Some Networking Questions

[Guest]

Is it possible to have a -wired- MAC filter? 

What is the difference between a gateway and a router? 

What is a DHCP server and what is it used for? 

What's the difference between HTTP and HTTPS? 

What is UPNP and is it still useful? 

How do you find your device's MAC address? 

If wireless is completely off on a wireless router, are the only devices that could access the network be wired connections? 

 

Thanks, I know it's a list but these are just some questions I had after looking through my old router's GUI 

[manikyath]

1: probably someone makes it. i dont think its a standard feature tho.

2: a router is a device that is made to route traffics between two networks, a default gateway is the device that connects a subnet to its parent

3: its a device that hands out IP addresses on the network for devices that do not have a static address

4: S = secure. basicly the S means its encrypted and cant be (as easily) intercepted.

5: its one of the many ways to make devices talk to each other on a network automatically, i've used it once because samba is a steaming turd.

6: either in the manual, on the enclosure of the device, or in the device's user interface.

7: if theres no other access points, yes.

 

EDIT: 1: yes, my modem filters out the mac addresses my isp uses for their settop boxes and puts them on a seperate subnet.

[Altecice]

Is it possible to have a -wired- MAC filter?

Yes you can filter MAC's via enterprise level Switches.

 

What is the difference between a gateway and a router?

A Default Gateway is the same thing as a Router. the "Gateway" is the address of the interface on the router.

 

What is a DHCP server and what is it used for?

Its used to give end devices (laptop/PC etc) IP addressing info (IP, SNM, DG)

 

What's the difference between HTTP and HTTPS?

HTTP uses TCP port 80 and is not encrypted/use certificates. HTTPS uses port 443 and uses SSL to encrypt your traffic.

 

What is UPNP and is it still useful? 

Personally I think its a security risk to have enabled but is it useful for home networks to easly set up devices on the network.. its not really required anymore.

 

How do you find your device's MAC address? 

open up a command prompt and type in IPCONFIG /ALL. Look for your Local Area Connection.

 

If wireless is completely off on a wireless router, are the only devices that could access the network be wired connections? 

Yes.

[Guest]

1: probably someone makes it. i dont think its a standard feature tho.

2: a router is a device that is made to route traffics between two networks, a default gateway is the device that connects a subnet to its parent

3: its a device that hands out IP addresses on the network for devices that do not have a static address

4: S = secure. basicly the S means its encrypted and cant be (as easily) intercepted.

5: its one of the many ways to make devices talk to each other on a network automatically, i've used it once because samba is a steaming turd.

6: either in the manual, on the enclosure of the device, or in the device's user interface.

7: if theres no other access points, yes.

 

EDIT: 1: yes, my modem filters out the mac addresses my isp uses for their settop boxes and puts them on a seperate subnet.

For #6, Do you mean the router or the device? Because if the device, how would you find the MAC address for like a laptop or a phone? I think for something like an iPhone it's under settings or something, but what about a laptop just running Windows 

[LAwLz]

Is it possible to have a -wired- MAC filter?

Possible: Yes

Common: No

Most consumer routers does not support it but for example some Cisco equipment allows you to define MAC addresses in access lists. That will allow you to deny anyone but the MAC addresses you allow, and it will work on a network port.

 

 

What is the difference between a gateway and a router?

Your default gateway is the device your computer will send traffic to if the destination of that traffic is on another network. For example if you are on the 192.168.1.0 network and want to contact someone on the 172.16.1.0 network, your computer will send all the traffic to the address that's configured as your default gateway.

A router is a device that can take packets from one network and send them to another.

 

A router is often a gateway. A gateway is not always a router though. It can be a virtual router (for example if you are using VRRP), or it can be a layer 3 switch, or something along those lines. Gateway kind of refers to the "role" of a device, while a router refers to a type of device.

 

 

What is a DHCP server and what is it used for?

A DHCP server is a server that automatically gives out IP addresses as well as other settings (netmask, default gateway, DNS etc) to computers that request it (the default config on most computers).

 

 

What is UPNP and is it still useful?

If you are using NAT, all device on your inside network (as in, in your house) will have the same IP address visible to the outside world. If you and your brother each got a computer, then your friend's computer that's across the street will only see a single IP address. This is done in order to reduce the number of IPv4 addresses used (because it is possible to map a single IP address to a ton of device). Most of the time this won't be any issue, but in some cases where for example your friend has to connect to your computer specifically (for example you might be hosting a game server) then your router needs a way to know that the traffic your friend is sending should go to your computer and not your brother's (port-forwarding).

This might be a security risk though because it allows your computer to automatically open up holes in your firewall and direct traffic to your computer. It can quite easily be exploited by malware.

 

 

How do you find your device's MAC address?

1) Open up cmd

2) type in ipconfig /all

3) Look up the connection you want to know the MAC address of (probably "Ethernet adapter Ethernet") and then look for "Physical Address". It should be six pairs of numbers and letters. Something like:

A1-B2-C3-D4-E5-F6

 

 

If wireless is completely off on a wireless router, are the only devices that could access the network be wired connections? 

Yes. If you turn WiFi off then you will need a wire.

[Guest]

All of these network definitions, wording, and conjunctions. I have so much to learn 

[Guest]

-snip 

Where did you learn all of this? 

[LAwLz]

Where did you learn all of this? 

School and books.

[Guest]

School and books.

Networking class?

[pbelf]

Is it possible to have a -wired- MAC filter? 

 

 

In a home environment not common as controlling physical access is easy.

