Free Course: IT Networking Fundamentals | 40 Minutes

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

all right so welcome back everyone before we begin with anything we have to understand the over underlying technology and that's that's the foundation is the internet whatever we are trying to protect that are that are mostly mostly i would say 99 of time connected to the internet all right so uh in order to predict that we have to understand how it works so the point is we need to understand how internet works okay so i'll try to keep it very very simple so that you get the fundamental fundamentals right we'll talk about the technologies later but let's take an example and understand it all right so in order to understand the internet the the way we we of course know uh nowadays we can do anything over there maybe it's about sending some uh profile pics maybe it's about doing the shopping over the internet or maybe it's about uh doing some online transfer money transfer over the internet as well right so for every time we make use of internet and everything that works on the internet uh is works with the fundamental of package straight right but let me give you an example and tell you how the package comes into the picture right so uh suppose uh for example you have a friend in new york and you need a photograph cat maybe for any purpose right now this this photograph of a cat you need it and you are sitting in tokyo all right and you need this image right away how exactly internet works is uh internet can't really transfer the entire image entire photographic entire picture of a character referee straight away right what exactly it do it can it can actually perform is it has to split it has to basically fragment the entire image into multiple multiple sites multiple you know fragments and that's why it's going to happen it's going to fragment at the source side let's see uh at the center side at the center side the the entire information will be fragmented into multiple parts and this will be uh put into a pops kind of you know a box kind of package so this image will be there in the packet and will be ready right ready to be transferred over the internet okay and internet is just a connectivity from one country to another from one state to the other from one city to another city connected to a whole lot of fiber cables all the way from all the way from new york to tokyo to european country to asia everywhere you find it you see everywhere is the connectivity it's all because the fiber cables are available right so we are talking about the fundamental technology now this package now this three uh fragments sorry goes into the packet and now this packets are uh are sort of independent they are independent to find their way they can choose any way they can go from new york to tokyo by any means they can find the route to any other country or any other route maybe you can go to asia maybe directly go through the you know tokyo or any other so let me give an uh example the first time you can choose the first uh the topmost second one can choose even the other fathers but the third one can work accordingly now once it reaches on the destination side that's where the magic happens all these are these fragmented uh you know all this fragments basically but the packet as well get reasonable okay so then get reasonable on the destination side of the so that's where these these fragments get visible and pick out the actual image the original image that was right and that's how you say your friend thanks right now now this entire stuff that just happened it was it happened very smoothly but that's where the real technology resides what do you see on the source side and the destination side and that's what the tcp ib stack is all about and this is the foundation of the internet this is why the internet works so smooth and you see on the bottom there's a tcp ip okay that's basically a software suit the software that basically sits on your computer that's actually installed on your computer and i'll show you how that works as well and how you can configure that as well but remember this this tcp iv is the entire uh protocol that responsible for doing the fragmentation and resembling on the other side as well that's how the data transfer that transfer over the internet of seamlessly all right so i hope you got the idea we'll catch you in the next session where we'll talk about osi layers and tcp id as well all right welcome back everyone my name is rusby gupta and in this video we are going to learn about oversight layer okay so let's begin so before we start i'll tell you something osi layer is basically a framework it's a framework or a set of rules or set of protocols i will say it says that any two devices who need to communicate with each other maybe on the internet they need to follow set of rules they need to have these layers into it the software you could say okay and um this is important on both the side if one is talking on one layer the other half the other have to be on the same layer itself and that's what osi layer is all about okay so there are seven layers in osm that says about a different characteristic and different layer so let's begin first layer is physical layer this is all about if two devices just want to be connected on the physical layer they they don't need any set of software or something they just have to be connected on the cable and that's what you could see maybe it could be a copper cable it could be a fiber cable any sort of cable if they just want to be on the physical layer they can just be connected right so that's what the physical layer is all about that's the first layer next is the data link layer data link here is all about the layer two liquids it's basically also called as layer two layer this is where the uh in a way if the land communication basically happened the local area communication this is where the discovery of each and every devices happens when i say discovery any devices which are connected physically other devices can detect it based on the data link layer in a