#01 - Network Basics

Day 1️⃣ of Your SOC Analyst Journey

What’s the simplest Network and how does it work:

Over the next 30 days, I will teach you something new every day so that YOU can become a Security Operations (Center) Analyst soon

You ready? 🚦

Let's go 🚀

Everything starts with networks - they are the foundation of modern work places

• any computer to computer interaction requires some form of network

The smallest possible network is peer-to-peer - that means 1 computer to 1 computer (directly).

computer1 ←→ computer2

To connect them you need:

• a cable
• and one network interface controller (NIC) each

(sometimes they are also called network cards)

These network cards have a specific cable that attaches to them

They are called ethernet cables or RJ45 cables

You have probably seen them around your house if you were alive in the late 90s before Wifi was cool and reliable

Now back in my days (it seems I am very old… 👴) you needed to have a special type of ethernet cable to directly connect 2 computers:

Cross-Over cables

Cross-what?

To understand this concept better let's first make a reduced proof of concept

In the picture below we have a 2 pole cable that shall connect two devices

You plug it into one device on the left side and another one on the right

How do you make sure they can exchange information?

🤔💭

Let's first try to connect the cable directly with the same poles in the same positions

Machine 1 on the left sends data via the Send cable (blue)

and that one is plugged into the Send (blue) on the other side

Well … That wont work, right?!

Exactly, if we push data over the “Send” cable the data will not be received because…

well it is not hitting the receive cable 🤷

Dang it.

Well we tried - now on to debugging.

Ok, so HOW do we get the data from the sender cable to the receiver port on the right side?!

We could just swap the Send/Receive on one side of the cable, no?!

DING DING DING, we have a winner. 🙌 🏆

If we swap the positions of Send and Receive

like in the 2nd part of the picture above

the devices can exchange information because they each get the correct data on the port they expect it

Uhh whats a port?

Good question - as you probably know, a cable needs to be plugged in somewhere

No plug, no need for a cable - much like wifi cable 😎

A physical port is the connector

that you plug your cable into

It might also be broken down into many ports,

one for each of the poles inside the cable

Let us also visualize this concept a little more with some bare-minimum concepts.

OK MY MIND IS YOURS 🧠💨 🤯

In the picture below you can see what would happen if we connected two devices with the same orientation of the cable

The devices would both try to send data (on the SEND - TXD - lane) and somewhere inside the cable a data crash would happen 🚗💥🚙

A cable can be imagined similar to a railway 🚃

it's one-way only and if you turn around you will face a lot of trouble and at some point jail time because you should not be driving (anymore) 💫😵‍💫

By the way, another tragedy would happen on the RECEIVE (RXD) lane, both devices would listen…

But none of them would ever receive anything.

Sad little ears 🦻❌

You should now understand a little better why we need(ed) a cross-over cable to begin with

Back when no hardware was sitting in the middle between the two computers 👴🏼

P2P (peer-to-peer) connections were common use cases for the smallest instances of networks

like home networks 🏡

This simplified approach we looked at earlier is a little different nowadays

Our network cables have 8 different poles and the orientation of any of these 8 poles need to exactly right for present networks to operate

There are two standards that we use today for cable pole orientation:

T-568A and T-568B

In my experience T-568B is a lot more common so let's look into that one first.

The poles inside the ethernet cable according to T-568B are as follows from left to right:

orange-white

orange

green-white

blue

blue-white

green

brown-white

brown

The observant people 🤓 may have already identified that there seems to be a difference between the classic straight-through and cross-over cables

Remember how earlier we mentioned that to connect two computers in a peer-to-peer (P2P) network we would probably have to swap certain poles inside the cable?

That is exactly what is happening between T-568A & T-568B

The important thing to remember here is that certain areas of the cable have to be swapped

wait… so if a cross-over cable is for connecting two devices directly, what do we use a straight-through cable for?

Great observation 👀 - This is where we jump over to the next chapter to answer your question in the next post

I hope you learned something today 🤞

If you have any question - shoot me a DM or reply here