Need some advice on learning networking

Re: Need some advice on learning networking


True that. There's not a day that goes by that I don't use ping. Another one high on that list is traceroute.

Re: Need some advice on learning networking

It's more than that. For all intents and purposes, it *is* the OS. The GUI on top is just an abstraction layer that just runs the CLI commands in the background whilst giving you something to look at.

While many of the DOS commands are there, the NT version of it was a complete re-write as opposed to a bolt-on of new features. Even that is starting to go away in the Windows world as PowerShell becomes the default CLI, though most of the old commands are set as aliases for the respective cmdlet in PowerShell.

Sent from my BlackBerry using Tapatalk

Re: Need some advice on learning networking

It's often not that companies don't want to upgrade as much as other factors. In the size of company we support (1-300 staff) it often comes down to a mix of the following:

1. There's no accurate inventory of just what's on the network, or documentation of how things communicate: upgrades happen but someone recalls an issue from years past where something broke because something was turned off, so it's better to just keep that old protocol turned on, or find a way to bridge it through custom configs or adapaters.

Often this is done for equipment that's long gone or for compatibility with software and systems that have been upgraded and no longer need the workarounds. The biggest drain on my time with any customer is documentation: without knowing what's where, what it's for, and what it does, you can't have a good handle on your needs, deficiencies, or metrics of performance.

2. Something mission critical to the operation is too expensive to replace. You'll see this in industrial, medical, and scientific areas: anywhere there's some sort of validation that's required on the output. Vendors spend piles validating their equipment on a particular OS, with a particular configuration, or even on specific hardware. Anything outside of that is a deviation that they won't support. The lifecycle of this equipment is generally measured in decades, and the validation process is expensive for the vendor so once they get certified, they sell that configuration for as long as they can. The vendor has to pass that cost on and the replacement machines can easily be six figures.

I've had vendors still supporting things like cell counters that boot from floppy disks running Windows 3.1 because they're validated for some types of tests that newer equipment can't meet. I've also seen instances where the original vendor has been sold, with the buyer then being bought by someone else, who then splits that company into smaller ones that then sell off the patents to someone else, but still get stuck with supporting the in-place equipment due to existing support contracts. All of this leads to needing all sorts of workarounds if the equipment needs some degree of connectivity.

3. The company itself has changed hands, spun off, or just happened to buy up someone else's second hand equipment to get started. This is close to situation 1, except that this is more of a case of people using equipment they're already familiar with as a starting point.



Sent from my BlackBerry using Tapatalk

Re: Need some advice on learning networking

I wish I could do a better job of explaining some of the cool stuff that you can do with routers & switches. It's not so much the end result that I love (although it's very cool) but rather the interworkings of the protocol that creates the magic.


I've talked about the Hot Standby Routing Protocol before but I want to try to explain it in hopes that you can see the genius in it.


Let's review the basic default gateway that we're all familiar with. When we ping an address that not our our LAN then our PC knows to automatically send the packet to our default gateway.

If for some reason our router goes down, then we can't reach the internet.


Here's the genius of the Hot Standby Routing Protocol (HSRP).

Here's the topology:

hsrp.jpg


As you can see, now we have two routers and 2 default gateways. Of course, our computer can only use 1 default gateway. So, what's the point of having 2 gateways?

Here's how it work.

We enable HSRP and it creates a virtual router that will route traffic to both routers but not at the same time. One of the routers will be the priority router and it will be our default gateway, but if it goes down, then the other router will become the default gateway.

PS - The virtual router will have it's own IP and Mac address and we use the IP address of the virtual router on our PC.


Did that make any sense at all?

Re: Need some advice on learning networking

I find myself in a strange situation on my journey to getting CCNA certified. I'm 50% done with the course and I need to learn the other 50% but, unfortunately, knowing a protocol/subject isn't enough to pass the test.

I have purchased 5 practice exams that were written to closely mimic the real test. Here's the challenge....


The questions are written in such a way that it's designed to throw you off. Very tricky. I'm not saying this is a bad thing but it does force me to learn a lot of terms that I'm not readily familiar with. And it has forced me to review EVERYthing that I previously covered. It's very fucking time consuming. On the positive side, a thorough review has been helpful for anything that I may have missed the first time around.