way of land technology or ethernet technology this is discovered or i would say identified based on the mac address so usually you might have heard about switches so switches are basically extends extend uh your lan network so if you want to have two computer right do computer want to talk to each other you just connect a lan cable uh from one computer to another they can talk to each other but what if there are five computers so what could you do you might you have to have five uh ports on each computer and you have to connect to all of them that's going to be really messy just think about 100 computers in the office what would you do that's the solution and you can just have a switch and connect all you just have to have computers with just single port and they can all connect to the switch that's easy right that's what the switch is and the moment any devices is any device or any computer is up with the help of switches with the help of data link layer or the layer 2 the devices can be auto discovered that's happened because of ethernet technology and in the layer 2 basically every device is every device is basically identified or every communication happen based on the mac address and this mac address is the physical address just like every every every you know sort of every uh every person has their physical identity like dna right that cannot be altered right there's the way we have our fingerprint that can't be altered right that's the way every device devices uh has their burning address this this address is given when they first use the device is found in manufacturer or i would say so this is how it is being denoted 48 bit address uh it's normally automatic so that's what you whenever you see that mac address that's basically layer 2 address that's how the communication works on the layer 2 data link layer all right so next comes the network layer this is logical layer basically the way you have everybody has their identification which cannot be changed like as i said the dna fingerprint uh but never clearly just like your name right you can of course change your name right you can of course have different name on the different uh maybe of course who do that but but you can of course have the names right that's what the network error is it's a layer 3 uh where the communication happen based on the ip address right and um where the transfer where the data transmission or transfer of data happened based on the ipod risk uh if if we have the ip price on both the side then only the communication could happen right and the device which do the transmission with the device which perform this transfer of data from one system to another one computer to another it's called router remember this the switch which we talked about the layer two it's basically responsible for forwarding the data on the layer two that's basically transform uh transferring the data based on the mac address whereas the uh router is basically responsible for following the data based on the iprs so that's where you see your router even at your home router whenever you need to change the settings or you need to change the uh maybe ssid of your home router or maybe change the password you always go to your browser and you know you usually make use of 192.168.0.1 or maybe 1.1 as well 192 168 1.1 that's because the router is identified based on the appearance and of course router also identify other devices based on the app uterus if if the device is not configured with the ip address it can't do anything router cannot do anything right so in order to in order for router to perform any sort of forwarding that the device need to have or the computer need to have an angulators and this ip address is usually 32 bit headers of course this folder for 4.4 it's google iphones but any system can have any iq iqris uh usually there is two set of five people's private iphones and the public eye papers private app addresses anybody can assign uh in their local area but if you want to have communication outside of your area outside of your lab and you want to have access to the internet you need a public ipad right and of course you might be having a question then how brazilian how come i access to the internet while having the private editor up while having the private tools that's because your service provider do the job your service partner basically uh hides your private ip address and then allow you to get access to the internet all right so you basically uh they basically rent their public computers for you now let's begin uh let's sorry let's uh start um next comes the transport layer you see that's what we if you're following me uh if you have uh checked my last video on the how internet works so that's where i talked about tcp this is this is what which is responsible for doing the fragmentation and resembling on two computers from on both sides source and destination side this is what which is being responsible for managing the socket which is basically responsible for managing the application to application communication or port to port communication that's what we'll be talking about in much more detail in the further session but for now just remember one thing tcpip is the one which is responsible for doing the fragmentation and resembling as we talked about earlier we'll talk about the pores we'll talk about the sockets and some other joggings related to the transport layer itself related to tcp itself all right next comes in is the of course this is the tcp and every every computer is b this will be having multiple applications running into it and every application will be identified with a certain port number and that sport uh will be uh will uh you know can be of different rate from starting from one to sixty five thousand five thirty five right and every port uh identified the application okay so if we have eighty that identify then this this uh you know this application is http instead that's running http services or maybe web application if it's 443 let's see dbs application i'll talk about it if it's 25 that means that uh computer or system