Networks

Network is a set of computers sharing resources. Two computers linked together form a simple network. To add complexity these two computers can be connected to server containing company resources. Maybe Financial department also needs access to this data. Each department can have few computers that are connected to departments switch. These switches are connected to company router. Now the departments form a company network called intranet.

If the company wants to host a website for their customers, they need to host that website on a server and then p ort-forward the company’s public IP Address to point to the servers internal IP and port, for example 10.10.0.1:443. Now the website is reachable from internet.

The company wants customers to find the website without needing to remember the IP Address, they need to use domain. Once they have their company.com domain, they need to point that domain to the servers public ip address using Domain Name System (DNS). Now as the customer types company.com the DNS server tells the browser where the website is located. Browser sends request to the IP address of webserver, and the webserver responds. Browser gets the website from the server as packets. Browser checks that all packets are valid and the shows the customer Company’s webpage.

When the company grows, they want another office to other city. The other office must have access to company network. Also, some workers want to work from home but the company network is not accessible from internet. The solution is Virtual Private Server or VPN for short. VPN uses tunnel over internet to access the company’s network.

Company has grown big and is now reducing SecondCompany ltd.’s revenue. The evil CEO of SecondCompany ltd. has decided that our Company cannot continue like this. They have started Denial of Service (DOS) attack against the Company. What can Company do, is it over now? Company’s Chief of Security installs Firewall on the server and block incoming malicious requests. Webserver is up again and customers are happy. The End.

Network Security

• The firewall allows and blocks connections based on a predefined set of rules.

• Intrusion Detection System detects system and network intrusions and intrusion attempts.

• Intrusion Prevention System (IPS) blocks detected intrusions and intrusion attempts.

• Virtual Private Network (VPN) ensures that the network traffic cannot be read nor altered by a third party.

• Antivirus software detects malicious files and block them from executing.

• Host firewall is software that acts as virtual firewall, for example Windows Defender Firewall.

Attacking network in steps:

1. Reconnaissance - learn as much as possible about the target
2. Weaponization - preparing a file with a malicious component
3. Delivery - delivering the “weaponized” file to the target
4. Exploitation - opens the malicious file, system executes the component
5. Installation - install the malware on the target system
6. Command & Control (C2) - command and control ability over the target system.
7. Actions on Objectives - Gaining control over one target system, actions on Objectives