DEV Community

Aravind kumar TS
Aravind kumar TS

Posted on

Concepts for Network Security

#cybersecurity

If you are working in Infrastructure as Services you must be aware of the below. There is no point working in Cloud computing without the below knowledge. People join in Cloud computing jobs as freshers, they have no clue about ๐—ฆ๐—ฒ๐—ฟ๐˜ƒ๐—ฒ๐—ฟ- ๐—ฆ๐˜„๐—ถ๐˜๐—ฐ๐—ต -๐—ฅ๐—ผ๐˜‚๐˜๐—ฒ๐—ฟ -๐—•๐—ฎ๐—ฐ๐—ธ๐˜‚๐—ฝ Servers- ๐—ฆ๐˜๐—ผ๐—ฟ๐—ฎ๐—ด๐—ฒ ๐—ฏ๐—ผ๐˜…๐—ฒ๐˜€ (NAS/Software Defined) as days pass, they will be able to work on repetitive tasks alone and couldn't progress. Whenever you read, read it from scratch ask questions( Why, What, How)
๐——๐—ก๐—ฆ - Domain Name system. It maps your domain name with IP address. For example when you hit www.SANS.org it search the four servers available in the internet to find the Ip record.
The four servers are

  1. recursive resolvers, root nameservers, TLD nameservers, and authoritative nameservers. ๐—ง๐—Ÿ๐—ฆ - Transport Layer Security, Majority of the browser nowadays use TLS. The data you send over internet is encrypted. Apparently, majority of the email and chat platforms aren't using TLS. TLS use port 465. Follow this to enable TLS in your browser - https://lnkd.in/gytEmrpZ ๐—ฆ๐—ฆ๐—Ÿ - Secure Socket Layer - SSL encrypts the link between a browser and Web Server. It ensures the data is private and secure. You can generate a SSL certificate from your server - https://lnkd.in/gkJ8Qc46 ๐—›๐—ง๐—ง๐—ฃ - Hyper text transfer protocol - It operates at the TCP/IP level - The data transferred over this protocol is not private/not secure. Port number is 80 ๐—›๐—ง๐—ง๐—ฃ๐—ฆ - Hyper text transfer protocol secure - It uses http with SSL/TLS connection. The data transferred is secured/private. Port number is 443 ๐—ง๐—–๐—ฃ/๐—œ๐—ฃ ๐—บ๐—ผ๐—ฑ๐—ฒ๐—น - It is responsible for transfer of messages between two devices. TCP breaks your messages into packets and sends them to the destination. The suite of protocols TCP/Ip use is listed below - . Datalink layer .Internet .Transport Layer .Application Layer https://lnkd.in/gVKWyb4w ๐—ง๐—ง๐—Ÿ - Time To Live.

DNS records:
๐—” ๐—ฟ๐—ฒ๐—ฐ๐—ผ๐—ฟ๐—ฑ - This is also called host name record as it stores the host name details along with its IP address (Ipv4)
It maps the domain name to the Ip address of the hosting server. We can configure multiple A records for one domain name.
to view your A record, use this ๐’„๐’๐’Ž๐’Ž๐’‚๐’๐’… - nslookup -debug brave.com # (be it any site of your choice)
๐—”๐—”๐—”๐—” ๐—ฟ๐—ฒ๐—ฐ๐—ผ๐—ฟ๐—ฑ - This is exactly similar to A record wherein it stores your hostname along with your IPV6 address.
๐‚๐๐š๐ฆ๐ž ๐ซ๐ž๐œ๐จ๐ซ๐ - This is known as Canonical Name record where the domain name points to a different domain name.
Your request will reach the different domain name we specified earlier and its Ip address is returned.
Example - When you use a CName record and hit www.google.com the request redirects to www.yahoo.com (CNAME) and you are able to view the contents in www.yahoo.com
(Just an example here also applicable to offensive hack)
๐’„๐’๐’Ž๐’Ž๐’‚๐’๐’… in windows to check CName = nslookup -q=CNAME Shiva.com, In Linux = dig Shiva.com CNAME
๐— ๐—ซ ๐—ฟ๐—ฒ๐—ฐ๐—ผ๐—ฟ๐—ฑ - This is known as mail exchanger record; it directs your email to a mail server. Sender Mails without an MX record are considered spam and it gets rejected by mail server.
MX record points to A or AAAA record (Domain name).
If your email domain name doesn't have a MX record you can send email, but you can't receive an email.
๐ก๐ญ๐ญ๐ฉ๐ฌ://๐ฐ๐ก๐š๐ญ๐ฌ๐ฆ๐ฒ๐๐ง๐ฌ.๐ฆ๐ž/ - this site gives the DNS record details for your domain name.
To ๐’—๐’Š๐’†๐’˜ ๐‘ด๐‘ฟ ๐’“๐’†๐’„๐’๐’“๐’… ๐’๐’‡ ๐’‚ ๐’…๐’๐’Ž๐’‚๐’Š๐’ in windows.
In cmd :
1. nslookup
2. set type=mx
3. your domain name.com
The output gives information about the Mx record of the domain name you entered.
๐—ก๐—ฎ๐—บ๐—ฒ ๐—ฆ๐—ฒ๐—ฟ๐˜ƒ๐—ฒ๐—ฟ ๐—ฟ๐—ฒ๐—ฐ๐—ผ๐—ฟ๐—ฑ - This record points a dedicated name server to a domain, when you want to change the domain name server for a domain then this NS record should be updated. Every domain needs a name server so that the visitors in internet can reach them.
๐๐“๐‘ ๐ซ๐ž๐œ๐จ๐ซ๐ - This record knows as Pointer record can also be called as reverse DNS lookup record. When you send an email this record checks whether the domain name used to send this email,
belongs to a legit Ip address (allocated for that domain).
PTR record for the IP address 192.0. 2.255 would be stored under "255.2.0. 192.in-addr. arpa"
In the next post we will look into rest of the DNS records, various ciphers, different types of servers in network etc.
-brb soon
(My Linkedin post is replicated here)

Top comments (0)

Read next

theprotonguy profile image

Deploy Django Web App with SSL on VPS using Nginx & Gunicorn

Ayodeji Adesola -

sonnavigator profile image

5 HTML Tags & Attributes เธ—เธตเนˆเธ„เธงเธฃเธฃเธนเน‰เธชเธณเธซเธฃเธฑเธš SEO

Coffee Dev -

atony07 profile image

CREATING MY FIRST RESOURSE GROUP AND VIRTUAL MACHINE ON MICROSOFT AZURE

ATony07 -

behainguyen profile image

Python: A SQLAlchemy Wrapper Component That Works With Both Flask and FastAPI Frameworks

Be Hai Nguyen -