is running a mail service smtp maybe okay um then we have section there now that's very interesting session layer is the one which is responsible for initiation of a session management of a session and uh basically domination of a station so that's responsible for once the session is being established it it is responsible for management of the entire session throughout throughout the you know flow of the packet right now once the session is being established uh once the session has been initiated or whatever it is and next is the presentation layer that's where a lot of other stuff happen based maybe we have encoding done maybe we have encryption uh done end-to-end that's what we see on the whatsapp as well right whenever you talk to your friend you see this this uh communication is into it encrypted that means um uh the signs from you and your friend nobody else can see what's really happening that's all because of encryption and that's all happen on the presentation layer right so that's what it is yeah uh even the encoding as well so there are multiple encoding that happens too so that's it's being respon that has been taken care by presentation layer finally we have application now application layer is the one which is which user finally see you know what you see at the end you see a browser you see the you know email coming in text written and everything whenever you go to google you see google doodle you see the response coming in you see the youtube this is all application response right this is where the user actually interface this is where user directly communicate right but whatever they're on from the top to bottom from presentation layer to physical a user is not really directly you know interfacing with it right so user can understand can see whatever presented on the application there right so that's where you see your browser data that's what we call as http uh traffic you see your email coming in and you see the content into it that's what we call sap traffic as well what did you understand from this the purpose of this entire uh method is basically to give you an idea that this entire entire framework this entire framework has to be present on both the side it means if two computers need to talk to each other both of them should have all the same layers from physical to data link layer to network layer to transport layer to session layer to presentation layer and the application layer as well if any of you any of the any of the session is not really working the communication will not be successful it won't really happen that means this is something which is really important if you take any go back to the earlier video where we talked about the internet from your friend to you sitting in tokyo you know uh it means both the source and the destination both uh both your friend sitting in the nyc and you at tokyo should have the osi 7 layer all the seven layers of the os you got the point this is what we have to have on both the side if you don't have the oyster layer on both the side the communication won't happen and that's what i talked about the the fragmentation reasonably happening on the source and destination side this all happened because of it all right so i hope you got the idea about how osi layer works thank you so much welcome back everyone this is and this session is about ethernet switch now let's understand you have you have got a computer every computer has got a port to connect to the internet called neck or ethernet port okay uh that's where we connect the rj45 cable so that you can get access to the internet all right now let's say you have two computer okay and if you want to have a communication between both of them what could you do you can connect a cable uh with computer a to computer p and you're good you can talk uh you can have a communication between them you can share a file directly with the network share option and everything and it's gonna work perfectly fine but just think about it if you have maybe uh four computers maybe five ten computers what do you what you would do you just have one port on every computer all right if you just have one port how could you connect it to multiple multiple devices maybe 10 20 or 100 of a computer just with one cable there's no way right but there's a solution that's what we call ethernet switch now ethernet is switch is something where you just have to connect your cable you you have your computer just connect your rj45 to this switch and all the computer just connect a cable to their computer and the next end to the other end to the switch now the switch allow communication among all of them directly just with their one cable isn't it really solving the need that's how we expand the network earlier we were only able to have a communication between two computers now we can have a communication among maybe 10 20 100 or 50 500 computers directly that's all because of switches and that's what works on the layer too that's that's the that's that's what we talked about in the os earlier as well because switches allow communication on the layer 2 mode that's where the switches for that switches need the mac address and with the help of mac addresses each switches can recognize okay on which by which on which cable which device is connected which computer is connected maybe it's a john computer oh yeah strong computer is connected on port two oh this is uh olivia i mean she's connected on port 24 or maybe there's somebody else right this great who's connected to port seven maybe there's david who's connected to ports uh maybe 16 right so that's how switch understand okay it's support connected to port this port i need to if i need to forward the traffic to debit this is where i can forward the traffic in between right so it expands network help to accommodate a large network as well and this is how it really looks like so let's say you have nine computers you just have to connect you know you just have to have nine cables connect the one end of the cable to the individual system and then other end straight to these switches and now all