Cybercrime Lawyer India

Unit 1: Networking models

  • OSI Layered model
  • TCP/IP Model
  • MAC Address representation
  • Organisationally Unique Identifier
  • Internet Protocol
  • Versions and Header lengths
  • IP Identification
  • IP Flags
  • IP fragmentation and reassembly structure
  • Transport Layer protocols
  • Port numbers
  • TCP Flags
  • Segmentation
  • TCP 3 way handshake and Options
  • Encapsulation and De-encapsulation
  • Payload
  • OSI Layered Model:
    • Overview: The Open Systems Interconnection model defines seven layers to understand and standardize network communication.
    • Layers: Physical, Data Link, Network, Transport, Session, Presentation, Application.
  • TCP/IP Model:
    • Overview: The Transmission Control Protocol/Internet Protocol model is a widely used networking architecture.
    • Layers: Link, Internet, Transport, Application.
  • MAC Address Representation:
    • Definition: Media Access Control address uniquely identifies devices on a network.
    • Format: Usually expressed as six pairs of hexadecimal characters separated by colons (e.g., 00:1A:2B:3C:4D:5E).
  • Organisationally Unique Identifier (OUI):
    • Definition: First three bytes of a MAC address, indicating the manufacturer or organization.
    • Example: 00:1A:2B (OUI) : 3C:4D:5E (Device Identifier).
  • Internet Protocol:
    • Overview: IP is a fundamental protocol for addressing and routing data packets on the Internet.
    • Versions: IPv4 (32-bit) and IPv6 (128-bit) are the two main versions.
  • Versions and Header Lengths:
    • IPv4 Header: Contains version (4 bits) and header length (4 bits) information.
    • IPv6 Header: Version is explicitly specified, and there is no header length field.
  • IP Identification, Flags, Fragmentation, and Reassembly Structure:
    • Identification: Unique identifier for a particular packet.
    • Flags: Control fragmentation; flags include “Don’t Fragment” and “More Fragments.”
    • Fragmentation: Dividing large packets into smaller fragments for transmission.
    • Reassembly: Reconstructing original packets at the destination.
  • Transport Layer Protocols:
    • TCP (Transmission Control Protocol): Reliable, connection-oriented protocol.
    • UDP (User Datagram Protocol): Unreliable, connectionless protocol for low-latency communication.
  • Port Numbers:
    • Definition: Logical endpoints for communication, distinguishing different services.
    • Range: 0 to 65535; well-known ports (0-1023), registered ports (1024-49151), dynamic or private ports (49152-65535).
  • TCP Flags:
    • SYN (Synchronize): Initiates a connection.
    • ACK (Acknowledgment): Acknowledges received data.
    • FIN (Finish): Initiates the termination of a connection.
    • RST (Reset): Resets a connection.
  • Segmentation:
    • Definition: Breaking data into smaller units (segments) for efficient transmission.
    • Purpose: Facilitates flow control and retransmission in case of packet loss.
  • TCP 3-Way Handshake and Options:
    • Handshake Steps: SYN, SYN-ACK, ACK.
    • Options: Additional information exchanged during the handshake, such as Maximum Segment Size (MSS).
  • Encapsulation and De-encapsulation:
    • Encapsulation: Adding protocol-specific headers to data as it moves down the OSI layers.
    • De-encapsulation: Stripping headers as data moves up the OSI layers.
  • Payload:
    • Definition: The actual data being transmitted within a packet.
    • Nature: Can include application data, file contents, or any information being communicated.

