Network Design ( 3 Layers Architecture)

Imagine: you are a network architect, your current mission is to set up the network of a company. You start from scratch as the customer company has decided that its speed of evolution justifies a large budget and a complete transformation of its network.

You therefore find yourself in front of a blank page, with only the needs (and therefore the technical obligations that these needs bring) of the customer. Make a decision about the design of the network.

And there ... A good architect must prioritize performance, cost, fault tolerance, speed (exchanges), why not load-balancing ... In short, his job is to create a network the most effective and Optimal possible!

However, if the analysis is poorly done, the major risk is to find ourselves with an ill-adapted network: unforeseen developments, slow exchanges, frequent breakdowns, non-functional services, supervision difficult to implement and assume ... Moreover, Knows that the more we divide, the easier it is to manage afterwards (attention, too divide will be a source of complication ...): this is the principle of LAN, network architecture but also developing classes .

Fortunately for us, since computers were not invented in 2011, other people have already thought about it. And in this case, people much more competent than the first network admin came. It is no longer necessary to reinvent the wheel: models exist!

The "three-layer" hierarchical model

More commonly known as the tree-layers hierarchical internetworking design / model, this model was invented and distributed by Cisco.

The principle is simple: to create a structured network design in three layers, each with a precise role involving differences in hardware, performance and tools.

These three layers are:

- the core layer, "Core layer"
- distribution layer, "Distribution layer".
- the access layer.

http://bibabox.fr/wp-content/uploads/2011/08/schema.jpg

Schema of the hierarchical model

Network diagram of the topology. Redundancy is provided by multiple links, in addition to dubbing routers / switches if needed.

1) Core Layer

This is the top layer. Its role is simple: to connect together the different segments of the network, for example remote sites, LANs or floors of a company.

We usually find routers at this level. If the company is really big, this model can be nested: the implementation design of the routers corresponds to this model, but the design of level 2 (OSI model), that is to say the switches, will resume Same hierarchization and the same roles! We therefore have a Core / Distribution / Access model inside the Access or Distribution part of the routers.

But I digress ...

As much traffic passes through these routers or Core switches, the performance requirements are consistent. And in flow, too. The material changes according to the role. For example, at Cisco, the CRS-3 is the reference (322 Tbps, anyway ... and it's not given ...).

The Core is also called Backbone.

2) Distribution Layer

Once our Core layer routers / switches are chosen and implemented in our architecture, the designer is interested in the distribution layer.

Its role is simple: to filter, to router, to authorize or not the packets ... We are between the Core layer and the Access layer, that is to say between the part "connection" and the part "users". Here, we begin to divide the network into a segment by adding several routers / distribution switches, each connected to the Core on one side and the Access layer on the other.

Visualize: 1 core router> several distribution routers connected on the same core router> even more access switches, all connected on a distribution layer. It is exactly like a family tree

Here, too, depending on the size and the means of the company, the architect will have to choose between router and switch. Obviously, the bigger the company, the more router you need at this level. For a small company, switching is enough.

These distribution routers will take care of routing (sending the neophytes on the right path), applying ACLs, ensuring fault tolerance, delimiting broadcast domains, etc.

Note: Of course, if there are only switches in our distribution layer, these actions will be performed at the Core level since only the Core layer has routers.

You can also, as you will probably find in some articles on the Internet, summarize the role of the Distribution layer by saying that it serves to link the Core and Access layers.

3) Access Layer

This is the last layer of our model. Its role is simple but very important: connect end-users devices to the network.

But also, ensure safety!

Only switches, or hubs sometimes, are implemented. This is normal, you will say, since all the work of routers is already done at the level of Distribution or Core. The result is that we only connect our end-users to the network, whether it is Wi-Fi, Ethernet or whatever. And if possible, we do it in a secure way, that is, using switchport on our switches, disabling unused interfaces, etc ... (this could be the subject of a future article, so there Has to say!). As a result, the configuration of this type of switch poses less constraint. No need for special performance because each switch will have - at most - a number of users equal to its port number (minus 1 or 2 for the trunk between Access and Distribution). In addition, treatments remain basic and require few resources. 4) But still? ... It is important to note that each layer brings its imperatives and needs, influencing the hardware set up as well as the configurations and / or solutions. This is the main reason for the existence of this model: more complicated, at first sight, to be implemented, but totally more efficient, profitable, thoughtful and economical in the long term than an improvised architecture time. Other models Of course, the hierarchical model in three layers is a reference that many architectures use. It is usually tailored to the needs of the business. But it is not the only model. There are many other architectural models, such as the "star" model for example or the "Campus LAN". However, this is not the subject of this article (if I were to talk about all the existing designs one would have for a few days), nor in my writing priorities: most of these models are much too theoretical, and - well That they are necessary to any network architect - do not really interest on this blog. To conclude, 3 points to remember: - This hierarchical model is a reference, it is very used. But it must of course be adapted to the needs of his company. - Each layer - Core / Distribution / Access - involves different configurations. In particular the Access layer, which requires certain actions from the administrator (setting the status of each port of the switches, setting up trunk, security, etc ...) - All links (link = link between two points , Encompassing the physical and software side) are doubled / backed up in the majority of cases. (See my previous article for example) And do not forget that think and choose as best as possible the architecture of its network, that is to say the design, the IP ranges for the different LANs, the number of LAN / VLAN and all other parameters is paramount! Especially in the long term ...

