Login

Register

Login

Register

#cybersecurity | #hackerspace |

Network traffic analysis for IR: Introduction to networking


Introduction

Computer networking is one of the most important skills that incident responders are required to have. Analyzing network traffic as an incident responder is about more than just noting strange activities and anomalies on the network: you need to know the ins and outs of how a network operates. 

In this article, we will introduce the important computer networking aspects that incident responders need to be aware of.

Understanding IP addressing

A computer network is made up of IP addresses, which are numbers that are assigned to each host connected to a computer network. IP addresses serve the function of identifying which hosts exist within the network and categorizing the hosts into separate networks.

IP address representation is given in human-readable format, such as 172.16.254.1 in IPv4 and 2001:db8:0:1234:0:567:8:1 in IPv6. The following sections describe the things that IRs must be aware of about IP addresses.

Classes of IP addresses

When conducting a hacking exercise, it will be very important to understand the “scope” of the operation. A hacker would not want to attack across networks that are not within the target range. In a penetration testing engagement, this would result in the hacker attacking hosts that were not intended to be attacked or that are outside the organization.

The following table shows the classes of IP addresses that exist:

Class First octet value Subnet mask
Class A 0-127 8
Class B 128-191 16
Class C 192-223 24
Class D 224-239
Class E 240-255

Class A, B and C IP addresses are used for host identification, whereas classes D and E are used for other purposes. For instance, class D is used for multicast and class E is used for various experimental purposes.

Public versus private IP addresses

Hackers need to know the (Read more…)



Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW