Network Connectivity Devices Part 1

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
9 hours 49 minutes
Difficulty
Beginner
CEU/CPE
10
Video Transcription
00:00
>> With our next section,
00:00
network connectivity devices,
00:00
we're going to talk about devices that help us join
00:00
systems together so that way we can communicate.
00:00
I'm going to start out with hubs,
00:00
I'm going to start out the way things used to be,
00:00
because I really do think it helps us understand
00:00
the benefit of the devices that we're using today.
00:00
Up at the top where you see layer 1,
00:00
that refers back to the OSI model.
00:00
The first device we're going to talk about is a hub.
00:00
When I came into computing back in the '90s,
00:00
hubs were very popular.
00:00
There were a good, quick, easy way to
00:00
connect a bunch of computers and that was it.
00:00
That was the benefit that they were cheap and
00:00
easy and they would provide connectivity.
00:00
As a matter of fact, when I came in,
00:00
the hubs weren't even powered.
00:00
There were just metal racks that you plugged
00:00
into to provide a conduit for the signal.
00:00
Obviously, the hub doesn't have any intelligence.
00:00
It doesn't direct traffic or segment the network,
00:00
a hub simply sends all the data out,
00:00
all the ports, all the time.
00:00
If computer A has data to send to computer B,
00:00
that traffic goes out all the ports,
00:00
so it's available to computer C and D,
00:00
and J and K, and
00:00
any other devices that might be plugged into the network.
00:00
If you can think about that,
00:00
if I had a sniffer plugged into a hub,
00:00
that would just be a bonus because I would
00:00
have access to everything on the network.
00:00
That's one of the many reasons we don't use hubs today.
00:00
Because from a security perspective,
00:00
that can be very dangerous.
00:00
One thing I'll mention is that when the data
00:00
goes out all parts to all hosts,
00:00
the network card examines
00:00
the data frame and what it's looking
00:00
for is destination MAC address that is its own.
00:00
When B looks at data,
00:00
it looks at the MAC address and says, oh,
00:00
that's for me, and pulls it off
00:00
the network or that isn't for me, and leaves it alone.
00:00
All a sniffer does examine all packets the same width,
00:00
all frames the same way but its
00:00
interfaces in a mode called promiscuous mode,
00:00
which means a sniffer doesn't care
00:00
who the MAC address is for,
00:00
and it doesn't care about destination address.
00:00
A sniffer simply pulls all traffic off
00:00
the network regardless of the destination.
00:00
Promiscuous mode sounds like it should be
00:00
a lot more fun than that.
00:00
But all it means is the network card is going to
00:00
pull traffic regardless of the destination.
00:00
With the security issues of hubs and
00:00
all data at all the ports all the time,
00:00
there's no directing traffic or help for collisions.
00:00
In a hub environment,
00:00
we have a lot of collisions.
00:00
We have all data going
00:00
out of all the ports to everybody,
00:00
and we have what's referred to
00:00
as one big collision domain.
00:00
A switch is going to fix that problem for us because one
00:00
of the first things it does is
00:00
isolate traffic into collision domains.
00:00
Each port on a switch is its own collision domain.
00:00
If we go back to the hub,
00:00
every host in this illustration
00:00
is part of the same collision domain,
00:00
which means they're all competing for time on the cable.
00:00
When we've replaced those hubs or switches,
00:00
each host has its own collision domain,
00:00
which basically means computer A is just
00:00
competing with itself for time on the cable.
00:00
We've all but eliminated the collisions in
00:00
our Ethernet network just by bringing switches in.
00:00
Another thing that a switch does that helps
00:00
us out a lot is direct traffic.
00:00
A switch learns the network over time and learns
00:00
which hosts is at which part using MAC addresses.
00:00
If you remember our OSI model discussion,
00:00
we said switches were layer 2 devices.
00:00
MAC addressing is layer 2.
00:00
The switch uses a MAC address,
00:00
sends out the data,
00:00
and learns that the data is picked
00:00
up on port 3 by computer B.
