tryhackme: Subnetting? ARP And DHCP.

-

 A Primer on Subnetting

-------------------------------

Subnet Mask

As we've previously discussed throughout the module so far, Networks can be found in all shapes and sizes - ranging from small to large. Subnetting is the term given to splitting up a network into smaller, miniature networks within itself. Think of it as slicing up a cake for your friends. There's only a certain amount of cake to go around, but everybody wants a piece. Subnetting is you deciding who gets what slice & reserving such a slice of this metaphorical cake.

Picture

Subnets use IP addresses in three different ways:

* Identify the network address

* Identify the host address

* Identify the default gateway

-------------------------------------------------------------------------------------------------------------

1. Purpose of a Network Address: This address identifies the start of the actual network and is used to identify a network's existence.

For example, a device with the IP address of 192.168.1.100 will be on the network identified by 192.168.1.0

-------------------------------------------------------------------------------------------------------------

2. Purpose of a Host Address: An IP address here is used to identify a device on the subnet

For example, a device will have the network address of 192.168.1.1

-------------------------------------------------------------------------------------------------------------

3. Purpose of a Default Gateway: The default gateway address is a special address assigned to a device on the network that is capable of sending information to another network 

Any data that needs to go to a device that isn't on the same network (i.e. isn't on 192.168.1.0) will be sent to this device. These devices can use any host address but usually use either the first or last host address in a network (.1 or .254)

-------------------------------------------------------------------------------------------------------------

Subnetting provides a range of benefits, including:

* Efficiency

* Security

* Full control

-------------------------------------------------------------------------------------------------------------

0-255 is the range of an octet(254 devices )/ a subnet mask consist of 32bits.

Note: Here is an important online calculator that even network engineers use to subnet networks.  Another one here aswell 

-------------------------------------------------------------------------------------------------------------

The ARP Protocol.


ARP: Address Resolution Protocol

is the technology that is responsible for allowing devices to identify themselves on a network.

--------------------------------------------------------------------------

How does ARP Work?

Each device within a network has a ledger to store information on
which is called a cache.

In the context of the ARP protocol, this cache stores the identifiers of other devices on the network.(ARP cache)

In order to map these two identifiers together (IP address and MAC address), the ARP protocol sends two types of messages:

1. ARP Request
2. ARP Reply

The initial device will now remember this and store it within its cache (an ARP entry).

(Address Resolution Protocol (ARP) is responsible for finding the MAC (hardware) address related to a specific IP address. It works by broadcasting an ARP query, "Who has this IP address? Tell me." And the response is of the form, "The IP address is at this MAC address.")

Its corresponding RFC for details. 

- RFC 2390

--------------------------------------------------------------------------

The DHCP Protocol.

The DHCP Protocol

DHCP (Dynamic Host Configuration Protocol)

Its simply a protocol that automates the process of distributing IP addresses through a network, which allow those devices to connect to the network and interconnect with each other.


The following is a typical DHCP/UDP connection, can be seen through using a software like Wireshark, Go Deep.

DHCP Discover
DHCP Offer
DHCP Request
DHCP ACK

Usually it has 24 hours time span for that process. Can be modified.

For more details

RFC:


Most what you need to know around the DHCP Protocol is around these three RFCs, thanks for reading. 

Thanks for reading! 👨‍💻
Roger

Comments

Post a Comment

Popular posts from this blog

Common Network Commands: Ping

-
Ping Command Overview The `ping` command is a fundamental utility used in network diagnostics. It checks the reachability of a host on an Internet Protocol (IP) network and measures the round-trip time for messages sent from the originating host to a destination computer. The command uses the Internet Control Message Protocol (ICMP) to send echo request packets and listens for echo replies. Origin and Development The `ping` command was developed in 1983 by Mike Muuss as a diagnostic tool for the ARPANET. Since then, it has become a standard utility available on most operating systems, including Linux, Windows, and macOS, making it an essential tool for network administrators and users. Basic Functionality The `ping` command serves several functions: - Tests connectivity to a specified host. - Measures the time taken for packets to travel to the destination and back. - Provides statistics about packet loss and round-trip time. Key Command Syntax 1. Basic Syntax:    ```    ping [options]
Read more

Common Network Commands: Route

-
Route Command Overview The route command is a part of the older net-tools package used in Linux systems for viewing and manipulating the IP routing table. It provides information about how packets are routed through the network and allows for the addition, deletion, and modification of routes. Origin and Development Historically, the route command has been a primary tool for managing network routing in Linux. However, it has largely been replaced by the ip command from the iproute2 package, which offers more advanced features and capabilities. Despite this, route is still commonly used in many Linux distributions for its simplicity and familiarity. Basic Functionality The route command serves several functions: - Displays the current routing table entries. - Shows destination networks, gateways, and associated interfaces. - Allows for the addition, deletion, and modification of routes. Key Command Syntax 1. Display Routing Table:    ```    route -n    ```    The -n option prevents DNS
Read more

John The Ripper

-
John the Ripper  Is one of the most well known, well-loved and versatile hash cracking tools out there. It combines a fast cracking speed, with an extraordinary range of compatible hash types. This room will assume no previous knowledge, so we must first cover some basic terms and concepts before we move into practical hash cracking. A hash is a way of taking a piece of data of any length and  representing it in another form that is a fixed length. This masks the original value of the data. This is done by running the original data through a hashing algorithm. There are many popular hashing algorithms, such as MD4,MD5, SHA1 and NTLM. Lets try and show this with an example: If we take "polo", a string of 4 characters- and run it through an MD5 hashing algorithm, we end up with an output of: b53759f3ce692de7aff1b5779d3964da a standard 32 character MD5 hash. Likewise, if we take "polomints", a string of 9 characters- and run it through the same MD5 hashing algorithm, w
Read more