OSI Model
The Open Systems Interconnection model is a conceptual model used in computer science to describe the processes that computer systems use to communicate over a network. It is composed of seven layers:
- Application
- Presentation
- Session
- Transport
- Network
- Data link
- Physical
These model is usually divided in two parts, the first 4 layers are associated
to networking and the last three to development. Combined it is also called DevOps.
The model goes from top to bottom in the de-encapsulation process
but going from bottom to top in the encapsulation process which can be named
sending data and receiving data.
Each layer is known for different purposes and starting from the bottom of this list, the physical layer is in relation to the actual cables. The data link layer is known for connecting local areas. The network layer is the outrageous IP layer. The transport layer is the slipery layer as it does not fall under the networking neither the development part of the OSI but it is one of the most interesting layer holding the secrets of the ports.
Upwards, it is considered the magical interface, GUI, you name it but this is what we actually interpret on screen.
Frameworks & Libraries
Numpy is a Python library used for scientific computing and data analysis. It provides tools for working with arrays. It surprised me to see how fast large data volumes where handled compared to normal arrays. On top of that, calculations on matrices are much easier to perform and it is easily pulling data from csv's.
Flask is a microweb framework in Python. It is super easy to set up, there is no abstraction layers when it comes to databases and forms! It is pleasant to read and write, even though the jinja syntax can be a bit frustrating which is a librairy used in the rendering of web pages by pulling what your application is serving.
SQLAlchemy is a Python library providing the tools to have no abstraction in a Flask application by mapping ORM to frames. The common tasks are easily performed and Flask also offers you to use 'Flask-SQLAlchemy' which creates database on the fly. This can be a disandvantage as you are defining, accessing and connecting to the database within the actual file. This is much more easier by using SqlAlchemy and not Flask-SQLAlchemy.
Bootstrap is widely used and well-regarded. It is open-source and is a framework for the front-end web development. It is fantastic to use, you can grasp on components, helpers and page elements very easily. The documentation is also super simple and accessible.
As it names implies, Sass is Syntactically Awesome ! The nesting makes it fun to structure and organise styles. It simplifies much more processes of writing complex styles.
Languages
C is a procedural programming language. It is old and its syntax is strict but C is amazing ! In C, you can directly interact with memory addresses. It is considered somehow a high-level as well as a low-level language due to its simplicity compared to Assembly but being much more strict compared to Python or others.
At first, I thought it was very anarchic, but Python is comparable to anything that is on steroids. It is simple, flexible but complex as you can make so many actions within a single line of code. It usually takes me on average 66% less code to program in Python rather than in C.
JavaScript is a high-level interpreted programming language. It is client-side based and has helped me to create interactions on websites. You can grasp the dom and CRUD to it and can create interactions when conditions are met.
HTML is a markup language, in other words, it is used to structure web pages. It helps the web-browser to know what is the content of the document and its properties and values. CSS is a stylesheet language known as Cascading. It includes curly braces like a programming language and almost feel like one.
SQL is a programming language but a declarative one. You ask for what you want not but you don't say how to do it. It is used to create, read, update and delete data from databases. It is behind your thoughts on data at some high-level. It is supported by most modern relational database management systems such as MySQL, PostgreSQL, Microsoft SQL Server.
Data Structures
A data structure is a way of organising and storing data into memory. Basically you can then access and modify, what memory addresses are holding. Different types of data strucutres exists, the most popular are arrays, lists, stacks, queues, trees, hash tables and graphs.
The circles represent nodes and each node represent a memory allocation of type 'structure' to create a linked list. The structure can be any data type supported by the language. The most frequent ones are integer, characters, floats, arrays, objects,...
A list is stored in linear order which means that the insert and delete actions of elements are great but slower on access and storage. Other data structures such as the stacks and the queues are also easy to get on with as it is based on the LIFO and FIFO methods. This allow access to the most and the least element as well as performing pushes, pops andqueing actions for the latter.
Data Link
Data Link is based on the Layer 2 of the OSI Model . It is known for MAC Addressing and its unit is the Ethernet frame. This frame includes layers:
- Preamble
A series of 7 bytes - 56 bites of "10" to create a bit level sync - SFD (Start Frame Delimiter)
Used to delimit the start of a (new) frame - MAC DST
- MAC SRC
- 802.1Q (also named dot1q & optional)
Used in VLANs and trunking - Length
- Payload
- FCS (Frame Check Sequence)
MAC addresses are written in hexadecimal, are 6 bytes and a colon is inserted between pairs:
00:EE:AF:FF:EA:00
This example shows a pattern from the concept of IPv6 EUI-64 which is a method that
automatically generates a unique IPv6 address using the MAC ADDR and the INT ID(interface).
This method
inserts "FFFE" between the two halves of a MAC as in the example above.
Each half of a MAC address is meaningful in other ways. The first half
is usually associated to a constructor and the other is used to uniquely identify a machine onto its hardware.
Which is a why the MAC address is also known as a BIA ADRR for "Burn In Address". Therefore, the frames in the layer 2 containing the mac addresses can be forged.
An 'old classic' is exploiting the Address Resolution Protocol known as ARP spoofing or ARP poisoning.
Another way to mislead communications at this layer is a vlan leak by exploiting vlan knowledges unto dot1q and the native vlans.
Therefore, features on switches can mitigate this type of vulnerabilities by enabling port-security, DAI (Dynamic ARP Inspection) and DHCP Snooping which is also using the Layer 3 of the OSI Model: The Network which stands for the world of routing and IP addressses.