The Bending Begins
Intro
Hi there! Probably you don’t know me. This is my first attempt to write a blog. I go by @iamaangx028 on the internet— you can call me Aang :)
I am a student who is trying to get into the cybersecurity field. So, as a part of that journey I would like to share my progress with all of you as Weekly blogs.
Like the Avatar learning to bend all elements, Let us try to master the fundamentals of cybersecurity — web, network, APIs, Android, and more. One step at a time. One day at a time.
What Am I Doing?
Every weekday, I’ll learn something new — one concept at a time.
Every weekend, I’ll try to publish a blog containing 4 or 5 Weekday’s learnings like this one:
- A summary of what I learned
- Key takeaways
- Links, tools, and maybe even some “oh damn!” moments
Why Should You Care?
If you’re a beginner in cybersecurity, someone stuck in tutorial hell, or just curious about how a nobody can become something, then follow along. I’ll show the unfiltered, unpolished, human side of the journey — failures, wins, and all. Let’s start!
Day 1 — OSI Model ( The Most Loved but Rarely Used )
Please Do not Tell Secret Passwords Anyone 🤫
OSI Model is responsible for smooth working of Network Applications over the internet. It is the reason behind you being able to read this blog. I have learned OSI Model today and let me put that here what i have understood in easy-to-understand way. Let us try to understand 7 different layers. I will try to go from top to bottom.
- Application Layer
This Layer is responsible for Rendering the content. All of the Network Application (like Chrome, Skype .. etc.) uses the Application layer protocols like HTTP/S, SMTP, FTP, TELNET … etc. These protocols helps users to see what they receiver and send information. For example, I have written this blog on medium and published it. And now you are being able to read it via Medium because Application layer shows you the content received from the other layers.
2. Presentation Layer
This layer is responsible for translating the Data into Binary (1s & 0s). Then it does the Data compression to reduce the data the should be sent over internet. This Data compression can be Lossless or Lossy. This layer can also encrypt the data that it compressed to send it over the internet securely. And obviously it is capable of decrypting the received data. This is where the SSL ( Secure Socket Layer comes in).
3. Session Layer
This Layer is responsible for establishing a session to the destination computer. This layer does the session management. This layer also takes care of Authentication and Authorization enabling secure data access. Session Layer takes help of APIs ( Application Programming Interfaces) to do all of this work. A good example of this could be NETBIOS. Whenever our browsers request some data from servers, session layer keeps on eye whether all files go the intended sessions or not. Our Browsers take care of all these three Layers ( Application, presentation, session).
4. Transport Layer
Then comes the Transport Layer. This layer is responsible for Segmentation, Flow control, Error Control and Connection-oriented and Connectionless Transmissions. The data is segmented into segment. Each segment contains the Source & destination port along with sequence number. This sequence number helps in arranging the segments into the correct order. This layer is also responsible for the flow control of data. This layer uses the Automatic repeat request (ARR) to get the missing the segment (if any). TCP/IP is connection-oriented and UDP is connectionless transmission of data.
5. Network Layer
Then comes the network layer. This layer is responsible for the Address resolution, Routing and Path selection for Data packets. The Address resolution is of two types namely Logical addressing and Physical addressing. Network layer takes responsibility for logical addressing. In logical addressing, Every device that is connected to internet has an IP address ( ex: 192.168.1.1) the first three Octets (192.168.1) represents the Mask of the network the Data packets should be transferred. The last octet denotes the device itself in the network. The Network layer also adds the Source IP and Destination IP to the segment that is from the Transport Layer. The units in Network layer are called “Data packets”
6. Data Link Layer
The Data link layer comes after the Network layer. And takes the responsibility of Physical addressing. The data link layer appends the source’s and destination’s MAC address to the Data packet that are received from the Network layer. This MAC address is given by the manufacturer. The Data link layer software is installed into the Network Interface Card (NIC) at the time of manufacturing. The NIC is responsible for the Connection of the device to the other devices via a Media ( AIR, copper wire, fiber optics… etc.). The units in the Data Link layer are called “Frames”.
7. Physical Layer
Up to now everything we have seen will be 1s or 0s. But Now those binary 1s and 0s will be converted into the electrical signals. And those electrical signals will be transmitted via a Media like copper wire or fiber optics or AIR. And these will be received by the Receiver and will the exact same process happens in the reverse order to be able see this blog on your laptop.
This is my raw understanding (without use of any AI) of the OSI model. There is a lot more than this for sure. But I feel this is enough to get started. You can always refer to this YouTube Video to learn more here. If you noticed anything off, or want to add your own twist, feel free to reach out or comment.
Day 2 — TCP/IP (The story that we all should know before diving into TCP/IP stack )
Back in the 1960s, computers cannot connect or talk to each like how we do today. To solve that problem so engineers have decided to build a model/architect that enables different computers connect and talk to each other. Then in 1969, “ARPANET” was invented by the US DoD. That was the first initiative which was later followed by Big Tech giants starting building their own proprietary networking systems. Which mean an IBM computer can connect and talk to another IBM manufactured computer. But again that’s a big problem. So again engineers spent their time and energy in making the computer network what it is now! I mean they have eventually created two most important models, the OSI Model and TCP/IP stack. Many academic intuitions and even governments supported OSI as the standard. But OSI was more of a theoretical reference model, but TCP/IP became the de facto practical standard used globally. So, all agreed upon using TCP/IP stack. TCP/IP stack can be said as set of rules and regulations or say standards that all were agreed upon to follow. Then on, all of the computers irrespective of the manufacturer followed a standard. So, thanks to these standards, now we are able to send and receives files from different computers of different manufacturers.
