Network Connectivity Devices Part 1

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
7 hours 50 minutes
Difficulty
Beginner
CEU/CPE
8
Video Transcription
00:00
>> With our next section, Network Connectivity Devices,
00:00
we're going to talk about devices that help us join
00:00
systems together so that way we can communicate.
00:00
I'm going to start out with hubs.
00:00
I'm going to start out the way things
00:00
used to be because I really do think
00:00
it helps us understand the benefit of
00:00
the devices that we're using today.
00:00
Up at the top where you see layer 1
00:00
that refers back to the OSI model.
00:00
The first device we're going to talk about is a hub.
00:00
When I came into computing back in the '90s,
00:00
hubs were very popular.
00:00
They were a good, quick, easy way to
00:00
connect a bunch of computers, and that was it.
00:00
That was the benefit, that they were cheap and
00:00
easy and they would provide connectivity.
00:00
As a matter of fact, when I came in,
00:00
the hubs weren't even powered.
00:00
They were just metal racks that you've plugged
00:00
into to provide a conduit for the signal.
00:00
Obviously, the hub doesn't have any intelligence.
00:00
It doesn't direct traffic or segment the network.
00:00
Hubs simply sends all the data
00:00
out all the ports all the time.
00:00
If computer A has data to send to computer B,
00:00
that traffic goes out all the ports
00:00
so it's available to computer C and D,
00:00
and J and K, and
00:00
any other devices that might be
00:00
>> plugged into the network.
00:00
>> If you can think about that.
00:00
If I had a sniffer plugged into a hub,
00:00
that would just be a bonus because I would
00:00
have access to everything on the network.
00:00
That's one of the many reasons we don't use hubs today.
00:00
Because from a security perspective,
00:00
that can be very dangerous.
00:00
One thing I'll mention is that when the data
00:00
goes out all parts to all hosts,
00:00
the network card examines the data frame,
00:00
and what it's looking for is a destination
00:00
MAC address that is its own.
00:00
When B looks at data,
00:00
it looks at the MAC address and says, oh,
00:00
that's for me and pulls it off the network,
00:00
or that isn't for me and leaves it alone.
00:00
All a sniffer does examine all packets the same way,
00:00
all frames the same way,
00:00
but its interface is in a mode called promiscuous mode,
00:00
which means the sniffer doesn't care
00:00
who the MAC address is for,
00:00
and it doesn't care about destination address.
00:00
The sniffer simply pulls all traffic off
00:00
the network regardless of the destination.
00:00
Promiscuous mode sounds like it should
00:00
be a lot more fun than that.
00:00
But all it means is the network card is going to
00:00
pull traffic regardless of the destination.
00:00
With the security issues of hubs and
00:00
all data out all the ports all the time,
00:00
there's no directory in traffic or help for collisions.
00:00
In a hub environment, we have a lot of collisions.
00:00
We have all data going out of all
00:00
>> the ports to everybody.
00:00
>> We have what's referred to as one big collision domain.
00:00
A switch is going to fix that
00:00
>> problem for us because one
00:00
>> of the first things it does is
00:00
isolate traffic in the collision domains.
00:00
Each port on a switch is its own collision domain.
00:00
If we go back to the hub,
00:00
every host in this illustration
00:00
is part of the same collision domain,
00:00
which means they're all competing
00:00
>> for time on the cable.
00:00
>> When we replace those hubs as switches,
00:00
each host has its own collision domain.
00:00
Which basically means computer A is just
00:00
competing with itself per time on the cable.
00:00
We've all eliminated the collisions in
00:00
our ethernet network just by bringing switches in.
00:00
Another thing that a switch does that helps
00:00
us out a lot is direct traffic.
00:00
A switch learns the network over time and
00:00
learns which hosts out which part using MAC addresses.
00:00
If you remember our OSI model discussion,
00:00
we said switches were layer two devices.
00:00
MAC addressing is layer two.
00:00
The switch uses a MAC address, sends out the data,
00:00
and learns that the data is picked
00:00
up on port 3 by computer B.
