IP, DNS and MAC concepts
-
Upload
irshaad-abdool -
Category
Technology
-
view
125 -
download
1
Transcript of IP, DNS and MAC concepts
![Page 1: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/1.jpg)
IP, DNS AND MAC CONCEPTS
MOHAMMAD IRSHAAD ABDOOL
B131200052
WWW.IRSHAAD.ME
![Page 2: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/2.jpg)
CONTENTS
Basic Networking
IP
DNS
ARP
Internet
Network attacks
![Page 3: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/3.jpg)
MODEM
ROUTER
SWITCHWIRELESS
ACCESS POINT
TELEPHONE NETWORK TO ISP
DESKTOP PC 1
DESKTOP PC 2
LAPTOP PC 1
![Page 4: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/4.jpg)
MODEM
Data transmitted from local network to ISP on telephone lines
Telephone lines uses analog data
Local network uses digital data
From network to telephone line: Digital to Analog [MODULATION]
From telephone line to network: Analog to Digital [DEMODULATION]
Modem – Modulator DEModulator
![Page 5: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/5.jpg)
ROUTER
Responsible for routing data across network
Forwards data across the network to the intended device
Also used to connect different network lines between them
Keeps a list of devices with their MAC Addresses and assigned IP Addresses
![Page 6: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/6.jpg)
NETWORK SWITCH
Connects wired devices to the network
Reads packets’ headers and forward data packet to the destination client
Usually has Ethernet interfaces
Routers have Ethernet ports to add devices but ports limited
Switches can be up to 32 ports in one device
![Page 7: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/7.jpg)
WIRELESS ACCESS POINT
Allows devices to connect to a network wirelessly
Usually uses Wi-Fi
Can connect multiple-devices at the same time
Can be configured into clients or repeaters
![Page 8: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/8.jpg)
WIRED AND WIRELESS CLIENTS
Wired
Ethernet port
Wireless
Wi-Fi
![Page 9: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/9.jpg)
MAC ADDRESS
Physical address of the Network Interface Card
Unique identifier
Varies from manufacturer to manufacturer, card to card, device to device
Typical format: 01:23:45:67:89:ab / 01-23-45-67-89-ab
Six groups of two hexadecimal digits separated by : or -
![Page 10: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/10.jpg)
TCP/IP - IP ADDRESS
Computers communicate using the TCP/IP protocol
Maintained by Internet Engineering Task Force
TCP/IP provides end-to-end connectivity and defines how data is packetized, addressed, transmitted and received on the network
IP is on the second layer of the TCP/IP layer
IP address – unique number set used to communicate on the network
IPv4 and IPv6
![Page 11: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/11.jpg)
IPV4 V/S IPV6
IPv4
1981
32-bit address - 4,294,967,296
Format: 192.168.10.12
Manually assigned
DHCP assigned
IPv6
1998
128-bit address – 3.4 x 1038
2001:0db8:85a3:0000:0000:8a2e:0370:7334
Created from the subnet identifier and device’s physical identifier (MAC)
![Page 12: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/12.jpg)
OSI MODEL V/S TCP/IP
![Page 13: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/13.jpg)
DYNAMIC HOST CONFIGURATION PROTOCOLFound in application layer of the Internet Protocol Suite (TCP/IP)
Dynamically distributes network configuration parameters to hosts
Reduces manual configuration of individual hosts on network
Network hosts request IP address and configuration from DHCP
Four Phases – DORA
Server Discovery – IP lease offer – IP request – IP lease acknowledgement
![Page 14: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/14.jpg)
ADDRESS RESOLUTION PROTOCOL
Used to resolve network layer addresses to link layer addresses
Conversion needed when transmitting packets
When an Internet Protocol (IP) datagram is sent from one host to another on a local area network, the destination IP address must be resolved to a MAC address for transmission via the data link layer. When another host's IP address is known, and its MAC address is needed, a broadcast packet is sent out on the local network. This packet is known as an ARP request. The destination machine with the IP in the ARP request then responds with an ARP reply, which contains the MAC address for that IP. - Wikipedia
![Page 15: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/15.jpg)
INTERNET
![Page 16: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/16.jpg)
INTERNET – DNS
INTERNET
DNS SERVER
USER
173.194.112.199
173.252.120.6
50.62.71.1
>> www.facebook.com