 

It is common in the enterprise. 802.1x is normally used where there is authentication in establishing the network connection. Its usually using a public key certificate based system. Mac filtering is sometimes put on top of this as an extra layer of security.

 

I've configured it in a windows active directory setup where you have a domain controller, a certificate server and a radius server. The domain controller automatically pushes certificates out to domain joined machines. The network switch has 802.1x enabled and is given the address of the radius server for authentication. The radius server authenticates connection requests using the certificates and the active directory domain. Its quite cool and seamless when all setup. Best practice in a corporate environment as it stops any unauthorized devices being plugged in and getting a network connection. Totally overkill in the home.

[braneopbru]

Networking class?

I'm just going to leave this here:

 

http://intronetworks.cs.luc.edu/current/html/

 

Edit:

 

I may come off as abrasive sometimes, but it's because so many of the people in this forum want to be helped, but refuse to try to help themselves. You seem like you genuinely want to learn but it's going to be tough for you to learn anything from the types of questions that you're asking since the answer will only make sense when you understand the underlying principles. I can't explain layer three networking if you have no idea what layer two is and for layer two to make sense, you have to understand layer one.

 

That link is A LOT of reading, but take your time to go through it, make sure you understand the concepts as you move through each section and in three or four weeks you'll be here answering questions, instead of asking them.

 

Now, go fishing.

[Guest]

I'm just going to leave this here:

 

http://intronetworks.cs.luc.edu/current/html/

THANK YOU!!!!!!!!!!!!!!!!

[Guest]

In a home environment not common as controlling physical access is easy.

 

It is common in the enterprise. 802.1x is normally used where there is authentication in establishing the network connection. Its usually using a public key certificate based system. Mac filtering is sometimes put on top of this as an extra layer of security.

 

I've configured it in a windows active directory setup where you have a domain controller, a certificate server and a radius server. The domain controller automatically pushes certificates out to domain joined machines. The network switch has 802.1x enabled and is given the address of the radius server for authentication. The radius server authenticates connection requests using the certificates and the active directory domain. Its quite cool and seamless when all setup. Best practice in a corporate environment as it stops any unauthorized devices being plugged in and getting a network connection. Totally overkill in the home.

Yeah it's overkill but I love the assurance of overkill. As long as it's enough to solve the problem, then everything is good. Thank you. 

[leadeater]

Is it possible to have a -wired- MAC filter? 

What is the difference between a gateway and a router? 

What is a DHCP server and what is it used for? 

What's the difference between HTTP and HTTPS? 

What is UPNP and is it still useful? 

How do you find your device's MAC address? 

If wireless is completely off on a wireless router, are the only devices that could access the network be wired connections? 

 

Thanks, I know it's a list but these are just some questions I had after looking through my old router's GUI 

 

1. Depends where you want to do the filtering. DHCP servers can do this as standard and only had out IP address to computers with MAC Address entered in to it's database. This type of practice is very common for virtual server environments and also for devices like printers.

 

You can do MAC filtering at the switch, router and firewall etc but this requires business/enterprise equipment not home user stuff. If you are looking for port security on a switch MAC filtering is not what you want and is not user friendly to maintain. You would be wanting wired authentication using 802.1X/RADIUS, this can authenticate against many different things including MAC Address, certificate, user account, computer account etc.

 

2. This depends on what you mean by gateway. A network gateway is nothing more than what a real gateway in to a property is, an entry and exit point. These are typically routers or could be a firewall, proxy server or some other kind of network security device. These all do routing.

 

A router can be a gateway in to multiple different networks and would maintain a route table list to all these locations, how to get there. They will also have a gateway of last resort (default gateway) for any traffic that does not match anything defined in the route table.

 

3. DHCP - Dynamic Host Configuration Protocol. A DHCP server provides a service on a computer network to automatically respond to networking configuration requests from client devices. This would tell the device what IP address to use, subnet mask, default gateway, time server etc etc. These are always used in large networks as configuring every device manually is far to time resource intensive.

 

4. HTTPS uses a secure transport layer and would normally use the public key infrastructure (PKI) to tell clients who they are and the client would use this information to verify if they trust the server or not.

 

Public certificate authorities such as GoDaddy are an organisation that is globally trusted by all to sign server certificates for organisations around the world. They verify the request for server certificates to make sure they are legitimate requests etc. The server certificate issued to the requester contains who signed it (GoDaddy) and all computers contain the public key from this issuer (GoDaddy) which is checked by the client to make sure it was signed by a trusted source (GoDaddy), if not your browser or application will alert you to this and ask if you wish to still proceed.

 

Public certificate authorities do not guarantee what is on the secure site is not dangerous only that the site is who it says it is. If your browser says a site is secure and trusted it is not saying that the content on the site is safe.

 

PKI is rather complex and is hard to explain well without a lot of detail (tons more than I have written).

https://en.wikipedia.org/wiki/Public_key_infrastructure

 

5. UPnP - Universal Plug and Play. This is a set of protocols that allows computers and other devices to discover each other on a network and what they are, Media player etc. UPnP is most typically used on home networks for gamers for playing on line to dynamically setup port forwarding so you can host an online game session, this is called NAT traversal.

 

https://en.wikipedia.org/wiki/Universal_Plug_and_Play

 

For the last two I'm feeling lazy so refer to @LAwLz post that I have just seen.

[Guest]

I'd like to mark a lot of you as solved, but I can't do that, only one person sorry :\ 

 

But holy shit thank you for all of your responses