the computers can have a communication among them easily and that's how the switches really works and that's the purpose of the switch all right i hope you got the idea we'll catch you in the next session thank you all right welcome back everyone this is rasmish and this session is about routers what's the first thing that you do with the moment you decide to have internet connection probably to your new home or the office you go to the shop and ask for any router right and once you get it you start configure the username and passwords on the dsl or adsl configuration right that you probably get it from your service provider internet service right that's what exactly happened with the router that's what the router purpose is the purpose of router is to connect your home devices with the external world that is the internet right and that's how the home router really looks like it could have 299 499 depends on what kind of range you're looking for usually it could have two bands 2.4 gigahertz or five gigahertz right will not go into wi-fi in this session we'll be covering in the further session all right so remember the purpose of a router is to the router works on the layer 3 of the osi layer that means it's it works on the network layer that means it forwards the day it connects two different networks based on the ip address and it identify each every uh devices desktop laptop mobile phone anything by its ip address so if the device don't have any ip address you won't be able to communicate outside the world because uh in order to have the communication possible it's a job of router a router needs the ip drive just like switches need the mac address to forward the information call frame right and of course uh the the it connects two networks home network with the internet itself and this is how the setup really looks like this is what we have seen in the switches as well when we were learning about the switches but the purpose of switch is still the same it's it's expand the network so the way your team grows so you might you might grow from two to maybe 10 to 100 in that case you you you would need hundreds of texture and in order to have access to all the desktop you need the cables to be connected the rj45 for copper cable and this has to be connected to switches right and that's why you need to expand that's why you need multiple switches to accommodate all the users now the switches can expand your internal network but it cannot allow the communication to the external world for that you need a router and that's why you see the router just next to it in some situation you might need a broadband it depends on kind of communication we have uh there are optical modem coming in as well for fiber to the home fpth in that case it can be optimized optical modem which converts your light optical signal to electrical signal i mean uh electronic signal as well in the in the form of digital signal all right so this is about the home of a home or small office setup let's understand how the enterprise network really looks like of course so the the way the home router or the office network need to have a communication with the external board uh the enterprise network also need to have the communication to the rest of the world what really changes the the purpose of uh the purpose of the enterprise route router the foundation of routers still remains the same it's exactly the same what really changes is when you look at the small office or the home broker they need to just forward maybe a traffic of 10 or maybe 20 40 50 users right that could be that could require a bandwidth of maybe uh 50 mbps to 60 mbps what if a larger organization or headquarter may be in that situation that could be 500 mbps to maybe 700 mbps of internet circuits which require in that case our low end router or this home office router won't be able to handle so much of a traffic so in that situation you need a robust router which can handle such huge traffic so that's why the enterprise routers are really needed which are made for this and there are many legal and there are many uh largest uh solution provider or the oem available as well origin equipment manufacturer cisco is the leading player in the cisco router i mean when it comes to the router manufacturer there is juniper as well cisco has got isr asr series as well and the earlier was the isr series now it is the asr series router which could be 1000 series router itself so it could have advanced circuits different kind of a port supporting different uh supporting different capabilities as well what kind of capability so the the it's understand this we use enterprise router when we need high capacity or high bandwidth to be handled also we might need uh you know uh enterprise has got got voip uh voice over ip multiple voip phone and video calling in cisco technologies called telepresence as well polygon for for polycom is one of the player which is being used for a video conference on all those facilities this is the application related requirement which happens on the user side there has to be some interoperability or compatibility with the router as well so that to prioritize the voice traffic over the normal data traffic why do you need to prioritize because if the if the device of the router cannot prioritize it the experi experience of the user might be deteriorated and then data can be forwarded maybe a second or a minute later but if the video or the voice traffic goes even a seconds delay the user can feel the disturbance that's why the jitter that's why the delay latency really matters for video or the voice traffic and that's why the router has to be built in such a way for enterprise network that it can support the voice and the video traffic that's why we need features like qos dhcp marketing active precedence features and everything right so that's what it is and also throughout this session we'll be considering our own uh sample network design this this is something which i've designed based on a simple network architecture for any enterprise network which has server farm where the