Unit 2: Static and Dynamic Routing

  • IP Routing Protocols
  • Classful and Classless Routing
  • RIPv1
  • RIPv2
  • Broadcast and Multicast domains
  • OSPF
  • EIGRP
  • Network Address Translation
  • IP Classes
  • Private IP
  • Public IP
  • Reserved IP
  • APIPA
  • Static and Dynamic Routing:
    • Static Routing: Manual configuration of routing tables; suitable for small networks.
    • Dynamic Routing: Automatic adjustment of routing tables using routing protocols; scalable for larger networks.
  • IP Routing Protocols:
    • Definition: Protocols determining how routers communicate and share information to determine optimal paths.
    • Examples: RIP, OSPF, EIGRP.
  • Classful and Classless Routing:
    • Classful Routing: Routing based on traditional IP classes (A, B, C).
    • Classless Routing: Routing without strict adherence to IP classes, using Variable Length Subnet Masking (VLSM).
  • RIPv1 (Routing Information Protocol Version 1):
    • Characteristics: Classful routing protocol; uses broadcast for routing updates.
    • Limitations: Lack of support for subnet information and security features.
  • RIPv2 (Routing Information Protocol Version 2):
    • Enhancements: Supports Classless Inter-Domain Routing (CIDR), including subnet information.
    • Features: Multicast for routing updates, and authentication support.
  • Broadcast and Multicast Domains:
    • Broadcast Domain: Group of devices in which a broadcast is received by all.
    • Multicast Domain: Group of devices receiving multicast traffic intended for a specific group.
  • OSPF (Open Shortest Path First):
    • Type: Link-state routing protocol.
    • Features: Uses a link-state database for routing decisions; supports VLSM.
  • EIGRP (Enhanced Interior Gateway Routing Protocol):
    • Type: Hybrid routing protocol.
    • Features: Advanced features like rapid convergence and bandwidth utilization optimization.
  • Network Address Translation (NAT):
    • Purpose: Allows multiple devices on a local network to share a single public IP address.
    • Types: Static NAT, Dynamic NAT, PAT (Port Address Translation).
  • IP Classes:
    • Class A: Large networks with few, large organizations.
    • Class B: Medium-sized networks with moderate-sized organizations.
    • Class C: Small networks for individual organizations.
  • Private IP:
    • Definition: Reserved IP addresses for use within private networks.
    • Ranges: Examples include 10.0.0.0 to 10.255.255.255.
  • Public IP:
    • Definition: IP addresses assigned to devices accessible directly from the Internet.
    • Examples: Any IP not in private IP ranges.
  • Reserved IP:
    • Definition: IP addresses set aside for special purposes, such as loopback addresses (127.0.0.1).
  • APIPA (Automatic Private IP Addressing):
    • Function: Assigns a unique IP address to a device when DHCP is not available.
    • Range: 169.254.0.1 to 169.254.255.254.

