CCENT/CCNA Certification

 

Well, I have decided to follow a different path in preparing for the CCNA.  As I have already obtained my CCENT Certification using the Todd Lammle book for the single test CCNA 640-802, without too much difficulty…other than my own foolishness, etc…but I thought I would try the Wendell Odom books through Ciscopress, Official Cert Guides CCNA1 and CCNA2 (640-822 and 640-816 test).  Both authors are CCIEs and are very well qualified for the task.  But each test is structured differently; in-fact, there are certain things that are not on the single test method and are on the dual test method – which for a person such as myself could be an advantage by being introduced to those few items of study.  I have read both good and bad things about the books, but who is ever really a good critic.  Especially when you buy a book, as many of us do, and we mistakenly believe the knowledge will somehow magically be imparted upon us.  So, I will give it a try.  I have not made it past the first chapter yet, but I do like it’s layout so far.  Of course, it does help to skim through the book initially.  I felt it was a nominal investment in my future.

Network VisualizerUp until now, I have used a lab simulator program to play with the many interconnections between the Cisco Routers and Switches.

 

 

 

However, I thought it would be better to have a physical connection to the hardware by obtaining a Cisco CCNA Certification LabI felt it would be better, for me, to have hands on.  Sometimes I just don’t “get it” because I have no connection to what is actually going on.  That is probably one of my biggest problems.  Unlike the books, this will be a rather hefty investment, with a wide range of costs and options; ranging from $199-$1400+.

Internetworking Part 9

Data Encapsulation is the process data flows through which the data in each layer of the OSI Model is wrapped (or encapsulated) in protocol information of the layer.  Each layer of the OSI Model is readable only by the same layer on the receiving host (i.e., Session-Session, Transport-Transport, Network-Network, etc.)  However, each layer the data must go through before transmission must receive and understandable header and protocol data to continue on its journey.  It is relatively simple to understand once you gain an understanding of what is happening.

Each layer communicates with its neighbor layer on the destination. Each layer uses Protocol Data Units (PDUs) to communicate and exchange information.  Protocol Data Units contain the control information attached to the data at each layer. The information is attached to the data field’s header but can also be at the end of the data field or trailer.

Each protocol creates a protocol data unit (PDU) for transmission that includes headers required by that protocol and data to be transmitted. This data becomes the service data unit (SDU) of the next layer below it. This diagram shows a layer 7 PDU consisting of a layer 7 header (“L7H”) and application data. When this is passed to layer 6, it becomes a layer 6 SDU. The layer 6 protocol prepends to it a layer 6 header (“L6H”) to create a layer 6 PDU, which is passed to layer 5. The encapsulation process continues all the way down to layer 2, which creates a layer 2 PDU—in this case shown with both a header and footer—that is converted to bits and sent at layer 1.  [Layers 7=Application, 6=Presentation, 5=Session, 4=Transport, 3=Network, 2=Data Link, and 1=Physical]

Here is an excellent video related to data encapsulation, for those of you who (like me) are visual by nature. https://www.youtube.com/watch?feature=player_embedded&v=3se8JizBmPg

These are the basics and this was down and dirty.  I hope it is both helpful and useful to you.

See also: Part 1, Part 2, Part 3, Part 4, Part 5, Part 6, Part 7, Part 8

References:

http://www.tcpipguide.com/free/t_DataEncapsulationProtocolDataUnitsPDUsandServiceDa.htm

http://www.tech-faq.com/understanding-data-encapsulation.html

https://en.wikipedia.org/wiki/OSI_model

Lammle, T. (2007). CCNA Cisco Certified Network Associate Study Guide. Indianapolis: Wiley Publishing, Inc.

Internetworking Part 8

Ethernet cabling is a rather important topic, especially for those seeking certification.  However, on the same note, it is quite easy once you gain the hang of it.  There are three types of cabling:

  • Straight-through cable
  • Crossover cable
  • Rolled cable

Straight-Through Cable:

The straight-through cable is used to connect

  • Host to switch or hub
  • Router to switch or hub

Standard, Straight-Through Wiring Diagram(both ends are the same):

RJ45 Pin #

Wire Color
(T568A)

Wire Diagram
(T568A)

10Base-T Signal
100Base-TX Signal

1000Base-T Signal

1 White/Green   Transmit+ BI_DA+
2 Green   Transmit- BI_DA-
3 White/Orange   Receive+ BI_DB+
4 Blue   Unused BI_DC+
5 White/Blue   Unused BI_DC-
6 Orange   Receive- BI_DB-
7 White/Brown   Unused BI_DD+
8 Brown   Unused BI_DD-

Straight-Through Ethernet Cable Pin Out for T568A

 

 

 

 

 

RJ45 Pin #

Wire Color
(T568B)

Wire Diagram
(T568B)

10Base-T Signal
100Base-TX Signal

1000Base-T Signal

1 White/Orange   Transmit+ BI_DA+
2 Orange   Transmit- BI_DA-
3 White/Green   Receive+ BI_DB+
4 Blue   Unused BI_DC+
5 White/Blue   Unused BI_DC-
6 Green   Receive- BI_DB-
7 White/Brown   Unused BI_DD+
8 Brown   Unused BI_DD-

Straight-Through Ethernet Cable Pin Out for T568B

Crossover Cable:

The crossover cable is used to connect

  • Switch to switch
  • Hub to hub
  • Host to host
  • Hub to switch
  • Router direct to host

Essentially, this type of cable permits connecting like, or similar, equipment together.