where the external applications will be stored inside your oral transition that's what we call as dmz demolition demilitarized zones and there's internal server form where we have our internal servers for employees for hr crm erp system and everything also the user workstation as well and what you see in the orange that's basically firewall which we will be talking in the further session what do you see in the cross center that's the router which connects the external world with our internal network all right so this is all about the enterprise router and the small office router as well in the next session we'll be going with the demo offer thank you welcome back everyone this is rajneesh and this session is about firewalls before we understand this let's let's take an example in the in the in you know for a building there's a security guard right security person taking care of the building security or the premise security what exactly it do it it actually prevent any unauthorized access to the premise right is that the purpose of it correct so it it basically prevent any unauthorized access and how exactly it ensure that for every entry it ensures that who is coming and to whom is meeting and what's the purpose of it at what time he is coming all those information and then of course the signature of it right so what exactly he's trying to fetch this source so it's the person the destination to whom he is meeting and the purpose the basically uh maybe for the meeting for uh maybe for the webinar or sales pitch anything right that's exactly the purpose of firewall when it comes to the network just like the security guard sits at the gate firewall sits at the gate of your network when i say gate it sits on the network perimeter of your entire organization so let me explain you indicate so uh this these are some of the these are the firewall really looks like just to show you uh how the firewall physically would look like of course firewall can be it's at the end it's a software it's a logic so but in order to support huge you may ask why do we need the appliance if it's a software right so the answer is when you have an hardware running for some purpose you can have a dedicated processes dedicated resources like dedicated cpu memory storage for specific activity maybe for establishing the vpn encryption and many other stuff as well right so that's why you need the hardware in order to deliver a better throughput for the services and uh these are some of the leading platform including cisco palo alto checkpoint these are the platform you would you would find in most of the top mncs of course there are many other as well forty get is also one of the popular two let's get started and the firewall works from the layer four till layer seven that means it start it it works it's his job starts stop starts at the layer four on the transport layer that means it's of the osl layer that means just look at the tcp or udp ports and can also look at the application as well remember the legacy firewall from the time the firewall was really built it was usually looking at the transport layer that means the ports and the ip addresses right and it recognizes the devices users based on the ip address port application and many more this is what i'm talking about the current or the latest firewall appliance uh the purpose is of course is to protect the network from any unauthorized access uh can you be correlated with any other stuff that we talked earlier you got me right that's the confidentiality of the cia trial if you remember i talked about cia and that c represents the preventing any unauthorized disclosure that means it can be achieved by having access control so whenever you uh have uh have a prevention from any unauthorized access you get basically better confidentiality and that's why firewall is really really important to achieve your confidentiality of the c in your cyber security goal right so you're getting the point in order to achieve the your confidentiality goal you need a lot of solutions it's not the one shop one solution that can take care of anything everything in fact you need multiple solutions to take care of it and firewall is one of them and it's the basic need whenever the organization security is really discussed about next is firewall administrator the the way i talked about the the purpose of security guard is to ensure or to prevent any unauthorized access the way it do is it makes a diary or maybe a software where it makes an entry of a person meeting to which person which person and the purpose of it similarly the firewall administrator makes the security rules on the firewall about uh which traffic which kind of a traffic would be allowed and which kind of traffic would be denied right so let's look at how the security rule really looks like if you remember i talked about the sample network design so this is how the design really looks like the dmz where the customer application would be stored maybe web application ftp server email server e-commerce servers when i say customer it's not really a customer it's just that anybody who want to access my application from the internet right sitting from the home in that case they can access the application directly from the internet come to the internet router then the firewalls and then to the dmz network what you see on the down which is the internal server file this is the employee related servers so people who want to access the access these applications sitting in my own corporate network they don't really have to go out they can straight away get access to it internally right so that's why the dmc is being because that's where it's very risky if somebody get can get into the dmz network and possibly can compromise the firewall by any tweak or something they can get into the internal server farm as well that's why the external dmz firewall or the dmz network is to be restricted and has to be taken care of care of it very seriously so how the security rule really looks like if you see the this is the checkpoint uh dashboard where we create the firewall rules