Now coming to the TCP/IP architecture. Its the same but OSI model has Application layer, Presentation layer and Session layer. Whereas, in TCP/IP all those three layers are packed into Application layer. So, the purpose/working is also almost the same. I don’t want to go through that again and bore you 🥴
You can always refer to this YouTube Video to learn more here and here. If you noticed anything off, or want to add your own twist, feel free to reach out or comment.
Day 3 — Subnetting: Because Shouting Across the Entire Internet is a Bad Idea :)
Huh! Where do I even begin? How to start? This subnetting topic took me two days to learn when compared to other topics. Because it was not easy for me at least to understand and remember. But after understanding the concept I felt like, “Ahh! the time is worth”! let’s try to understand the concept slowly.
What the heck is Subnetting?
So, to simply put subnetting is a process of dividing a network into different smaller networks. We know that, an IPv4 address (W.X.Y.Z) has 4 octets. Which is again divided into two parts, one is Network Address and other is Host Address. Below is the Binary representation of 192.168.0.1:
11000000.10101000.00000000.00000001
Why the heck is Subnetting?
So the Internet Assigned Numbers Authoriry (IANA) divided the IPv4 into 5 classes from ( A to E ) as shown below:
- Class A IP are given to giant Organizations.
- Class B IPs are given to Medium sized Organizations
- And finally Class C IPs are given to smaller businesses and Homes.
So, Class A networks has over 16 millions IPs in each Network. Which is insanely difficult to manage if we start using them as is. So, then the network engineers has come up with an idea of Subnetting i.e., dividing the network into many smaller networks, which can be easy to manage. Also Without subnetting, computers in an large network will get shit out of them when they need to speak to another computer which is at the other end. Because every time a computer need to send information out to another computer, they first send an Broadcast message like “Hey, who is 10.125.4.5!” to literally each and every computer on that network. That flood of traffic slows down everything, eventually leading to system crashes too!. Like imagine you along with 1000 persons in a room. And you wanna talk to another person ( or even maybe your girlfriend MJ💖at the other end). Will you be able to ask every other person that “are you my MJ?” No! It is so exhausting. That’s where Subnetting comes in and says “Hey bro. Don’t worry I will help you find your MJ! by narrow down your search area!”
How the heck is Subnetting?
I will try to explain the process easily. To create an Subnet from the current network, you will need to Convert an Host bit to a Network Bit. For that you need to sacrifice the number of hosts that will be created in that each new subnets. Honestly I will suggest you take a look the following resources. I learned it from here
What the heck is CIDR?
Firstly CIDR stands for Classless Inter-Domain Routing. You may have seen peps saying 192.168.1.2/24.
192.168.1.2 is an IPv4 Address that we know. But what the heck is /24? Yes, that /24 is the CIDR. It is compact way of mentioning or saying the Subnet Mask by counting the 1s in it. We know that an IPv4 address has 32 Bits. Let’s again take the example, 192.168.0.1 can be written in binary as follows:
11000000.10101000.00000000.00000001
The CIDR /24 indicates the number of bits from Left that will be 1s. and remaining bits will be 0s. So, /24 in binary is written as follows:
11111111.11111111.11111111.00000000
When the binary is converted to Decimals, the above will be 255.255.255.0. The /26 will be 11111111.11111111.11111111.11000000 = 255.255.255.192 (Which is a Class C IPv4 address). Likewise, /20 will be 11111111.11111111.11110000.00000000 = 255.255.240.0 (which is a Class B IPv4 address).
Help yourself in converting Decimal to Binary and vice-versa from here. Yeah that’s it!
Day 4 — DNS Demystified: How Computers Find Each Other
We are humans. We easily forget somethings especially when it comes numbers. I am very bad at remembering mobile numbers 🥲. The similar kind of problems rose in the past. How could humans remember 32 Bit IP addresses in order to access the Website. So, to solve these problems, network engineers have come up with an Idea, which is what now we are calling DNS. It stands for Domain Name System. So, DNS basically acts as the Phonebook for internet.
When talking technically, if you want to visit a website, you can directly type in the IP address of that web server. But it is not possible to remember IP addresses of many different websites. So, DNS comes in here, whenever you enter a Domain name, DNS converts (actually finds) the IP address of the web server you are trying to access. Following is the Ideal flow of how it works!
You enter a Domain name in the browser and Hit enter → Browser checks in local browser cache → Checks in the local cache of the OS → Usually Goes to the Recursive Resolvers ( Your ISPs). But you can also tend to go to Public DNS servers like Google’s (8.8.8.8) or Cloudflare’s (1.1.1.1) → Root Server → Directs to the TLD servers along with TLD servers info → Directs to the Authoritative Name Servers ( Which contain all of the information related to that domain) → returns the IP address to Resolver → Resolver caches that domain name and IP address → sends back the IP address of that domain name you are trying to access. Your browser also caches that IP for future use!
You may need to remember this exact flow. I personally encountered some questions in the interview. Unfortunately, at that time I was not able to remember about the “Browser and OS” cache🥲. But, yeah its good to remember! You can learn more about this here!
Some Final Chit-Chats
Hey, if you’ve read this far — you’re doing amazing. Seriously. 👏
I have taken this challenge of writing and posting these blogs every week. Which is not I am usually used to! But yeah, will try my best to keep learning and posting. I know sometimes we cannot fully understand just by reading a blog. So, that’s why to help you, I am trying to mention the resources that I feel worth of sharing in the blog. So you don’t have to hunt them down yourself.
Also Hey, I am just learning how to explaining things clearly🤫
Let’s connect on X :) I would love to hear your thoughts!