Rolled Cable:

The rolled cable is used to connect a host to a router console serial communication (com) port.  The pinout of the cable itself is the direct opposite from each end (i.e., 1-8, 2-7, 3-6, 4-5, 5-4, 6-3, 7-2, 8-1).

See also: Part 1, Part 2, Part 3, Part 4, Part 5, Part 6, Part 7

Works Cited

Lammle, T. (2007). CCNA Cisco Certified Network Associate Study Guide. Indianapolis: Wiley Publishing, Inc.

https://www.youtube.com/watch?v=482VtesZwZ8

http://www.incentre.net/content/view/75/2/

http://www.petri.co.il/csc_the_basics_of_ethernet_cabling.htm

http://www.ertyu.org/steven_nikkel/ethernetcables.html

Internetworking Part 7

Interconnection Part7

Connection-Oriented Communication (COC) was briefly discussed in Part 5, hopefully this will be a little more in-depth.  COC is a data communication mode, in which we must first establish a connection to either the remote host or server prior to any sending of data; otherwise, the possibility of data loss increases.  The process of establishing a connection-oriented session to a remote peer host is called a three-way handshake.

An end-to-end logical circuit is created for the sole purpose of transmitting the data, when transfer is finished the link/connection is terminated.

The establishment of the TCP connection can be summed up as follows:

  1. Host A needs to initialize a connection (or a “connection agreement) sends out a SYN (Synchronize) packet with proposed initial sequence number to the destination host B;
  2. When the host B receives SYN message, it returns a packet with both SYN and ACK packets set in the TCP header (SYN-ACK);
  3. When the host A receives the SYN-ACK, it sends back ACK (Acknowledgment) packet;
  4. Host B receives ACK and at this stage the connection is ESTABLISHED.

The connection-oriented protocol sends out acknowledgement (ACK) packets after a successful delivery.  After data packet is transmitted, the sending host waits for acknowledgement from receiver; if time expires, it is assumed that the data was not received and is then retransmitted.

When the data packet transmission is completed and the host wants to terminate the connection, a termination process is initiated.  The TCP connection termination is a four-step process:

  1. Host A, terminates the connection, sends a special message with the FIN (finish) flag, indicating that it has finished sending the data;
  2. Host B, receives the FIN segment, does not terminate the connection but enters into a “passive close” (CLOSE_WAIT) state and sends the ACK for the FIN back to the host A. Now the host B enters into LAST_ACK state. At this point host B will no longer accept data from host A, but can continue transmit data to host A. If host B does not have any data to transmit to the host A it will also terminate the connection by sending FIN segment;
  3. Host A receives the last ACK from the host B, it enters into a (TIME_WAIT) state, and sends an ACK back to the host B;
  4. Host B gets the ACK from the host A and closes the connection.

Transmission of segments needs flow control to ensure the efficient flow of data.  Due to the fact that there are differing types of flow control (buffering, windowing, and congestion avoidance), windowing will be used to aid in data transmission efficiency.  Windowing aids by controlling how many windows are opened at any given time.  If the data flows too quickly (i.e., there are too many windows open) then there will be data loss and datagrams dropped, which require retransmission of the data.  If there are too few windows open then the transmission would be slow, sluggish and inefficient.

Host A starts transmit with window size of 1000, one 1000byte frame is transmitted. Host B returns ACK with window size to increase to 2000. The host A receives ACK and transmits two frames (1000 bytes each). Then the receiver advertises an initial window size to 2500. Now sender transmits three frames (two containing 1,000 bytes and one containing 500 bytes) and waits for an acknowledgement. The first three segments fill the receiver’s buffer faster than the receiving application can process the data, so the advertised window size reaches zero indicating that it is necessary to wait before further transmission is possible.

 

The size of the window and how fast to increase or decrease the window size is available in various TCP congestion avoidance algorithms.

See also: Part 1, Part 2, Part 3, Part 4, Part 5, Part 6

REFERENCES

http://wiki.mikrotik.com/wiki/Manual:Connection_oriented_communication_%28TCP/IP%29

ptgmedia.pearsoncmg.com/ images/ 0130424110/ samplechapter/ 0130424110_ch18.pdf

Lammle, T. (2007). CCNA Cisco Certified Network Associate Study Guide. Indianapolis: Wiley Publishing, Inc.