00:00
It takes B's MAC address and
00:00
loads it into a table called the CAM table.
00:00
Ultimately, it keeps track of
00:00
MAC addresses and they're matched for,
00:00
like a police officer at a busy intersection directing
00:00
traffic out of the appropriate
00:00
port when the power is out.
00:00
If you think about that, going back to
00:00
our discussion about having a sniffer plugged in,
00:00
if we plug a sniffer into port 2,
00:00
no traffic's going to be directed to port
00:00
2 because nobody is sending traffic to the sniffer.
00:00
One of the ways that we mitigate against
00:00
sniffing the network is to use switches.
00:00
However, sometimes the network admin
00:00
wants to sniff their own network.
00:00
I may want to see what type of traffic is going around,
00:00
what's being sent with passwords in plain text,
00:00
or how much broadcast traffic there is.
00:00
In that case, I plug a sniffer into the switch and can
00:00
enabled administrative mode called port SPAN.
00:00
What port SPAN allows is all traffic to be
00:00
mirrored out that particularly port so I can inspect it,
00:00
so we've got our switches.
00:00
Down at the bottom, I have a little asterisk
00:00
that I mentioned; bridges.
00:00
Bridges were predecessors to switches.
00:00
Bridges are also layer 2 devices,
00:00
and they were used to connect to
00:00
things like token ring network,
00:00
to an Ethernet network but they still
00:00
provided the use of isolation and collision domains.
00:00
They're the precursor to what we have
00:00
today and what we know today, switches.
00:00
When we had our nice little environment with switches,
00:00
one problem we didn't solve was broadcast traffic.
00:00
Here's a network. Let's say I have the salespeople.
00:00
The salespeople are over here to the left,
00:00
their computer J and K.
00:00
The salespeople have an application
00:00
that generates a lot of broadcast.
00:00
If we go back to the previous slide,
00:00
any system that has a broadcast in this environment,
00:00
that broadcast goes to the entire network.
00:00
That's what a broadcast does,
00:00
goes out to everybody on the entire network.
00:00
In our illustration here,
00:00
I only have two computers that need that
00:00
broadcasts from the sales application,
00:00
but it's going to everybody too much traffic.
00:00
The more broadcasts that people don't need,
00:00
the more the network gets bogged down.
00:00
Router can be brought in to isolate broadcast traffic.
00:00
Maybe I want the sales network subnetted from
00:00
the rest of the network to control broadcast traffic.
00:00
In the middle, I have a group of
00:00
computers from the human resources group,
00:00
and they have very sensitive data.
00:00
I want to segment that network
00:00
so I can apply some security.
00:00
Maybe enforce IP set,
00:00
maybe be very strict on who
00:00
accesses those network systems,
00:00
so I create a segment for them,
00:00
and they're on their own subnet.
00:00
Then with VoIP. Quality of
00:00
service is really important for VoIP.
00:00
By that I mean being able to prioritize
00:00
traffic so that the VoIP network
00:00
gets all the bandwidth that it needs.
00:00
That will be another reason to subnet
00:00
a network. Quality of service.
00:00
Basically, what I've needed to do is submit
00:00
my network out based on either broadcast traffic,
00:00
security needs, quality of service,
00:00
or maybe just based on logical connectivity.
00:00
It makes sense to group a certain group of computers in
00:00
the same network just based on access and location.
00:00
A router can do those services for
00:00
me and a router is a layer 3 device.
00:00
Not only can it segment the network
00:00
into different subnets,
00:00
but the different subnets can communicate.
00:00
Even though this illustration looks and works great,
00:00
the problem is that routers are expensive.
00:00
I don't necessarily mean when you look at
00:00
your receipt is going to be that
00:00
much higher than a switch,
00:00
but with the switch, you're going to get lots of ports.
00:00
When you purchase a router,
00:00
you're going to get one LAN port.
00:00
The routers are primarily used today to get off
00:00
your local area network so you get a single LAN port.
00:00
Well, we've got to find a way to do is that we
00:00
have to have in this picture but make it cheaper.
00:00
That's what's coming up next.
Up Next