you need to specify the name of the security rules then the source from where the traffic would be initiated it could be the ip address it could be object having the name which resembles through the ip address or the group of iphones or the network of of any network itself of ip address and the destination which servers the user want to have the access to and then service so service would be what service is the purpose in case of a real example service would be tcp um maybe any random port may be http ftp or it could be smtp it could be 80 443 any sort of stuff right it could be rdp as well for taking the remote desktop and then we can have action to be allow or drop accept or deny and we can have a track option enable as well so that any any new hit come to this rule we should get a log of it we should get an event to the firewall so that we can investigate and go back and you know can can perform any foreign what went wrong and other stuff so this is how the dashboard really looks like in case of generic firewall any other firewall you would also need to define the source zone and destination zone as well maybe internal to external external to internal all those stuff these belongs to the zone and what you need in order to create the rules so i hope you got the idea so far you need the source address then you need the destination address then you need the service ports and that's where you define the tcp udp port and based on the ccp number itself this service would be defined as i told you ad443 these are well known rdp as well for remote desktop in case of windows 2. i hope you got the idea so far about how the firewalls and firewall rule the rules really looks like in the next section we'll understand the difference between the legacy firewalls and the next generation firewall thank you so much welcome back everyone this is rashmish and this session is about next generation travels you got me right there's a new boy in the town this is about next generation firewalls what we have just learned it was majorly about legacy firewalls and i'll just tell you about the difference uh well uh the picture what i'm showing you over here it's uh it means that the next generation firewall is built off a lot of features these are more of application i mean more of software related features but in order to support those dedicated software features there are some hardware uh dotted board cards available as well just like you you see in the in the computer people who works on the graphic designing or you know kids who are interested about gaming they go for graphic cards right what's the purpose of it just to provide additional cpu right just provide better uh processing enhance the processing capability similar to that with the next generation firewall there are many such features in order to support source application that is need to have some additional hardware resources which are having dedicated cpus uh then memories and everything right so that's the purpose of it so what do you see on the left that's basically the legacy firewalls and let me tell you the difference the the way the legacy fire will take actions the way the legacy if i talk about the uh security guard take action based on couple three parameters in fact where are you coming from the way security guard asked the guy where are you coming from that's resource where where you want to go that's the destination and what ports are you talking on the purpose of your meeting so these are the three things which which is needed to which is needed for legacy firewall which basically legacy fire will ask for any kind of a traffic or request coming into it right when it comes to the next generation firewall it takes the action based on some more parameters so of course the first is the where are you coming from that's the source then where you want to go that's his destination and then this comes the purpose which what ports you are talking on right and then it does something more are you really talking on this port well this is something which is even more smarter way what was really changed in the past in the past uh seven or eight years is that the way the threat has been changed threat landscape in fact has been changed what has been done is uh earlier we can we can allow the traffic like http https or dns to be like genuine traffic but what really started happening is cyber attackers the threat actors started encapsulating the malicious traffic inside the genuine post inside the whitelisted ports like http dns traffic and all those stuff in that situation legacy fire with things think of it like okay it's a it's a genuine post and everything i should really allow it but when it comes to the next generation firewall it makes a database of all kind of application maybe it's a skype maybe it's a traffic for microsoft rdp maybe it's a uh any sort of oracle application maybe so salesforce sap it's it's can be for related any stuff it can be any application in the world right can be millions of applications and next generation firewall keeps the database of all those applications so if somebody says okay i want to talk on port 80 so it's try to understand are you really talking on port 80 so i try to even take the signatures of those traffic and try to understand okay this is the really the port atm this is the kind of application which is going into it right so um let me give you an idea specifically in terms of firewall so legacy firewalls needs uh identify based on source ip address all right destination ip address support and services nation firewall uh it's basically where are you coming from you remember that source ip address destination ip address ports and services and when it comes to identifying are you really talking on this port that's where the application id comes into the picture for every application it keeps a database as i told you and that's where you try to match if you are you if you're if you're really having skype going on port 80 or something else or you know accordingly you get the idea and it makes any evasion of application in those situation