Skip to content
Tech for Everyone

Network Fundamentals

2.1 Understanding Networks

Basics of Computer Networks

Definition and Types of Networks

A computer network is like a web that connects computers so they can share information. Imagine your computer is part of a big spider web, and each point where the threads meet is another computer. Here are some common types of networks:

  • LAN (Local Area Network): This is a small network, like in your home or school. It connects computers in a small area, like all the computers in your classroom.
  • WAN (Wide Area Network): This is a large network that covers a big area, like a city, country, or even the world. The internet is the biggest WAN because it connects millions of computers around the world.

Hands-On Exercise:

  1. Draw a diagram of your home or school network. Include all devices like computers, phones, tablets, and routers.
  2. Label each device and show how they are connected to each other.

Network Topologies and Protocols

Network Topologies:

  • Bus Topology: All computers are connected in a single line. Think of it like a bus route with stops along the way. If there’s a break in the line, the whole network can go down.
  • Star Topology: All computers are connected to a central point, like a hub or switch. Imagine it like a starfish with each arm being a computer. If one connection fails, the others can still communicate.
  • Ring Topology: Computers are connected in a circle. Data travels around the ring until it reaches the right computer. If one connection is broken, it can affect the whole network.
  • Mesh Topology: Every computer is connected to every other computer. It’s like a web with many connections. This setup is very reliable because if one connection fails, data can take another path.

Protocols:

Protocols are rules that help computers talk to each other. Here are some important ones:

  • TCP/IP (Transmission Control Protocol/Internet Protocol): The main rules for the internet. They make sure data gets to the right place and that it’s put back together correctly.
  • HTTP (Hypertext Transfer Protocol): Rules for web pages. When you visit a website, your browser uses HTTP to get the page.
  • FTP (File Transfer Protocol): Rules for transferring files. If you need to upload or download files, FTP is used.

Hands-On Exercise:

  1. Use building blocks or paper cutouts to create a model of each network topology (bus, star, ring, and mesh).
  2. Label each part of your model to show how computers and connections are arranged.

IP Addresses and MAC Addresses

Understanding IP Addressing (IPv4 and IPv6)

An IP address is like your computer’s home address on the internet. There are two kinds of IP addresses:

  • IPv4: This is the older version and looks like this: 192.168.1.1. It has four numbers separated by dots, each between 0 and 255.
  • IPv6: This is the newer version and looks like this: 2001:0db8:85a3:0000:0000:8a2e:0370:7334. It has longer addresses to make sure every device can have its own. It uses numbers and letters separated by colons.

What is a MAC Address and Its Role in Networking

A MAC address is a unique code for each device’s network hardware. It’s like a serial number for your computer’s network card. While IP addresses can change, a MAC address stays the same. It helps ensure that data gets to the right place within a local network.

Hands-On Exercise:

  1. Find the IP address and MAC address of your computer. On Windows, you can use the command ipconfig /all in the Command Prompt. On macOS or Linux, use ifconfig in the Terminal.
  2. Write down your IP and MAC addresses and compare them with your classmates or family members’ devices.

DNS and How It Works

What is DNS?

DNS stands for Domain Name System. It’s like the internet’s phone book. When you type a website name, like www.google.com, DNS helps your computer find the right IP address to connect to. Without DNS, you’d have to remember long strings of numbers instead of easy-to-remember names.

How DNS Resolves Domain Names to IP Addresses

When you enter a web address, your computer asks a DNS server to translate that name into an IP address. The DNS server then tells your computer the IP address so it can connect to the website. Here’s a simplified version of the process:

  1. You type a website name in your browser.
  2. Your computer asks a DNS server for the IP address.
  3. The DNS server finds the IP address and sends it back to your computer.
  4. Your computer uses the IP address to connect to the website.

Hands-On Exercise:

  1. Open a command prompt or terminal on your computer.
  2. Use the command nslookup www.google.com to find the IP address of Google’s website.
  3. Try the same command with other websites and see what IP addresses you get.

2.2 Network Tools in Kali Linux

Using ifconfig and ip Commands

Viewing and Configuring Network Interfaces

Network interfaces are like the doors through which your computer connects to a network. You can use commands to see and set up these interfaces:

  • ifconfig: This command shows you details about your network interfaces, like their IP addresses.