![Page 17: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/17.jpg)
INTERNET – DNS
INTERNET
DNS SERVER
USER
173.194.112.199
173.252.120.6
50.62.71.1
>> www.facebook.com
NAME ADDRESS
google.com 173.194.112.199
facebook.com 173.252.120.6
irshaad.me 50.62.71.1
![Page 18: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/18.jpg)
INTERNET – DNS
INTERNET
DNS SERVER
USER
173.194.112.199
173.252.120.6
50.62.71.1
>> www.facebook.com
NAME ADDRESS
google.com 173.194.112.199
facebook.com 173.252.120.6
irshaad.me 50.62.71.1>> 173.252.120.6
![Page 19: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/19.jpg)
NETWORK ATTACKS
![Page 20: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/20.jpg)
ARP SPOOFING
![Page 21: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/21.jpg)
ARP SPOOFING – MAN IN THE MIDDLE ATTACK
COMPUTER A – 192.168.1.10
COMPUTER B – 192.168.1.12
ROUTER
HOST MACADDRESS
192.168.1.12
BB:BB:BB:BB:BB
HOST MAC ADDRESS
192.168.1.10
AA:AA:AA:AA:AA
![Page 22: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/22.jpg)
ARP SPOOFING – MAN IN THE MIDDLE ATTACK
COMPUTER A – 192.168.1.10 – AA:AA:AA:AA:AA
COMPUTER B – 192.168.1.12 – BB:BB:BB:BB:BB
ROUTER
HOST MACADDRESS
192.168.1.12
BB:BB:BB:BB:BB
HOST MAC ADDRESS
192.168.1.10
AA:AA:AA:AA:AA
COMPUTER e – 192.168.1.15– ee.ee.ee.ee.ee
HOST MAC ADDRESS
192.168.1.10
AA:AA:AA:AA:AA
192.168.1.12
BB:BB:BB:BB:BB
![Page 23: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/23.jpg)
ARP SPOOFING – MAN IN THE MIDDLE ATTACK
COMPUTER A – 192.168.1.10 – AA:AA:AA:AA:AA
COMPUTER B – 192.168.1.12 – BB:BB:BB:BB:BB
ROUTER
HOST MACADDRESS
192.168.1.12
EE:EE:EE:EE:EE
HOST MAC ADDRESS
192.168.1.10
EE:EE:EE:EE:EE
COMPUTER e – 192.168.1.15– EE:EE:EE:EE:EE
HOST MAC ADDRESS
192.168.1.10
AA:AA:AA:AA:AA
192.168.1.12
BB:BB:BB:BB:BB
![Page 24: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/24.jpg)
ARP SPOOFING – MAN IN THE MIDDLE ATTACK
COMPUTER A – 192.168.1.10 – AA:AA:AA:AA:AA
COMPUTER B – 192.168.1.12 – BB:BB:BB:BB:BB
ROUTER
HOST MACADDRESS
192.168.1.12
EE:EE:EE:EE:EE
HOST MAC ADDRESS
192.168.1.10
EE:EE:EE:EE:EE
COMPUTER e – 192.168.1.15– EE:EE:EE:EE:EE
HOST MAC ADDRESS
192.168.1.10
AA:AA:AA:AA:AA
192.168.1.12
BB:BB:BB:BB:BB
![Page 25: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/25.jpg)
DNS SPOOFING
![Page 26: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/26.jpg)
DNS SPOOFING
INTERNET
DNS SERVER
USER
173.194.112.199
173.252.120.6
202.124.55.12
![Page 27: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/27.jpg)
DNS SPOOFING
INTERNET
DNS SERVER
USER
173.194.112.199
173.252.120.6
202.124.55.12
>> www.facebook.com
NAME ADDRESS
google.com 173.194.112.199
facebook.com 173.252.120.6
irshaad.me 50.62.71.1
![Page 28: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/28.jpg)
DNS SPOOFING
INTERNET
DNS SERVER
USER
173.194.112.199
173.252.120.6
202.124.55.12
>> www.facebook.com
NAME ADDRESS
google.com 173.194.112.199
facebook.com 202.124.55.12
irshaad.me 50.62.71.1
![Page 29: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/29.jpg)
DNS SPOOFING
INTERNET
DNS SERVER
USER
173.194.112.199
173.252.120.6
202.124.55.12
>> www.facebook.com
>> 202.124.55.12
NAME ADDRESS
google.com 173.194.112.199
facebook.com 202.124.55.12
irshaad.me 50.62.71.1
![Page 30: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/30.jpg)
QUESTIONS
1. How does a Web user get to a website. Explain the network part briefly.
The user type the address (e.g www.google.com) in the address bar. The PCconnects to the ISP’s DNS server to do a lookup of the www.google.com’s IP on thenetwork. The browser then connects to the web server at the IP address anddownloads the page from there.
2. What is an MITM? Give an example.
A Man-In-The-Middle attack is one whereby a pirate user intercepts traffic on anetwork using ARP Poisoning. It can then modify the packets as they passthrough. E.g: A PC is connected to a router and browsing the Internet. A rogue PCconnects and fools the network devices so as the PC sends packets to the rogueRC rather than the legit PC and vice-versa. The Rogue PC does same by spoofingits MAC address in the devices hosts lists (Temporary MAC address storage file).
3. What are the basic differences between IPv4 and IPv6.
Address Pool: IPv4 has around 4 x 109 addresses; IPv6 has around 3.4 x 1038
Address creation: IPv4 is DHCP issued (normally); IPv6 is created by the client itself
![Page 31: IP, DNS and MAC concepts](https://reader033.fdocuments.us/reader033/viewer/2022050922/55a6c35d1a28ab9a428b45fb/html5/thumbnails/31.jpg)
THANK YOU FOR YOUR ATTENTION
www.irshaad.me