Riser resolved from previous makerspace post

Bottom line: Building Network Attached Storage (NAS) and making a web server can be explained with the more relevant CompTIA topics. If the students are doing the projects intentional to learn CompTIA terms it can enhance the learning experience by the learners hands-on.

I just had a Discord interaction regarding riser cards being on the CompTIA exam. I’m Eric, and my vision is to revamp historical study guides and labs with pureplay now study material. The talk about riser cards and whether they are relevant got me. You can have a usable study guide to take notes from to learn topics for upper-tier CompTIA and learn computer repair for what you will find on the shelf at Comdex and other consumer electronic shows.

In answer to creating a story or analog to the TCP/IP model I used the real example of an HTTP web request as best I can. Protocol Data Units (PDU) frames, packets, segments are topics from Cisco and networking tier 2 CompTIA content. If I use them in tier 1 content that could be students meaningful transition from tier 1 to tier 2. I believe that many students carry the scope in their mind not knowing that they are separate exams, yet wanting to learn more because in an eradic study pattern the content gets mixed and are distractors.

Maybe identifying the distractors that do appear in the CompTIA tier 1 can help to turn their study back to tier 1, while making a bread crump preparing for tier 2 learning.

In this 2 example of the blog. The apache web server would be the practical analogy to make the OSI and TCP/IP models anchored in hands on learning.

——

So this blog presents two maker space ideas. One from computer repair. Use the “hot” new components like NVME network attached storage to build one. Then understand distractor “riser card” as a HAT to get the NVME and controller attached to a pi that fits in the pi form factor case.

The other maker project is the conceptual flow of information between web server and a client browser. Using the OSI and TCP/IP model as an analogy to understand what is happening during viewing a web page.

Learning connections.

Here is the link I used to fact check my TCP/IP model analogy.

Starting with A+ here is a prototype to get a CompTIA study group going.

Technocrat page

https://go.screenpal.com/watch/cZf0cqVM6nJ
Sydonie Bot “10-Minute CompTIA” presenter

Page 28 of 343

2.0 Networking

2.1 Compare and contrast Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports, protocols, and their purposes.

• Ports and protocols

FTP - File Transfer Protocol

- 20/21 – File Transfer Protocol (FTP)

§  SFTP= SSH with FTP (20/21/22)

§  FTPS= FTP over SSL (secure socket layer- web browser traffic) (most secure) (990)

• tcp/20 (active mode data), tcp/21 (control) – Transfers files between systems

• Authenticates with a username and password

– Some systems use a generic/anonymous login

• Full-featured functionality - List, add, delete, etc.

SSH - Secure Shell

- 22 – Secure Shell (SSH) remote access (most basic)

• Encrypted communication link - tcp/22

• Looks and acts the same as Telnet

Telnet

- 23 – Telnet - unsecure, text based, remote access (do not select)

• Telnet – Telecommunication Network - tcp/23

• Login to devices remotely – Console access

• In-the-clear communication

– Not the best choice for production systems

SMTP - Simple Mail Transfer Protocol

- 25 – Simple Mail Transfer Protocol (SMTP) - sends/relays email

•  SMTP - Simple Mail Transfer Protocol

            - Server to server email transfer - tcp/25

•  Also used to send mail from a device to a mail server

           - Commonly configured on mobile devices and email clients

• Other protocols are used for clients to receive email

– IMAP, POP3

DNS - Domain Name System

- 53 – Domain Name System (DNS) - converts FQDNs (websites) to IP address

•  Converts names to IP addresses - udp/53

         - www.professormesser.com = 162.159.246.164

•  These are very critical resources

         - Usually multiple DNS servers are in production

DHCP - Dynamic Host Configuration Protocol

- 67/68 – Dynamic Host Configuration Protocol (DHCP) - automatically assigns IP address

•  Automated configuration of IP address, subnet mask and other options - udp/67, udp/68

- Requires a DHCP server

      - Server, appliance, integrated into a SOHO router, etc.

