Network basics

Nee WhatsApp la message anuppuva, Netflix la movie paappu, Google la search pannuva — ivanga ellam network through dhaan nadakkudhu! 🌐

Cybersecurity learn panna, networking basics theriyanum. Hacker epdhi un network la enter aaguran, epdhi data steal pannuran — idhellam network knowledge illama puriyaadhu.

Indha article la IP addresses, DNS, TCP/IP, firewalls, VPN — cybersecurity angle la paapom! 💪

Internet = Network of networks. Simple ah sonna — computers connected together.

Nee Google.com type pannum bodhu enna nadakkudhu:

1. 📱 Un device browser la "google.com" type pannuva
2. 🔍 DNS server google.com → 142.250.190.78 convert pannum
3. 📡 Request un router through ISP ku pogum
4. 🌐 ISP through internet la Google server reach aagum
5. 💻 Google server response anuppum
6. 📱 Un browser la page load aagum

All this happens in milliseconds! ⚡

IP Address = Internet Protocol Address — un device's address on the network.

IPv4: 192.168.1.100 (32-bit, 4.3 billion addresses)

IPv6: 2001:0db8:85a3:0000:0000:8a2e:0370:7334 (128-bit, virtually unlimited)

Types:

🏠 Private IP — Internal network (192.168.x.x, 10.x.x.x)

🌍 Public IP — Internet-facing (ISP assigns)

🔄 Dynamic IP — Changes periodically

📌 Static IP — Fixed, doesn't change

Subnetting basics:

• IP address + Subnet mask = Network identification
• 192.168.1.0/24 means 256 addresses in that subnet
• Subnetting helps segment and secure networks

Security tip: Un public IP address hide panna VPN use pannunga. Hackers un IP therinjha, un network target panna easy! 🎯

Networking la everything 7 layers la work aagudhu — OSI Model:

Memory trick: "All People Seem To Need Data Processing" (top to bottom)

Cybersecurity professionals every layer la attacks and defenses therinjhukkanum! 🛡️

Data transfer la two main protocols:

TCP (Transmission Control Protocol) 🤝

• Connection-oriented — "handshake" first
• Reliable — lost packets re-send aagum
• Ordered — correct sequence la deliver aagum
• Slower but accurate
• Use: Web browsing, email, file transfer

UDP (User Datagram Protocol) 🏃

• Connectionless — just send!
• Unreliable — no guarantee of delivery
• Unordered — packets any order la varum
• Faster but may lose data
• Use: Video streaming, gaming, VoIP

Security note: TCP's 3-way handshake (SYN → SYN-ACK → ACK) can be exploited in SYN flood DDoS attacks! 🌊

DNS translates human-readable names to IP addresses.

DNS Lookup Process:

1. Browser checks cache — recent visits stored locally
2. OS checks hosts file — local overrides
3. Query goes to Recursive Resolver (ISP's DNS)
4. Resolver asks Root Server → "Where is .com?"
5. Root says → ask TLD Server (.com server)
6. TLD says → ask Authoritative Server (google.com's DNS)
7. Authoritative responds with IP address
8. Browser connects!

DNS Security threats:

🔀 DNS Spoofing — Fake DNS responses redirect to malicious site

💀 DNS Hijacking — Change DNS settings to redirect all traffic

🌊 DNS Amplification — DDoS using DNS servers

Secure DNS: Use DNS over HTTPS (DoH) — encrypted DNS queries. Cloudflare (1.1.1.1) or Google (8.8.8.8) use pannunga! 🔒

Every network service oru specific port la run aagum:

Port Scanning = Hackers open ports find panni attack pannuvanga. Nmap tool use panni port scan pannalam.

Security rule: Unnecessary ports close pannunga! Only needed services ku ports open pannunga. Less open ports = less attack surface. 🔒

🔥 Firewall = Network traffic filter — good traffic allow, bad traffic block.

Types:

1. Packet Filter — Source/destination IP and port check

2. Stateful Inspection — Connection state track pannum

3. Application Firewall (WAF) — Layer 7 protection

4. Next-Gen Firewall (NGFW) — Deep packet inspection + IPS

Home firewall setup:

- Router's built-in firewall enable pannunga ✅

- Windows Firewall / macOS Firewall ON pannunga ✅

- Unknown incoming connections block pannunga ✅

- Outbound rules set pannunga (malware calling home block) ✅

Enterprise tools: Palo Alto, Fortinet, pfSense (free), Cisco ASA

VPN = Encrypted tunnel through internet la data travel aagum.

