Secure Your Network: A Guide to Safe Protocols for Invulnerable Communication

In the vast realm of digital communication, ensuring that exchanged information across the network is secure is crucial. Many network protocols transmit data in plaintext, without any form of encryption, making them vulnerable to prying eyes. In this article, we will explore the importance of using secure protocols and provide recommended alternatives to safeguard your online communication.

The Risk of Clear Text Transmission

The transmission of information in clear text poses a significant security risk online. When data travels through the network without encryption, it becomes easily accessible to those employing “network sniffing.” This tactic relies on the use of software to inspect data packets as they traverse the network, allowing the extraction of sensitive text such as usernames and passwords.

Consequences of Network Sniffing

Network sniffing extends beyond intercepting login credentials; it can also reveal the content of documents and other files if transmitted through insecure protocols. The need to protect the confidentiality of information is crucial, and this can be achieved through adopting secure protocols for data transmission.

  1. FTP (File Transfer Protocol) port 21→ SFTP (Secure File Transfer Protocol) port 22
  2. HTTP (Hypertext Transfer Protocol) port 80 → HTTPS (Hypertext Transfer Protocol Secure) port 443
  3. Telnet port 23 → SSH (Secure Shell) port 22
  4. POP3 (Post Office Protocol 3) port 143 → IMAPS (Internet Message Access Protocol Secure) port 993
  5. SMTP (Simple Mail Transfer Protocol) port 25 → SMTPS (Simple Mail Transfer Protocol Secure) port 587
  6. LDAP port 389 (Lightweight Directory Access Protocol) → LDAPS port 636

Securing your network from intrusions is essential to ensure the safety of exchanged information online. Choosing secure protocols is the first step towards invulnerable communication. Be sure to implement the recommended alternatives to minimize risks associated with network sniffing and enjoy a secure and private online connection.

The OSI Model

The OSI (Open System Interconnection) model is like a recipe for how computers communicate. It’s divided into 7 layers, each with its own job, from sending data to making sure it’s delivered correctly. Imagine it as a delicious cake with layers, where each layer has a specific role in making the cake perfect. The OSI model helps computers work together, just like the layers of a cake work together to make it tasty and complete.

From bottom to top:

  1. Physical Layer (Layer 1): This is like the foundation of a building. It deals with the actual wires, cables, and hardware, and how bits of data are turned into electrical signals for sending over the network.
  2. Data Link Layer (Layer 2): Think of this as the structure of a building. It manages how data is organized into frames and sent between devices on the same network, like your home’s Wi-Fi. MAC address is here very important
  3. Network Layer (Layer 3): This is like the road system that connects different buildings. It deals with routing data between different networks and uses IP addresses to make sure data gets to the right place. This layer ensure that each segment will reach the correct IP. Thanks to routers (and IP) that choose the best path 😉
  4. Transport Layer (Layer 4): Imagine this as the mailroom in a big office building. It ensures that data is sent reliably and in the right order. It also handles error-checking. TCP and UDP will ensure this. Segmentation (data is segmented/splitted into little segments, each segment has the port number to identify the correct application to send to this data, and it has also the sequence number in order to rebuild the data correctly). Flow control to control to amount of data to transfer.
  5. Session Layer (Layer 5): Think of this as a friendly conversation between two people. It establishes, maintains, synchronises, and ends connections between devices. In this case between the client and the server: session management, authentication and authorization
  6. Presentation Layer (Layer 6): This layer is like a translator. It makes sure that the data sent by one device can be understood by another by handling data encryption/decryption and compression. Basically ASCII data is translated into binary format, and then compressed in order to have faster communication, and then encrypted (https).
  7. Application Layer (Layer 7): This is the (network) software you use, like web browsers or email clients, or Skype, or FTP software, … It provides the interface for you to interact with the network. These applications are “network application”, basically all applications that use network.

Each layer has its own specific job, and they work together like a team to ensure data is sent, received, and understood correctly across a network.

A Beginner’s Guide to IT Jargon

In today’s digital world, understanding the basics of IT and networking is crucial. It’s essential to grasp fundamental terms and concepts. This article aims to simplify and explain key networking terms to help you navigate the world of technology effectively.

