Explain it: IP addresses

IP addresses are how all our internet connected devices communicate with each other with great synergy, without these addresses your devices cannot communicate. IP addresses are important for both inside and beyond the firewall.

Each Internet connected device has an unique address on the Internet, which can be used to send things to it. This is what we refer to as the IP address. There are actually two IP versions in use on the Internet today, which coexist but vary in the form of the addresses:

  • Internet Protocol version 4 (IPv4) is the most common protocol used by Internet connected devices. IPv4 addresses consist of 4 bytes worth of information, i.e., four dot-separated numbers each in the range of 0–255. This makes a total of 232 = 4,294,967,296 unique addresses on the Internet. For example, Yahoo’s server IPv4 address is 206.190.36.45.

 

When IPv4 was created, it was not known how many interconnected devices there would be. Despite the relatively large number of address, we have already exhausted our pool of IPv4 address, click here to learn about one solution.

 

  • Internet Protocol version 6 (IPv6) is the successor to IPv4. IPv6 uses longer addresses that support 7.9×1028 times as many addresses as IPv4! IPv6 addresses are made up of eight colon-separated groups of four hexadecimal digits per group, where leading zeroes in each group may be omitted for brevity. Yahoo’s server IPv6 address is 2001:4998:c:a06::2:4008

 

Advertisements

Explain it: DDoS attacks

DDoS, denial of service, attacks have been well documented throughout internet history. The basic principles of the attack is flooding and overwhelming an online service by flooding it with traffic from multiple sources. It makes it impossible to stop the attack simply by blocking a single source as it comes from a range of different sources.

 

There are 2000 recorded attacks every day and the average price of an attack costs $150 on the black market. Furthermore a simple DDoS attack can be flooding a small server with emails from like petitioning websites  where hundreds of petitioners sign and the email gets sent to the cause. Thus overwhelming the servers.

 

The first step in creating a DDoS attack is building capacities. Attackers often build huge networks of bot computers, this can be done through creating a virus and malicious software in emails, applications, torrents and social media. Once the device is infected, they are able to remotely control the device without the user’s knowledge to attack a specific online service. They essentially build up an army of computers and devices with many being millions strong.

 

The second step is to generate large amounts of traffic to overwhelm the target, this may be banks, news websites and email exchanges. This could be sending many requests from each device and also sending huge amounts of random data to the server to use up the servers bandwidth. The server cannot handle all this data and requests and then either freezes or shuts down.

 

Attackers often sell their services to people willing to DDoS attack a specific website or company, they are bought through the dark web and online marketplaces. A DDoS attack that can last a week long and can take a small organisation weeklong and cost as little as $150.

 

There are different classes of attacks which include;

  • TCP connection attacks
  • Volumetric attacks
  • Fragmentation attacks
  • Application attacks

 

Nowadays, these attacks can take down DNS servers, which halt internet productivity and internet services. A recent major attack had brought down large services like Spotify and Twitter. With attacks affecting DNS servers, the future of the internet is fragile with more and more bots being created, thus allowing for larger DDoS attacks.

 

Read more about the different types of attacks here: https://en.wikipedia.org/wiki/Denial-of-service_attack

Explain it: NAT

Network address translation was created due to the exhaustion of IP address, Ipv4. Ipv4 is the standard for current day IP addresses, however it was created sometime around 1981. Back then they did not account for the millions of internet connected devices. Ipv4 is a series of 32 bits, which means there is a physical limitation of 2 to the power of 32 unique IP addresses. With the current growth rate, we would use up all these addresses with new smart phones, fridges and any internet connected device. Two major solutions were used to combat this, Ipv6 and NAT. Ipv6 allows us to have 2 to the power of 128 unique IP addresses.

 

With the limitations of IP addresses, network address translations were used to make better use of the limited addresses. To explain it simply, the router links up all the devices in your home into one public ip address. It is similar to an apartment building. To the outside world, they are one building, but once you go inside you see the different people who live there. The router is the apartment building and the people who live there are the internet devices connected to the router. This means, within the private network, each device is given a unique ip address. Instead of having 6 unique IP addresses, the NAT cuts it down to one. This limits the number of public IP addresses an organisation or household would use. Furthermore NAT’s act as an firewall, lets say you have a printer connected to your router. The NAT only allows private IP addresses access to the printer to ensure no random can print to your printer. This provides a security to the home user or business if they store their files on a NAS (network attached storage).

 

Now, lets say a computer request to visit bkmedia.co, the NAT see’s that this request is not for a device in the private network, the NAT then makes the exact same request using its own public IP address and delivers the response to the computer which requested the resource. This therefore means all your devices would have the same public IP address to an outside organisation.

 

NAT’s are very important, without them, security would be breached, we would run out of IP addresses and the internet would look a lot different.

 

Explain it: DNS

Every website has a specific and unique IP address, however remembering each individual IP address can be a painful experience and a misprint of a number leads to a completely different website. Instead, we have domain names which provide a much more human-friendly approach, which maps a string of letters and numbers to a direct IP address.

 

For example, the popular social media website, Facebook, has a domain name www.facebook.com instead of its long IP address (66.220.144.0). No-one would want to use Facebook if it didn’t have a domain name.

 

The infrastructure that allows us to register these domain names to a specific IP address is through a DNS server. Your internet provider would have its own DNS where it can potentially filter out specific IP addresses such as torrenting websites.

 

Therefore, the DNS essentially works like a yellow pages or white pages. You type in the domain name, your browser connects to the DNS server which matches up the domain name with the correct IP address and then you are presented with the correct website.This all happens in the matter of milliseconds!

 

This is just the tip of the iceberg, for a more indepth look at DNS and DNS resolutions, I would recommend looking at http://computer.howstuffworks.com/dns.htm