user id as well so user id is mapping the user so you can specify which user should be allowed for which application to which destination and all the stuff there are content id as well for better signature identification and identify any malicious pattern into the traffic as well but this is not limited to this next generation firewalls have got much more capability as well all right so we'll see in the next session where we'll be going into the practical demonstration of it thank you all right welcome back everyone this is rashmish and this session is about ping you hit me right i think is the really the coolest feature of networking or i would say the most often often used feature majorly by network admin it could be by the network operations teams in fact even by the normal user as well okay so let me tell you what exactly it is most of you might be knowing it already so the purpose of uh this is how you can do it on your command prompt you just have to type a command ping and you can just ping anybody what exactly it gives you is the is the is the verification that the destination is reachable all right but this is not the feature of ping is not just limited to that i'll tell you in much more detail uh the purpose of course i told you it's a troubleshooting starts with pink man i mean for most of the folks troubleshooting actually starts from pinker man if they if somebody user says okay i have a slowness issue hey listen this application is not working for me hey listen uh i have a intermittent loss of communications i can't reach out to the server for a while uh many stuff right you can just try pinging it okay and if you see there then if you see in the command in the output there are four packets has been sent each line represent up uh 32 bytes of a packet which has been sent and there's a time which has been mentioned of 5 milliseconds that's been taken that's the time duration which it gives you the idea as well but what is really important is you can increase the number of time or you can make it for infinites but it can be a loop as well so in that situation you can get the idea okay if there's really a packet drop in this situation or not and how much time it takes the packets to go through the distribution and comes back okay that's a round reply it's a network command to check if the ip address or the host is accessible or not so if i i just turn up a new service i just want to verify if my service is up or accessible for everyone i can just ping the server or the ip address or the host ipad is itself right and that would be pretty easy it uses icmp message and from the context of osi layer which exam where exactly it's going to work you heard me right because we are all talking about ip address so it is supposed to work on network layer and that's right it works on the network layer and hence the icmp works and snp messages also works on the messages also works on the network here as well because it will help you out to get the information at the network layer but it does not show what is the reachability on about that maybe on transport layer it ping is not sure about it on the session layer pink is not sure about it not even the application layer if the application is working or not you can only verify till the network here if the reachability is good or not right for troubleshooting on the further layer to the other side of the layer you can you can start using any other commands for this this is the extensive command you start with ping minus t minus a minus n number of counts number of packets that you want to keep sending it so you can be very extensive in the next session we'll have a lab and we'll keep making we'll be making use of this command to perform some extensive diagnosis or troubleshooting right so thank you so much we'll catch you there all right everyone this is rajneesh and this session is about how traceroute works let's get started so this is what happened when you go on your command prom type cmd and you want to trace out to any website any host this is how it really looks like but before that let's understand what exactly trustrow is so after ping this is the most coolest tool available for network admin and operation folks everyone who is into troubleshooting breakfast all those stuff they know this command very well and this has a huge and tremendous value for troubleshooting it's a critical tool for network troubleshooting it's a network command to check the end-to-end path to know basically the path if you want to troubleshoot the challenges across the path you should know what is the path right and that's where trust route really help you out still remember one thing trust route also works on the layer 3 the network layer of the osi model okay so whatever we have just discussed this is all about osi network layer so when you somebody ask you to troubleshoot even even if you are a network architect anybody if you have started you know deployment you have deployed a network with routers such as firewall load balancer proxy servers event accelerator any any number of stuff now you want to see how the traffic really going across is the firewall coming in between if the router is coming in between is is it is it going by one path and coming back by a different path that comes to the estimated crowding issue as well this all can be fixed and i am in fact first identified with trust route command okay press out is basically a feature command could vary for windows the command is stress rt versus score router list would be trust route juniper it could be twist out as well depends the command name would changes but the it works exactly the same way right it's again icmp message it makes use of icp message udp but it works on the network layer as well that's why it is it is it is working on the you know layer three of it the command on the windows is this you can ping to bring this command press rt and the iphone software i made use of example.com in the picture in the next session we'll talk a bit more about making use of uh of the demonstration of how threshold works in the