Without VPN:

You ──── [Open Internet] ──── Website

(Anyone can see your traffic! 👀)

With VPN:

You ──── [🔒 Encrypted Tunnel 🔒] ──── VPN Server ──── Website

(Traffic encrypted, IP hidden! 🛡️)

When to use VPN:

• Public WiFi (airport, coffee shop) — MUST ✅
• Privacy protection — ISP can't see your activity
• Geo-restricted content access
• Remote work — company network secure access

Warning: Free VPNs (Hola, SuperVPN) un data sell pannalam! Trusted VPNs mattum use pannunga. 🚫

Wireshark = Free network traffic analyzer. Cybersecurity essential tool! 🔧

What you can do:

• Network packets capture and analyze
• Suspicious traffic identify
• Malware communication detect
• Network problems troubleshoot

Quick start:

1. wireshark.org la download pannunga
2. Network interface select pannunga (WiFi/Ethernet)
3. Capture start — packets flow paapom!
4. Filter use: http, dns, tcp.port==443

Useful filters:

• ip.addr == 192.168.1.1 — specific IP traffic
• http.request — HTTP requests only
• dns — DNS queries
• tcp.flags.syn == 1 — new connections

Ethical reminder: Un own network la mattum use pannunga. Others network sniff pannuradhu illegal! ⚖️

Network basics recap:

✅ Internet = Network of networks, packets through data travel

✅ IP Address = Device's network address (IPv4/IPv6)

✅ DNS = Domain names to IP translation

✅ TCP/UDP = Reliable vs fast data transfer

✅ OSI Model = 7 networking layers

✅ Ports = Service entry points (443=HTTPS, 22=SSH)

✅ Firewall = Traffic filter and protector

✅ VPN = Encrypted tunnel for privacy

Next article: "AI in Cybersecurity" — how AI is revolutionizing threat detection! 🤖🛡️

Challenge: Network Security Lab Setup

Oru week time la network security hands-on practice pannunga:

1. Packet Analysis with Wireshark — Wireshark download and install pannunga. Un home network traffic capture pannunga. HTTP requests analyze pannunga — passwords transmitted plaintext ah paapom (HTTPS la protected).

1. Nmap Network Scanning — Virtual lab la Nmap install pannunga. Network scanning practice pannunga: nmap -sV localhost. Port scan, service detection, OS fingerprinting — ellam try pannunga.

1. Firewall Rules Configuration — Un router administration panel access pannunga. Port forwarding rules check pannunga. Unnecessary ports close pannunga. Inbound rules configure pannunga (only necessary ports open).

1. VPN Setup — OpenVPN or WireGuard setup pannunga. VPN la connect panni IP address change aagum, location mask aagum paappom. Leak test (ipleak.net) run pannunga.

1. VLAN Simulation — GNS3 emulator download pannunga. Virtual network segment create pannunga. VLAN trunk, access ports, routing — practice pannunga.

1. DNS Security — Un ISP DNS change pannunga Cloudflare DNS (1.1.1.1) la. DNS over HTTPS (DoH) enable pannunga browser settings la.

Certificate: Nee network security engineer! 🌐🔐

Q1: OSI model explain pannunga — cybersecurity perspective la.

A: 7 layers — Physical, Data Link, Network, Transport, Session, Presentation, Application. Each layer different attack vectors irukku. DDoS = Layer 3/4, Phishing = Layer 7. Defense = each layer la implement pannunga.

Q2: TCP/IP vs UDP — security implications?

A: TCP connection-oriented, reliable, slower. UDP connectionless, fast, unreliable. DNS (UDP), VoIP (UDP) speed need. Sensitive data TCP use pannunga. DDoS attackers UDP floods use pannuranga — lightweight, high volume possible.

Q3: Firewall stateful vs stateless?

A: Stateless = packet-by-packet filter, simple. Stateful = connections track pannum, understand pannum. Modern firewalls stateful — established connections allow, suspicious patterns block.

Q4: VPN architecture — how to implement securely?

A: VPN server infrastructure set up pannunga (OpenVPN, WireGuard). Certificate-based authentication use pannunga. Encryption (AES-256), authentication (SHA-256). Split tunneling disable pannunga (all traffic through VPN go pannunga). Regular audit.

Q5: Network segmentation strategy — how to design?

A: VLAN separate panni business function by (finance, engineering, guest). Each segment different security level. DMZ create pannunga (public services). Internal networks restrict pannunga. Access Control Lists (ACL) implement pannunga between segments.