Ten networking concepts and analogies your grandma would understand ??
Understanding the fundamentals of network concepts is important in any security analyst roles because network security is a significant line of defence against external attacks.
In my experience, the amount of information from courses like CompTIA Network+ can be overwhelming and saturated to the point you forget basic concepts if it isn't applied in daily practice. I have compiled ten networking concepts that even your grandma could understand.
1. IP Addresses
The most popular analogy is the postal service. For the postal service to work, each house on a street must have a unique address.
If you need to send a letter to a recipient, you must know their destination address. That way, when you send the letter, the postman knows who to deliver it to.
Each computer on a network has a unique IP address. When sending data to a computer, just like a letter, we need to add the destination address.
2. Port Numbers
Using the postal service analogy again, a port number in this context is the letterbox.
The letterbox gives the postal service access to your house and computers work the same way.
The post in this case is the application data and the letterbox is the port number for that application.
Now instead of a house, it might be a server and this server could be a mail, web or application server.
3. DNS (Domain Name System)
The same way a phonebook matches up names to number, a DNS matches domain names (such as www.google.com) to an IP addresses.
This phone book is hosted on DNS servers that are distributed across the world.
The letterbox (port number) is 53.
4. Firewall
Imagine visiting a friend who lives in a gated community. You would first get permission from a security guard.
The security guard would check with your friend if you should be allowed access. Based on the friends rule, you'll be denied access or granted access.
The role of a security guard is similar to that of a firewall. Firewall is a security tool that filters in coming and out coming traffic within a private network.
5. DMZ (Demilitarised Zone)
DMZ and the firewall are like your home.
The DMZ allows friends to come around your home and visit the accessible part of your home that you're happy for them to access, but the other side of the firewall denies them access to your bedroom so they can't see the stains on your bedroom sheets (personal data).
The DMZ exists to protect the hosts from cyber attacks and other potential threats. These hosts usually involve services that extend to users outside of the local area network, the most common examples being?email, web servers, and DNS servers.
6. Default Gateway
Again, let's consider your house as a your network and people living on that house as packets.
If any person needs to go out or go another house (internet or onto another network), he or she has to pass through main door (default gateway).
In the same way, packets in your network need default gateway to go out and communicate to internet or other part of the network.
7. VPN (Virtual Private Network)
Imagine you live in an island on an ocean and there are thousands of other islands all around you. The island represents a private local area network (LAN) and the ocean is the internet.
Travelling by a ferry is like connecting to a web server through the internet because anything you do can be seen by someone else. Building a bridge between two islands separated from the ocean is similar to a VPN.
VPN is a secure tunnel between a device and the internet that is invisible to the hacker.
You could say hackers are the predators of the ocean and users are the prey (two for one).
8. Latency, Bandwidth and Throughput
Imagine bandwidth as a pipe and?your data as water.
Latency is?how fast the water can travel. In a network, latency measures the time it takes for some data to get to its destination across the network.
The bigger the pipe, the more water can travel at a time. Throughput is water. Throughput is affected by latency and bandwidth.?
9. Denial of Service (DoS)
A DoS is similar to that of people crowding in front of an entry door of a shop, making it hard for legitimate customers to enter. This disrupts trade and so to fix this you'd need security guards (firewalls) to filter on in coming and out coming customers.
In a network, A DoS is an?attack meant to shut down a machine or network, making it inaccessible to its intended users.
10. Load Balancer
Using the shop analogy again, suppose people were crowding in front of an entry door of a shop in a mall, making it hard for legitimate customers to enter, thus causing disruption.
One way to fix this is by adding a turnstile in the entrance of the mall to manage in coming and out coming customers.
The turnstile is a device that is similar to that of a load balancer for distributing traffic flow across application and/or a network to prevent DoS.
Aspiring Penetration Tester. Cybersecurity | Red team
7 个月I love the comparisons to everyday life
I rest after giving my Best ????
2 年This is amazing.. anyone can understand when its taught via analogy ????
G’day Jamie, nice. Actually i like this - although in the past I use a Hotel as an explanation. Particularly the Port - as they can be the rooms in the hotel. One thing you can also add easily into your example is encryption, a post card is unencrypted as everyone can read it, and a letter can be encrypted. Not sure you need to extend MTU into it as parcels, but great stuff. The postal system is also good to explain routing around damage.
Oh wow Jamie - when I read this I wondered if I interviewed you! I had this same conversation with a grad that was applying for a role. They had done a 3 year computer science course and attained a degree but had never used the cloud, didn't know anything about web apis and other basic stuff I would expect a computer science grad to know to be ready to work in a technical IT job in this day and age. I felt very sorry for him after investing 3 years of his life and accumulating HECS debt o be in a position where he didn't have the skills he needed to land the job he was expecting I felt was an outrage. I had another grad do an internship 1 year into his degree in cyber security. I asked him what cyber things he'd learned in his first year, to which he responded 'nothing'. I'm a strong advocate for young people investing the time to make sure their tertiary qualification is going to give them the skills and experience they need to land their dream job. Hold tertiary institutions to account. You're paying for a service from them. Make sure you are getting what you need and challenge them if not. Be prepared to move to another provider if they can't. Employers want the skills and expedience, not the paper.
Cyber Security | Technical Support Analyst
3 年I love the way you explained everything with such good comparisons. Thank you for sharing ??