Unit 3: Subnetting IP network

  • Class A, B, C subnetting
  • Classless Inter-domain Routing (CIDR)
  • Subnet mask
  • Wild card mask
  • WAN Technologies
  • Frame Relay
  • Data link Connection Identifiers (DLCI)
  • Committed Information Rate (CIR)
  • Permanent Virtual Circuits (PVCs)
  • Multiprotocol Label Switching (MPLS)
  • Edge Routers
  • Label Switching
  • CE and PE Routers
  • Data Terminal Equipment (DTE)
  • Data Communication Equipment (DCE)
  • Clock speed
  • Subnetting IP Network:
    • Purpose: Dividing a larger IP network into smaller, more manageable subnetworks.
    • Benefits: Efficient use of IP addresses, improved network performance, and enhanced security.
  • Class A, B, C Subnetting:
    • Class A: Suitable for large networks; subnetting increases scalability.
    • Class B: Ideal for medium-sized networks; subnetting enhances organization and security.
    • Class C: Commonly used for small networks; subnetting aids in efficient IP address allocation.
  • Classless Inter-Domain Routing (CIDR):
    • Overview: An addressing scheme that allows for variable-length subnetting, breaking away from traditional class-based addressing.
    • Notation: Represented with a prefix length (e.g., 192.168.1.0/24).
  • Subnet Mask:
    • Definition: A 32-bit number that segments an IP address into network and host portions.
    • Example: In the subnet mask 255.255.255.0, the first 24 bits represent the network, and the last 8 bits identify hosts.
  • Wildcard Mask:
    • Definition: A mask used for access control lists (ACLs) to match multiple IP addresses.
    • Calculation: Obtained by subtracting the subnet mask from 255.255.255.255.
  • WAN Technologies:
    • Definition: Technologies connecting geographically dispersed networks.
    • Examples: Frame Relay, MPLS, ATM, and leased lines.
  • Frame Relay:
    • Type: Packet-switched WAN technology.
    • Features: Cost-effective, efficient use of bandwidth, and flexibility.
  • Data Link Connection Identifiers (DLCI):
    • Definition: Identifiers used in Frame Relay to differentiate between virtual circuits.
    • Purpose: Each DLCI represents a unique connection.
  • Committed Information Rate (CIR):
    • Definition: Minimum guaranteed data transfer rate in a Frame Relay network.
    • Importance: Ensures a level of service quality for data transmission.
  • Permanent Virtual Circuits (PVCs):
    • Definition: Pre-established communication paths in a Frame Relay network.
    • Advantages: More efficient than dynamic circuits; suitable for predictable traffic patterns.
  • Multiprotocol Label Switching (MPLS):
    • Type: Packet-switching technology.
    • Purpose: Efficient routing and forwarding of data packets; enhances network performance.
  • Edge Routers:
    • Definition: Routers connecting an MPLS network to external networks.
    • Functions: Label distribution, network entrance/exit points.
  • Label Switching:
    • Definition: Assigning labels to data packets for efficient forwarding within an MPLS network.
    • Advantages: Simplifies routing decisions and enhances network speed.
  • CE and PE Routers:
    • CE (Customer Edge) Routers: Connect customer networks to a service provider’s network.
    • PE (Provider Edge) Routers: Connect provider networks and handle MPLS labeling.
  • Data Terminal Equipment (DTE):
    • Definition: Devices at the customer’s end of a WAN connection.
    • Examples: Computers, routers, or switches.
  • Data Communication Equipment (DCE):
    • Definition: Devices at the service provider’s end of a WAN connection.
    • Examples: Modems or CSU/DSU (Channel Service Unit/Data Service Unit).
  • Clock Speed:
    • Definition: The speed at which data is transmitted through a network.
    • Measurement: Typically expressed in bits per second (bps).

Unit 4: Virtual LANs

  • Access links and Trunk links
  • Switchport modes
  • VLAN Trunking
  • Server, Client and Transparent modes
  • VTP Domain
  • Configuration Revision numbers
  • Inter VLAN Communications
  • Broadcast domain
  • Collision Domain
  • Virtual LANs (VLANs):
    • Definition: Logical segmentation of a network into separate broadcast domains.
    • Purpose: Enhances network efficiency, security, and manageability.
  • Access Links and Trunk Links:
    • Access Links: Connect end devices (e.g., computers, printers) to a specific VLAN.
    • Trunk Links: Connect switches and carry traffic for multiple VLANs.
  • Switchport Modes:
    • Access Mode: Assigns a single VLAN to a switch port.
    • Trunk Mode: Allows a switch port to carry traffic for multiple VLANs.
  • VLAN Trunking:
    • Definition: Transmitting traffic for multiple VLANs over a single trunk link.
    • Protocols: IEEE 802.1Q (tagged) or ISL (Cisco’s Inter-Switch Link).
  • Server, Client, and Transparent Modes:
    • Server Mode: Allows the switch to create, modify, and delete VLAN information.
    • Client Mode: Accepts VLAN information from a VTP server.
    • Transparent Mode: Does not participate in VTP updates but forwards them.
  • VTP Domain:
    • Definition: A group of interconnected switches that share VLAN information.
    • Purpose: Simplifies VLAN management across multiple switches.
  • Configuration Revision Numbers:
    • Definition: A numeric value that represents the latest update in VTP configuration.
    • Importance: Ensures switches have the most recent VLAN information.
  • Inter-VLAN Communications:
    • Definition: Communication between devices in different VLANs.
    • Methods: Routers, Layer 3 switches, or VLAN-aware switches for routing.
  • Broadcast Domain:
    • Definition: A segment of a network where broadcasts are forwarded.
    • Effect: VLANs create separate broadcast domains, reducing broadcast traffic.
  • Collision Domain:
    • Definition: A network segment where collisions can occur.
    • Effect: VLANs isolate collision domains, minimizing the impact of collisions.