Host

A host is any device connected to a network, such as a computer, smartphone, or server. It uses unique identifiers like IP addresses to communicate with other devices on the network.

Link

A link is the physical or logical connection between two devices within a network, typically established using cables or wireless connections. It enables data transmission between devices.

Gateway

A gateway is a device that connects different networks, serving as a bridge between them. It directs data traffic between the local network and external networks, like the internet.

Wi-Fi

Wi-Fi is a wireless technology that allows devices to connect to a network without using physical cables. It is widely used for internet access and networking in homes, schools, and businesses.

Endpoint

An endpoint is a device or software application that communicates with a network. Endpoints can be computers, smartphones, or IoT devices, and they are vital for network access and data exchange.

VPN (Virtual Private Network)

A VPN is a secure network connection that encrypts data transmitted between your device and a remote server, ensuring privacy and security. It is often used to protect online communication and access restricted content.

Switch

A switch is a networking device that connects multiple devices within a local network. It efficiently directs data packets to their intended destinations, improving network performance.

UTM (Unified Threat Management)

UTM is a comprehensive security solution that combines multiple security features like firewall, antivirus, intrusion detection, and more into one device or software to protect a network from various threats.

NAT (Network Address Translation)

NAT is a technique used to map multiple private IP addresses to a single public IP address. It helps conserve IPv4 addresses and enables multiple devices to share a single public IP.

DHCP (Dynamic Host Configuration Protocol)

DHCP is a network protocol that assigns IP addresses and network configuration settings dynamically to devices when they connect to a network. It simplifies network administration.

MAC Address

A MAC (Media Access Control) address is a unique identifier assigned to network devices at the hardware level. It is used to distinguish devices on a local network.

TCP/IP (Transmission Control Protocol/Internet Protocol)

TCP/IP is a set of protocols that govern data transmission over the internet and most computer networks. It defines how data is addressed, transmitted, and received across networks.

Protocol

A protocol is a set of rules and standards that govern communication between devices on a network. It ensures data is transmitted consistently and reliably.

IP (Internet Protocol)

IP is a set of rules and addressing conventions that enables data packets to be routed and delivered on the internet. IPv4 and IPv6 are two common IP versions.

Subnet

A subnet is a division of a larger network into smaller, more manageable segments. Subnetting helps optimise network performance and organisation.

Network Class

Network class refers to a classification system for IP addresses based on their range and usage. Classes include A, B, C, D, and E, with each serving a different purpose and accommodating a specific number of devices.

Understanding these essential networking terms is a great first step in mastering the world of IT. As you continue to explore this fascinating field, these definitions will serve as a foundation for your knowledge and skills. Whether you’re setting up a home network, troubleshooting connectivity issues, or pursuing a career in IT, these terms will be invaluable in your journey.

MAC Address

MAC stands for Media Access Control.

It is a Permanent, Physical, Unique (in the world) “code” assigned to a physical object that allows to connect to a network. This code is the address assigned by the device manufacture.

A MAC address is something like this:

00:11:22:33:44:55

It’s composed by 6 octets. First 3 represent the company that made the device (Organizationally Unique Identifier). The other 3 represent are assigned by the producer and has to be unique inside it.

This address never changes. It will be always the same.

The mac address is used to identify devices on the network.

So every packet that is sent in the network has a source MAC address and a destination MAC address.

Why to change MAC address

  • Because of above, changing your MAC address will make you anonymous in the network,
  • If there is a filter in the network configuration you can bypass it
  • You can “impersonate” another device changing you MAC with the one you want to impersonate,

How to change the MAC address

first of all let check which network interface we have. Let’s execute the following commanf:

ifconfig

The result will contain all your network interfaces.

The MAC address is the code just after the ether label, and it is in the form like xx:xx:xx:xx:xx:xx

In order to change it first we must disabled that interface, with the following command:

ifconfig <interfacename> down

Then we change the MAC address specifying that we want to change the hardware address “hw ether

ifconfig <interfacename> hw ether 00:11:22:33:44:55

Finally we eneble the network interface

ifconfig <interfacename> up

The original MAC address is back once the device is restarted