lab thank you so much we'll catch you there all right welcome back everyone this is rajneesh and this session is about dns well if i tell you uh that i just made a website and to access my website just go to your browser and type 104.21.51.151 you help me right this is my website you can go and type once but will you really remember tomorrow or maybe day after tomorrow or maybe after a month or maybe after a year not really okay so that's a challenge remembering a website just with its name of 32 bed can make your life a bit difficult right just imagine if you have to log into maybe hundreds or thousands of a website in a month how would you remember your favorite website right isn't it really difficult and what if the website ip address keep changing you the way they start hosting their website on multiple platform and they move from one hosting to another server another server to another server the ip address might change what would you do the solution is dns you heard me right this is what you really look it really looks like when you you know try to get the information about a name of a website uh against uh ip of a website against the name of the website okay i'll tell you in detail but let's first get the basics done all the devices on the internet communicate with ip addresses and but you don't have to remember that right because you would only need to remember the name of the site remember as of that you have learned that everything that happened on the osi layer that happens based on either mac address ip address sport communication and then that's just the application so you got the idea there's no way somebody can just make their own website and all the everyone in the world can really remember that right uh so there's a way of doing that the dns is the way dns maintain a database and then broadcast it to everyone right so what happened is dns maintains a database of ip address to its corresponding name and it helps everyone to perform the lookup so you just have to remember the name of the website right maybe your name maybe your name.com maybe your name dot me right so with that you can quickly type just you just have to tell your friend okay hey go and type maybe uh maybe your name.com and you go ahead and type this name and they are ready to go if you don't you they don't really have to remember the ip address of this right because that headache has been taken care by dns right that's basically take care of the database but i wonder if i type the name who is basically doing the conversion how my computer knows what's the ip address of that system because my computer has got the tcp ip right as i told you earlier all the computer all the system who need to communicate to the internet need to have tcp software and in order for tcpip to understand uh where to send the message it needs the ip address so in that way my system itself should be able to get the ip address right against the name of the website the moment you hit it on the browser so my system need to go and get the look up somewhere and get the ip address against the website name that you just typed all right so there are in that context there are two kind of dns services authoritative dna services and recursive dna services authoritative dna services is the one which is the main is the ultimate owner of that website or maybe of that name who holds the name to the ipo to luka recursive is the one which is the mediocre okay i'll tell you how that works authoritative dns has the final and the ultimate authority over dns over your domain or maybe the website name itself and responsible for answering the dns query from the recursive dna servers so what exactly is dns uh recursive dns it could be your service port or internet service word right so the moment you get your internet setup ready you just configure that on the system right you just configure uh the uh most of the time we configure the dns name as our search partner uh given by the service partner or most of us usually prefer the free dns service provider which is 8.8.8.8 which is provided by google right so what happened is the moment you hit let's say google.com my computer needs the ip address of google.com in order to forward the packet because you remember computer has got tcp ip and it can only perform the communication if it has the ip address so it first comes from the user machine the system the tcp ip on my laptop goes and try to get the ip address against google.com the first server it reaches is your service border which in in this in the normal in the generic world it's called the recursive dns server in that situation it goes to the root first the dot com the dot basically the directory and the root is the one which is the parent of all the domain and from there it reaches to the dot com from there it reaches to the google.com which is the authoritative dns server who is the owner of the domain which which basically knows what is the mapping of this domain with the corresponding ip address right so in our example it is example.com and this is the ip address against it and that's how the request then comes back to the user once it gets the answer the request comes back to the user and your system is ready to go now the tcp ip knows the ip address and it is ready to forward the packets to the destination as well right so recursive dns service is usually provided by internet service partner oh that's twice anyways i hope you got the idea and this is all about how the dns really works uh in the in the next session i'll show you how we can get more insight about dns and much more cool stuff related to dns as well thank you all right so thanks for watching this video if you like this video and my effort as well then you can subscribe to the channel you can hit the like button and you can ask me any question in the comment section as well till then keep learning [Music] [Music] you

Info

Channel: Rajneesh Gupta

Views: 6,994

Rating: 4.9880953 out of 5

Keywords: cyber security

Id: F6niX3B-1yo

Channel Id: undefined

Length: 49min 51sec (2991 seconds)

Published: Fri Sep 24 2021