Beward ! Built-in Keylogger Discovered In Several Hp Laptops Models

 

Do you own a Hewlett-Packard (HP) laptop?

Yes? Just stop whatever you are doing and listen carefully:

Your HP laptop may be silently recording everything you are typing on your keyboard.

While examining Windows Active Domain infrastructures, security researchers from the Switzerland-based security firm Modzero have discovered a built-in keylogger in an HP audio driver that spy on your all keystrokes.

In general, Keylogger is a program that records every keystroke by monitoring every key you have pressed on your keyboard. Usually, malware and trojans use this ability to steal your account information, credit card numbers, passwords, and other private data.HP computers come with Audio Chips developed by Conexant, a manufacturer of integrated circuits, who also develops drivers for its audio chips. Dubbed Conexant High-Definition (HD) Audio Driver, the driver helps the software to communicate with the hardware.

Depending upon the computer model, HP also embeds some code inside the audio drivers delivered by Conexant that controls the special keys, such as Media keys offers on the keypad.

Keylogger Found Pre-Installed in HP Audio Driver

According to researchers, the flawed code (CVE-2017-8360) written by HP was poorly implemented, that not just captures the special keys but also records every single key-press and store them in a human-readable file.

This log file, which is located at the public folder C:\Users\Public\MicTray.log, contains a lot of sensitive information like users’ login data and passwords, which is accessible to any user or 3rd party applications installed on the computer.

Therefore, a malware installed on or even a person with physical access to a PC can copy the log file and have access to all your keystrokes, extracting your sensitive data such as bank details, passwords, chat logs, and source code.

“So what’s the point of a keylogger in an audio driver? Does HP deliver pre-installed spyware? Is HP itself a victim of a backdoored software that third-party vendors have developed on behalf of HP?” Modzero researchers question HP.

In 2015, this keylogging feature was introduced as a new diagnostic feature with an update version 1.0.0.46 for HP audio drivers and existed on nearly 30 different HP Windows PC models shipped since then.

Affected models include PCs from the HP Elitebook 800 series, the EliteBook Folio G1, HP ProBook 600 and 400 series, and many others. You can find a full list of affected HP PC models in the Modzero’s security advisory.Researchers also warned that “probably other hardware vendors, shipping Conexant hardware and drivers” may also be affected.

How to Check if You are Affected and Prevent Yourself

If any of these two following files exist in your system, then this keylogger is present on your PC:

  • C:\Windows\System32\MicTray64.exe
  • C:\Windows\System32\MicTray.exe

If any of the above files exist, Modzero advises that you should either delete or rename the above-mentioned executable file in order to prevent the audio driver from collecting your keystrokes.

“Although the file is overwritten after each login, the content is likely to be easily monitored by running processes or forensic tools,” researchers warned. “If you regularly make incremental backups of your hard-drive – whether in the cloud or on an external hard-drive – a history of all keystrokes of the last few years could probably be found in your backups.”

Also, if you make regular backups of your hard drive that include the Public folder, the keylogging file in question may also exist there with your sensitive data in plain text for anyone to see. So, wipe that as well.

Writed By:

Swati - Hacking News
Technical Writer, Security Blogger and IT Analyst. She is a Technology Enthusiast with a keen eye on the Cyberspace and other tech related developments.

 

Wanna Cry Ransomware!

A type of virus that infect computers, and then make the user’s data inaccessible the operating system, or encrypting the data stored on the computer,
The user asks the ransom to pay a fixed amount of money, as opposed to decrypting files or allowing access again to the operating system.

How To Stay Safe :

  • Be careful to click on harmful links in your emails.
  • Be wary of visiting unsafe or unreliable sites.
  • Never click on a link that you do not trust on a web page or access to Facebook or messaging applications such as WatSab and other applications.
  • If you receive a message from your friend with a link, ask him before opening the link to confirm, (infected machines send random messages with links).
  • Keep your files backed up regularly and periodically.
  • Be aware of fraudulent e-mail messages that use names similar to popular services such as PayePal instead of PayPal or use popular service names without commas or excessive characters.
  • Use anti virus and Always make have the last update.
  • Make sure your windows have the last update close the gap.

Update 5/15/2017 : 

The entry of the virus to your device, which is dependent on a gap in the Windows system and the gap is present in all types of Windows is that the feature is open.

if you did no’t update your windows just turn off SMP,

There are two methods to turn off SMP manually or Tools .

First Manually :

1.Control Panel\Programs\Programs and Features.

Image

2. Remove check Box  SMB1.0/CIF Filse Sharing Support.

Image

3. you must be restart your computer.

Done! Now you are safe. 


2. Tools :

Link Download direct: SMB2 Tools Disable 

1. RUN AS ADMINISTRATOR.

Image

2.First check if the Features is turn on !.
when you run the tools will show this, if you see SMB2 currently enable so you must be Disabled it

Image

3. SMB2 IS currently disabled.

Image

4. you must be restart your computer.

Done! Now you are safe. 

I hope it helps to keep you safe.