hey i see that you're requesting this i'm acknowledging that request and i'm going to formally accept it and that will be the dhcp acknowledgement let's move into task five continuing your learning with the osi model continue your learning by joining the osi model room highly recommend doing that right after this if you have any questions we'll go and mark this as complete if you have any questions as always i will have the try hack me discord and subreddit linked in the video description below but otherwise until next time happy hacking