Your Path into Cybersecurity: Understand Networking (S1: Ep2)

A series based on the original 10 step pathway

To “Understand Networking” was the 2nd point in my original 10 step pathway article.

Networking is a fundamental component of Cybersecurity. How can one protect a network that one doesn’t understand? <I’m out in cyberspace waiting on the answer>...still waiting.

So, some people may be thinking - “Ok, computer networks, got it! But what exactly do I need to know?” Well, there is great deal to explore, and the depth of your knowledge will only make you that much more desirable. I can't tell you the best mode for you, as we all have different learning styles. But remember, the development of computers began in the 1950s; and there has been much iteration and innovation since then -- I think this is debatable. I actually think we experienced slow and steady growth, then a surge in innovation. But, I digress.

Understanding basic concepts, such as, the OSI model, protocols (e.g. TCP/IP, DHCP, ARP, ICMP, HTTP, FTP) will give you a foothold on how networks function under the hood. It’ll allow you to discern how packets are being transmitted and if typical methods of transmission are being used. You’ll be able to identify how data moves across stacks, and if traffic you are observing follows expected RFC (IETF Request For Comment) standards.

You should understand network infrastructure - the resources that enable network connectivity. If you have a grasp on the way infrastructures are setup, you should understand how the hardware and software of your network work together to allow communication flow, organization and management of the enterprise - within and between intra, inter and external networks.

With that, you’ll be able to ascertain why communication is occurring between certain IP addresses, why traffic is being off-loaded to another server and a host of other important types of activity on your network.

Think about it - a network designed for high availability, which is true for most enterprise networks, should be highly available, fault tolerant and redundant. If you understand how your network is setup to achieve these goals, you should have much of the information you need to be in a better position to protect it.

There are tons of free resources online to get you up to speed on your networking knowledge. However, my favorite suggestion, is to work on a project to reinforce theoretical concepts.

So, queue project proposal. If you are just starting out, build a small home lab. Check out all the home labs with varied complexity at /r/homelab/.

I promise not to wait a whole month before writing Ep 3. Geez! Time waits for no one.