00:00
It takes B's MAC address and
00:00
loads it into a table called the CAM table.
00:00
Ultimately, it keeps track of
00:00
MAC addresses and their matched port.
00:00
Like a police officer at a busy intersection
00:00
directing traffic out of
00:00
the appropriate port when power is out.
00:00
If you think about that, going back to
00:00
our discussion about having a sniffer plugged in,
00:00
if we plug a sniffer into port 2,
00:00
no traffic's going to be directed to port
00:00
2 because nobody is sending traffic to the sniffer.
00:00
One of the ways that we mitigate against
00:00
sniffing the network is to use switches.
00:00
However, sometimes a network admin
00:00
wants to sniff their own network.
00:00
You want to see what type of traffic is going around,
00:00
what's being sent with passwords in plain text,
00:00
or how much broadcast traffic there is.
00:00
In that case, I plug a sniffer into the switch and
00:00
enable administrative mode called port SPAN.
00:00
What port SPAN allows is all traffic to be mirrored out
00:00
that particular port so I can inspect
00:00
it. We've got our switches.
00:00
Down at the bottom, I have a little asterisk
00:00
that I mentioned, bridges.
00:00
Bridges were predecessor switches.
00:00
Bridges are also layer two devices.
00:00
They were used to connect to things like
00:00
token ring network to an ethernet network,
00:00
but they still provided the use of
00:00
isolation and collision domains.
00:00
They're the precursor to what we
00:00
have today and what we know today.
00:00
Switches. When we had
00:00
our nice little environment with switches,
00:00
one problem we didn't solve was
00:00
broadcast traffic. Here's a network.
00:00
Let's say I have the salespeople.
00:00
The salespeople are over here to the left,
00:00
they're computer J and K.
00:00
The salespeople have an application
00:00
that generates a lot of broadcast.
00:00
If we go back to the previous slide,
00:00
any system that has a broadcast in this environment,
00:00
that broadcast goes to the entire network.
00:00
That's what a broadcast does,
00:00
goes out to everybody on the entire network.
00:00
In our illustration here,
00:00
I only have two computers that need that
00:00
broadcasts from the sales application.
00:00
But it's going to everybody, too much traffic.
00:00
The more broadcasts that people don't need,
00:00
the more the network gets bogged down.
00:00
A router can be brought in to
00:00
>> isolate broadcast traffic.
00:00
>> Maybe I want the sales network subnetted from
00:00
the rest of the network to control broadcast traffic.
00:00
In the middle, I have a group of
00:00
computers from the Human Resources Group.
00:00
They have very sensitive data.
00:00
I want to segment that network
00:00
so I can apply some security.
00:00
Maybe enforced IP set,
00:00
maybe be very strict on who accesses
00:00
those network systems so I create
00:00
a segment for them and they're on their own subnet.
00:00
Then with VOIP. Quality of
00:00
service is really important for VOIP.
00:00
By that being able to prioritize
00:00
traffics that the VOIP network
00:00
gets all the bandwidth that it needs.
00:00
That'll be another reason to subnet
00:00
a network, quality of service.
00:00
Basically, what I needed to do is subnet
00:00
my network out based on either broadcast traffic,
00:00
security needs, quality of service,
00:00
or maybe just based on logical connectivity.
00:00
It makes sense to group a certain group of computers in
00:00
the same network just based on access and location.
00:00
A router can do those services for me.
00:00
A router is a layer three device.
00:00
Not only can it segment the network
00:00
into different subnets,
00:00
but the different subnets can communicate it.
00:00
Even though this illustration looks and works great,
00:00
the problem is that routers are expensive.
00:00
I don't necessarily mean when you look at
00:00
your receipt is going to be that
00:00
much higher than a switch,
00:00
but with a switch, you're going to get lots of ports.
00:00
When you purchase a router,
00:00
you're going to get one land port.
00:00
The routers are primarily used today to get off
00:00
your local area network so you get a single LAN port.
00:00
We've got to find a way to do is that we
00:00
have to have in this picture, but make it cheaper.
00:00
That's what's coming up next.
Up Next