Unit 5: Communication protocols

  • Address Resolution Protocol (ARP)
  • Reverse Address Resolution Protocol (RARP)
  • Internet Control Message Protocol (ICMP)
  • Internet Protocol (IP)
  • Transmission Control Protocol (TCP)
  • User Datagram Protocol (UDP)
  • American Standard Code for Information Interchange (ASCII)
  • Hypertext Transfer Protocol (HTTP)
  • File Transfer Protocol (FTP)
  • Simple Mail Transfer Protocol (SMTP)
  • Telnet
  • Trivial File Transfer Protocol (TFTP)
  • Post Office Protocol version 3 (POP3)
  • Internet Message Access Protocol (IMAP)
  • Simple Network Management Protocol (SNMP)
  • Domain Name System (DNS)
  • DNS Flags
  • Dynamic Host Configuration Protocol (DHCP)
  • Address Resolution Protocol (ARP):
    • Function: Resolves IP addresses to MAC addresses.
    • Operation: ARP requests and responses to map layer 3 addresses to layer 2 addresses.
  • Reverse Address Resolution Protocol (RARP):
    • Function: Maps MAC addresses to IP addresses.
    • Use Case: Obsolete; replaced by DHCP for dynamic IP address assignment.
  • Internet Control Message Protocol (ICMP):
    • Function: Manages error messages and diagnostics in IP networks.
    • Examples: Ping and traceroute use ICMP.
  • Internet Protocol (IP):
    • Function: Network layer protocol responsible for packet routing.
    • Versions: IPv4 and IPv6.
  • Transmission Control Protocol (TCP):
    • Function: Connection-oriented protocol ensuring reliable data delivery.
    • Features: Error checking, flow control, and retransmission of lost packets.
  • User Datagram Protocol (UDP):
    • Function: Connectionless protocol for faster, simpler communication.
    • Use Cases: Streaming media, online gaming, DNS.
  • American Standard Code for Information Interchange (ASCII):
    • Definition: Character encoding standard for text communication.
    • Representation: Assign a unique number to each character.
  • Hypertext Transfer Protocol (HTTP):
    • Function: Protocol for transferring hypertext requests and information.
    • Use Case: Web browsing and content retrieval.
  • File Transfer Protocol (FTP):
    • Function: Transfers files between a client and server on a network.
    • Modes: Active FTP and Passive FTP.
  • Simple Mail Transfer Protocol (SMTP):
    • Function: Transfers electronic mail between servers.
    • Use Case: Sending emails.
  • Telnet:
    • Function: Enables remote login and terminal access on a network.
    • Security: Considered insecure due to transmitting data in plaintext.
  • Trivial File Transfer Protocol (TFTP):
    • Function: Simplified version of FTP for basic file transfers.
    • Use Case: Commonly used for bootstrapping network devices.
  • Post Office Protocol version 3 (POP3):
    • Function: Retrieves emails from a server for local storage.
    • Operation: Downloads messages and removes them from the server.
  • Internet Message Access Protocol (IMAP):
    • Function: Allows access and management of emails on a mail server.
    • Advantages: Supports multiple devices, and keeps emails on the server.
  • Simple Network Management Protocol (SNMP):
    • Function: Manages devices on an IP network.
    • Use Case: Network monitoring and management.
  • Domain Name System (DNS):
    • Function: Resolves domain names to IP addresses.
    • Hierarchy: Organized into a hierarchical structure.
  • DNS Flags:
    • Definition: Flags in a DNS header providing information about a DNS query or response.
    • Examples: Query, Response, Authoritative Answer, Recursion Desired.
  • Dynamic Host Configuration Protocol (DHCP):
    • Function: Dynamically assigns IP addresses and network configuration to devices.
    • Operation: DHCP server leases addresses to clients on a network.

 

Site Admin

Prev Post
Next Post

Leave a Reply