    Terminal window
    ifconfig

    This command lists all network interfaces and their details.

  • ip: This is a newer command that also shows and configures network settings.

    Terminal window
    ip addr

    This command shows IP addresses and interface information.

Hands-On Exercise:

  1. Open the terminal in Kali Linux.
  2. Type the command ifconfig and press Enter. Write down the IP address you see.
  3. Type the command ip addr and press Enter. Compare the information with what you got from ifconfig.

Basic Troubleshooting with ifconfig and ip

Sometimes, network connections don’t work. You can use these commands to find out what’s wrong:

  • Check Connections: Use ifconfig or ip addr to see if your computer has an IP address.
  • Restart Interfaces: Use commands to restart your network interfaces if they’re not working.

Hands-On Exercise:

  1. Unplug your network cable or disconnect from Wi-Fi.
  2. Use ifconfig or ip addr to see what changes.
  3. Plug the cable back in or reconnect to Wi-Fi and check again.

Network Scanning with nmap

Introduction to nmap and Its Uses

nmap is a tool for scanning networks. It helps you see which devices are connected and what services they’re running. Think of it like a flashlight that helps you see in the dark.

Basic Scanning Techniques with nmap

Here’s how you can use nmap to scan a network:

  • Scan a Single IP:

    Terminal window
    nmap 192.168.1.1

    This command shows you the open ports on the device with this IP address.

  • Scan a Range of IPs:

    Terminal window
    nmap 192.168.1.1-254

    This command scans all devices in the IP range from 192.168.1.1 to 192.168.1.254.

  • Scan a Network:

    Terminal window
    nmap 192.168.1.0/24

    This command scans all devices in the network with a 24-bit subnet mask.

Hands-On Exercise:

  1. Open the terminal in Kali Linux.
  2. Type the command nmap 192.168.1.1 (replace 192.168.1.1 with the IP address of your router or another device).
  3. Write down the open ports and services you see.
  4. Try scanning a range of IPs in your network and note what devices you find.

2.3 Introduction to Wireshark

Capturing Network Traffic

Setting Up and Using Wireshark

Wireshark is a tool that captures and analyzes network traffic. It’s like a magnifying glass that lets you see the details of the data traveling through the network.

How to Use Wireshark:

  1. Start Wireshark: Open Wireshark on your computer.
  2. Choose an Interface: Select the network interface you want to capture traffic from.
  3. Start Capturing: Click the start button to begin capturing traffic.
  4. Stop Capturing: Click the stop button when you have enough data.

Hands-On Exercise:

  1. Open Wireshark on your computer.
  2. Select your Wi-Fi or Ethernet interface.
  3. Click the start button to begin capturing traffic.
  4. Browse the internet for a few minutes, then click the stop button in Wireshark.

Understanding Packet Capture

A packet is a small piece of data traveling through the network. Wireshark captures these packets so you can see what’s inside them.

Analyzing Network Traffic

Basic Analysis of Captured Packets

Once you’ve captured some packets, you can analyze them:

  • Protocols: Look at which protocols are being used, like HTTP, TCP, or UDP.
  • Source and Destination: See where packets are coming from and going to.

Hands-On Exercise:

  1. In Wireshark, look at the list of captured packets.
  2. Click on a packet to see its details.
  3. Find packets that use HTTP, TCP, and UDP and note their source and destination addresses.

Identifying Common Protocols and Traffic Patterns

Wireshark helps you recognize different types of traffic:

  • HTTP: Web browsing traffic.
  • DNS: Traffic related to translating domain names to IP addresses.
  • TCP: Reliable data transmission.
  • UDP: Faster but less reliable data transmission.

Hands-On Exercise:

  1. Filter packets in Wireshark to show only HTTP traffic by typing http in the filter bar.
  2. Do the same for DNS by typing dns in the filter bar.
  3. Compare the different types of traffic you see.

By understanding these basics and doing these hands-on exercises, you’ll be able to see how computers talk to each other over networks and use tools like ifconfig, ip, nmap, and Wireshark to explore and troubleshoot network issues. Keep practicing, and soon you’ll be great at managing and analyzing networks!