•  Dynamic / pooled

      - IP addresses are assigned in real-time from a pool

      - Each system is given a lease and must renew at set intervals

•  DHCP reservation

      - Addresses are assigned by MAC address in the DHCP server

      - Manage addresses from one location

HTTP and HTTPS

- 80 – Hypertext Transfer Protocol (HTTP) - basic internet traffic (not secured)

- 443 – Hypertext Transfer Protocol Secure (HTTPS) - secure web traffic

•  Hypertext Transfer Protocol

      - Communication in the browser

      - And by other applications

•  In the clear or encrypted

      - Supported by nearly all web servers and clients

POP3 / IMAP

- 110 – Post Office Protocol 3 (POP3)

•  Receive emails from an email server

      - Authenticate and transfer

•  POP3 - Post office Protocol version 3

      - tcp/110

      - Basic mail transfer functionality

*- receives email, but does not save copy on server (secure port 995)

- 143 – Internet Mail Access Protocol (IMAP)

•  IMAP4 - Internet Message Access Protocol v4

      - tcp/143

      - Includes email inbox management from multiple clients

      *   receives email and does save copy on server (secure port 993)

SMB - Server Message Block

- 137/139 – Network Basic Input/ Output System (NetBIOS)/NetBIOS over TCP/IP (NetBT)

·  Protocol used by Microsoft Windows

- File sharing, printer sharing

- Also called CIFS (Common Internet File System)

•  Using NetBIOS over TCP/IP Network Basic Input/Output System)

–  udp/137 - NetBIOS name services (nbname)

   tcp/139 - NetBIOS session service (nbsession)

 - 445 – Server Message Block (SMB)/Common Internet File System (CIFS)

*  allows PCs to transfer/request data from server file shares

•  Direct over tcp/445 (NetBIOS-less)

–      Direct SMB communication over TCP without the NetBIOS transport

SNMP - Simple Network Management Protocol

- 161/162 – Simple Network Management Protocol (SNMP)

load management/diagnostic software over a network

•  Gather statistics from network devices

      - Queries: udp/161

- Traps: udp/162

•  v1 – The original

- Structured tables

- In-the-clear

•  v2 – A good step ahead

      - Data type enhancements

      - Bulk transfers

      - Still in-the-clear

•  v3 – A secure standard

- Message integrity

- Authentication

- Encryption

LDAP

- 389 – Lightweight Directory Access Protocol (LDAP) - remote access protocol to search for objects

* (like phone book for IP addresses)

•  LDAP (Lightweight Directory Access Protocol) - tcp/389

•  Store and retrieve information in a network directory

      - Commonly used in Microsoft Active Directory

RDP - Remote Desktop Protocol

- 3389 – Remote Desktop Protocol (RDP) - remote access protocol to control another PC

           (windows+ R, MSTC)

•  Share a desktop from a remote location over tcp/3389

•  Remote Desktop Services on many Windows versions

•  Can connect to an entire desktop or just an application

•  Clients for Windows, macOS, Linux, Unix, iPhone, Android, and others

2.1 Introduction to IP

A series of moving vans

• Efficiently move large amounts of data

 – Use a shipping truck

• The network topology is the road

 – Ethernet, DSL, cable system

• The truck is the Internet Protocol (IP)

– We’ve designed the roads for this truck

• The boxes hold your data

– Boxes of TCP and UDP

• Inside the boxes are more things

– Application information

TCP and UDP

• Transported inside of IP

– Encapsulated by the IP protocol

• Two ways to move data from place to place

– Different features for different applications

• OSI Layer 4

– The transport layer

• Multiplexing

– Use many different applications at the same time

– TCP and UDP

• TCP vs. UDP

- Connection-oriented

§ HTTPS

§ SSH

TCP – Transmission Control Protocol

• Connection-oriented

– A formal connection setup and close

• “Reliable” delivery

– Recovery from errors

– Can manage out-of-order messages or retransmissions

• Flow control

– The receiver can manage how much data is sent

·       Work at layer 4 OSI model

·       Verified connectivity; connection oriented

·       Example: emails

UDP – User Datagram Protocol

- Connectionless

§ DHCP

§ Trivial File Transfer Protocol (TFTP)

• Connectionless - No formal open/close to the connection

• “Unreliable” delivery

– No error recovery

– No reordering of data or retransmissions

• No flow control

– Sender determines the amount of data transmitted

·       Does not verify connectivity; connectionless

·       Video streaming; gaming

Why would you ever use UDP?