 

Internetworking Part 6

Flow Control ensures data integrity at the Transport Layer (Layer 4) by maintaining and allowing  users to request reliable data transport between systems.

Flow Control prevents the transmitting host from overflowing the buffers of the receiving host.  If the flow of data is not controlled it can result in lost data.  The ability to obtain reliable data transport uses a connection-oriented communications (briefly discussed in Part 5) session between the two, or more, systems and the protocols involved, which would permit the following:

  • All segments received are acknowledged to the sender upon their receipt;
  • Any segments lost or dropped, which are not acknowledged, will be retransmitted;
  • Segments are re-sequenced into their original order upon arrival at their destination;
  • Manageable data flow is maintained to avoid congestion, overloading and data loss.

The inherent purpose of flow control is to maintain a means for the receiving  host to govern the amount of data sent by the transmitting host.

 

Part 1, Part 2, Part 3, Part 4, Part 5

Internetworking Part 5

In Part 4 we discussed about the top three layers (Application, Presentation, and Session), in this part we will discuss the lower 4 layers of the OSI Model (Transport, Network, Data Link, and the Physical).

The lower layers, or the Transport Set, are for the transportation of the segments, packets, frames, and bits.

Transport Layer (Layer 4) provides for reliable or unreliable delivery and performs error correction before retransmit.  This layer segments and reassembles data into data stream by providing end-to-end  data transport service which creates a logical connection between the sending and destination hosts.

Network Layer (Layer 3) provides for logical addressing, which the routers use for path determination.  This layer manages device addressing, tracks the location of devices on the internetwork, and determines the best path available.

Data Link Layer (Layer 2) combines packets into bytes and bytes into frames, provides access to media using MAC address, performs error detection – not correction.  This layer provides for the transmission of data and handles error notification, topology of the network, and flow control.

Physical Layer (Layer 1) moves the bits between devices, specifies wire speed, voltage, and the pin-out of cable.  Sends and receives bits, some use tones, and others can use variations of voltage or signals

Data integrity is maintained through flow control whose purpose is to govern the amount of data sent by the sender.

Connection-Oriented Communication is where the transmitting device first creates a session with its peer system through a call setup, or three-way handshake.  The three-way handshake is a series of synchronization, negotiation, synchronization, acknowledgement, connection, and finally data transfer.

Part 1, Part 2, Part 3, Part 4

Mobile Malware

I was reading an article on Help Net Security about malware and mobile devices.  Malware has, in effect, matured to such a place in its evolutionary cycle where they have grown in numbers that are staggering.  What makes things worse is the fact that both people, in general, and businesses, as a matter of habit, have entwined these mobile devices into their lives in such a fashion that they are a necessary tool and our life blood, so to say.

There is more malware than ever before which makes it difficult for the average user to know that they are safe from its potentially devastating effects.  Unfortunately, most people are oblivious to the potential attacks and problems, and in turn wonder why & how such a thing could have happened?

The next problem is the fact that malware is becoming smarter every day, some evolving into a polymorphic problem.  Cybercriminals are finding new ways to exploit vulnerabilities, which enable them to profit from our foolish endeavors.

The wall of protection is next to non-existent.  People are downloading and installing more applications (app) on their phone than ever before, which creates and cultivates a field of opportunity for cybercriminals.  I would be next to nothing for someone with the know-how to either create an app for mobile devices or crack one and reintroduce it into the app store.  Think about it, as of January 2011, there were approximately 90,000 apps for the iPad and roughly 475,000 for the iPhone; same time frame, there seemed to be about 250,000 apps for the android platform.  These numbers do not account for the other platforms out there in the market and I lean toward them because they are the most popular and growing in market share.  A malicious minded individual could have a field day with this by just injecting, or infecting, a few apps.

By researching the topic of the most popular apps, the ones that would cause the most devastation to people (business or common user) would be music related, social media, navigating, and games.  These seem to be, in my opinion, the most widely used by a large demographic of the mobile device carrying population.  This is not for fear for the purpose of generating fear itself, but rather to get you to think!  Your mobile device(s) are essentially a computer and no one I know would leave their computer unprotected these days – unless of course they never hooked up to the internet, just figure the odds on that?  Poking around I determined a guestimate that 90% of American Households posses at least one computer (this percentage seemed pretty constant) and approximately 75% of American Households have internet access (I saw a low of 62% and as high as 85%, so I went just above the average).  The funny thing is most people who do not posses a computer, even on the poverty line in the economic spectrum, seem to have the means to possess a smartphone.

Now, there are some free apps out there for protection and there are some for cost.  How good they are, your guess is as good as mine.  Perhaps the best place to check this out would be Consumer Reports or some thing like that.  Look into it and keep your stuff backed up so you can recover from something potentially catastrophic.

Until the next time my friends!

https://net-security.org/malware_news.php?id=2004