Because of this course, I will never look at a switch or router the same way again. My ignorance was bliss.

Re: Need some advice on learning networking

A couple of things to remember:

1. The 7 p's, Proper prior preparation prevents piss poor performance
2. RTFP Read The Fucking Problem

Re: Need some advice on learning networking

I'm gong over port security and it suddenly hit me that there's a lot of networks out there that are highly vulnerable.

When the ports are left open and unprotected, someone could introduce a mac address flooding attack. The switch only has so much memory and it will crash when flooded. There's a couple of different ways of dealing with this but I'm still going over it.

Re: Need some advice on learning networking

There are also a lot of individual computers out there that are highly vulnerable. It is not as bad as it was in the past with older OS versions. Windows 10 firewall is good as long as it has not been modified. Too many people however rely on Windows Defender for malware protection and it is not that great. Potential Unwanted Programs, PUPs, are able to get past it and reek havoc on the system by opening ports on the firewall. A number of big name "Protection" suites also fail when it comes to PUPs.

Re: Need some advice on learning networking


I'm pretty ignorant on security but there's an entire section on network security and next generation firewalls that will be covered later in the CCNA course. I'm kinda looking foward to that. Well, that and wireless.

Re: Need some advice on learning networking

Defender for Windows 8 and higher is actually a pretty strong AV. The older version available for XP though 7 was a pretty weak baseline system. The newer version uses the same engine as Microsoft's paid solution included with SCCM/SECM without the reporting components and remote configuration features. It also doesn't add in kernel level shims that third-party AV have to add, or the additional resources that the more popular AV solutions generally take.

The days of third-party security software are close to gone. Just like no-one buys a standalone firewall for their PC any longer.

Sent from my BlackBerry using Tapatalk

Re: Need some advice on learning networking


You've mentioned this before and I checked on it. From everything I've read, I have to agree. Plus, I've never had a problem running only Windows Defender.

Re: Need some advice on learning networking

In the early days of Windows 95 and 98 I learned about security from Steve Gibson's website, GRC | Gibson Research Corporation Home Page When I was in Iraq in 2005 his SpinRite helped me keep an ailing HDD running long enough for me to get and install a replacement.

Re: Need some advice on learning networking

I have had customers who have had problems including ransomware with only Defender.

Re: Need some advice on learning networking

Ransomware, depending on how it's built, can be very hard for any AV. Often it's leveraging some other weakness in software installed on the machine or in the OS and then leveraging legitimate tools to pull the commands it needs to download and begin the process of encrypting a machine. Often there's nothing for the AV to really latch onto.

Defence in depth is more than just having an AV and firewall on your systems. It's configuring where executables can launch from, network segmentation, principle of least privilege and other common methods. Also, there should be no data residing only on client systems. The repository should be SharePoint, file servers, or other resilient systems. Infected endpoints should be the last thing to bring an organisation to a standstill.

Sent from my BlackBerry using Tapatalk

Re: Need some advice on learning networking

Thus far most of the technology that I've covered was foundational information. That's not the case anymore. The train has left the station and I'm now dealing with advanced networking topics.

A few chapters back I learned Spanning Tree. I learned how the root bridge and ports are elected and which ports would be blocked to prevent a broadcast loop. This was basic spanning tree. It should be noted there are several different versions of spanning tree. Some are open source and some are Cisco proprietary.

You may be asking yourself why we need different versions of Spanning Tree. Well, Spanning Tree has been around for 30 years and improvements have been made in convergence time - the time it takes for it to get up and running. Moreover, Spanning Tree is run at Layer 2 - the switch level - and there's a potential problem if we're using VLAN's.

The original spanning tree protocol only applied to a single VLAN (vlan 1) and that meant that the same spanning tree configuration also applied to VLAN 10 , Vlan 20 and all VLANs.

Oh, don't get me wrong, it still worked and it prevented broadcast loops on all VLANs but the problem is that VLAN 10 is segmented and doesn't use the entire topology so there's no need to block the same ports and by doing so, traffic is being sent the long way round.


I know that sounds complicated and it is. But after a little practice, it's easy to understand.

That's why Cisco developed PVST+ - Per Vlan Spanning Tree protocol.


The bottom line with PVST is that we can manipulate which way traffic flows for the different VLANS to ensure that the best path is selected.