• Real-time communication

– There’s no way to stop and resend the data

– Time doesn’t stop for your network

• Connectionless protocols

– DHCP (Dynamic Host Configuration Protocol)

– TFTP (Trivial File Transfer Protocol)

Communication using TCP

• Connection-oriented protocols prefer a “return receipt”

– HTTPS (Hypertext Transfer Protocol Secure)

– SSH (Secure Shell)

• The application doesn’t worry about out of order frames or missing data

– TCP handles all of the communication overhead

– The application has one job

Speedy delivery

• The IP delivery truck delivers from one (IP) address to another (IP) address

– Every house has an address, every computer has an IP address

• Boxes arrive at the house / IP address

– Where do the boxes go?

– Each box has a room name

• Port is written on the outside of the box

– Drop the box into the right room

Lots of ports

• IPv4 socket

– Server IP address, protocol, server application port number

– Client IP address, protocol, client port number

• Non-ephemeral ports – permanent port numbers

– Ports 0 through 1,023

– Usually on a server or service

• Ephemeral ports – temporary port numbers

– Ports 1,024 through 65,535

– Determined in real-time by the client

Port numbers

• TCP and UDP ports can be any number between 0 and 65,535

• Most servers (services) use non-ephemeral (not-temporary) port numbers

– This isn’t always the case

– It’s just a number.

• Port numbers are for communication, not security

• Service port numbers need to be “well known”

• TCP port numbers aren’t the same as UDP port numbers

• Well-known port number

– Client and server need to match

• Important for firewall rules - Port-based security

• A bit of rote memorization

– Becomes second nature after a while

• Make sure you know port number, protocol, and how the protocol is used

Are you struggling with basic networking? Never fear. CompTIA Exam 220-1001 is the certification exam that outlines what you need to know whether you take the exam or not. This article has study materials you can review to understand cloud computing better.

Digest these exam objectives by reading and practicing them in your home CompTIA lab for hackerspace.live

IAAS/PAAS/DAAS/SAAS

The best example for PaaS is remembering that it's what software developers crave.

DaaS, or "Desktop as a Service," is a cloud computing service that provides customers virtual desktops via the Internet. It refers to the delivery of virtual desktops to end users over the cloud, which is becoming a more common option in cloud computing.

You can experience this using Virtual Box and make a virtual desktop on your own computer. Microsoft Azure can be used if you are willing to pay for a subscription.

An Azure subscription has simple buttons to spin up a server or a Windows PC.

Network engineers would be responsible for the the on premise network and managing IaaS.

You can experience this your self by using a laptop and a Rasberry Pi, Your would need to setup a simple DHCP on which is already on your home WiFi router and configure a DNS for using the internet.

Difference between DHCP/DNS

DHCP - Stands for Dynamic host configuration protocol. It is utilized best in the process of automatically assigning host IP addresses to machines connected to a network automatically based on available IPs in the subnet range. DNS - Domain name service this is basically utilized in simple terms as a way of making ip addresses which is how we really connect to everything in our browsers for example friendly by giving them a web friendly name and DNS job is to look up those domain names for example facebook.com find what server facebook.com resides at and then behind the scenes request that domain server ip address so that we can connect to facebook.com seamlessly when we type in facebook.com instead of having to type facebooks ip address every time we want to get to facebook.

Dns just turns ip addresses into "human readable" address like instead of having to typ 8.8.8.8 you just type Google.com and the dns looks at it and finds the ip address associated with that domain name.

How stressed are windows commands on core 1?

Very stressed . It’s free points actually

Here are some commands related to DNS/DHCP. Once you’ve memorized then experiment in action. In a lab experience there are work arounds to renewing and viewing IP addresses like restarting the computer while connected to a network with DHCP. Even if you really on your own method you can experiment with these commands to get an idea of what they do. Experimenting will give you experience in these commands so you can get free points on your exam.

• IPCONFIG

• IPCONFIG \release

• IPCONFIG \renew

• PING

Good Discord study group. Get involved, engage with your studies and stay motivated.

• #themadinstructor - ask questions in the 220-1101 channel

• #professormesser - CompTIA gold standard

For more you can listen to this Spotify podcast. A+ 1101 Exam: 4.1 - Cloud Computing Concepts - Comptia A+ 1101-1102 Exam Podcast | Podcast on Spotify

Hacking - The blowback

Hacking in my day was a positive term for someone who creates or makes new things by poking around. Sometimes, a mistake can lead to a new solution. Steve Jobs and Bill Gates were among those during the hobby days of DIY computers before the Mac and PC were invented. People built home computers in their bathtubs. Which eventually led to the Apple II computer.

I had a FB call with a gamer friend. Subject “are there negatives to learning how to hack. He loved the idea and encouraged me. He then shared it with his dad at a family dinner. Dad exploding that 30 something gamer son had friend that robbed him. The dad just now had lost a fortune in a cryptocurrency scam. The irony is that my wife flipped out that I was associating myself with “hacking”. That is why I called my friend to find away to test the idea, which he loves btw.

It is a great object lesson that I can share with my students. I’ve been using the movie October Sky” to illustrate the guilt by association and now I have a direct 2024 example affecting me personally. A cautionary tale

• https://www.youtube.com/watch?v=pLPpl2ISKTg&t=206s

• https://www.wired.com/story/pig-butchering-fbi-ic3-2022-report/

• https://www.justice.gov/opa/pr/justice-department-seizes-over-112m-funds-linked-cryptocurrency-investment-schemes#:~:text=If%20you%20or%20someone%20you%20know%20is%20a,In%20your%20complaint%2C%20please%20reference%2C%20%E2%80%9CPig%20Butchering%20PSA.%E2%80%9D

  • “If you or someone you know is a victim, visit www.fbi.gov/cryptoguard , contact your local FBI field office, call 1-800-CALL-FBI, or report it to the IC3.gov. In your complaint, please reference, “Pig Butchering PSA.””

Let me know what you think of this site. My internal critic tells me to delete it lol. I am needy after publishing it, but I hope I will get over it. The site combines my Facebook business page hackerspace, and the videos I made for my cyber security class posted on YouTube. The most important step for me was to add a join link on a web site to start getting a mailing list going.

I’ve got 3 Raspberry Pi computers about the size of an index card and a 10 dollar hub to network them together. One is already a web server. I want to build something that you all would build in your home. A hands on networking lab that I can fit on a card table. I’ve started the hardware part and likely you have seen photos in my online class, discord, YouTube, Facebook or from me!

• HackerSpace Facebook

• YouTube Cybersecurity 411

• Twitch (in the future)

• TikTok (maybe)

• Marketing page on bio.site

I am ready to include your feed back on the next steps and progress. I am calling it a Mastermind group. A way for me to get input and provide something that you can try yourself. I will be posting here and I will get some kind discussion thread on my pages so that you can help my creative ego through this birthing period for hackerspace.

My business page shows that most of the viewers are from our friends in Egypt and India, I’m in rainy Southern California. I look forward to bridging the distances. That is about 14,797 kilometers! Or 7990 nautical miles for my US friends. I am hoping this Raspberry Pi project (to make a hands on network study lab) will help with that. It is inspired by CompTIA an Industry IT certification association here in the states. Students usually buy courseware or use youtube to learn all the terminology. The internet recommends hands on but that can be difficult to acquire. Your workplace may have it. Or you can enroll at a colleges with a computer lab, but then you have to make the commute to visit the labs. Let’s not even talk about grades here. With this Raspberry Pi project you can build it in your homes. And have a lot of fun.

I hope to add Zoom meetings or use Twitch so we can meet face to face and talk about bringing servers and networks affordably in our homes where we can hack them without worrying about breaking any laws and getting into trouble. Just good creative computing!

I’d love to hear your thoughts on any of my channels.

Carpe diem!