Introduction

This is a very basic guide to network operation. It will help us to understand

later on how to configure our ParrotSec OS system. In the future you, reader, are
expected to investigate and study on your own (much more).

Currently, many of the devices around us are connected to the Internet or at least
to our home or office network. Our SmartTV, mobile phones, smartwatches, tablets,
PC, coffee maker (?),...

For this reason, it is important to know in broad terms how our networks work,
which means all those acronyms and words that ask us when we have to configure our
devices.

IP Address

In this document we will deal with version 4 of IP (IPv4), although version 6

(IPv6) is becoming more widespread. Despite this increase in the number of IPv6
configurations, this configuration is not yet common in our homes so we will try to
explain IPv4.

All systems that need to communicate with each other must have an IP address. This
address must be unique and cannot be repeated on the same network. If this happens,
both devices will be cancelled until the dispute is resolved.

An IP address (v4) consists of four blocks of decimal numbers, separated by dots.

Each number block can go from 0 to 255.

Examples:

* 192.168.0.1
* 1.2.3.4
* 195.255.1.37

I will give an example to try to explain this (the data is invented and I will put
it only as an example). Let's say our home router, our PC, a printer and our
favorite internet page.

PC, printer, router: Private ip are available (belonging to our home network)
Router, WEB Page: They have public ip (need a public ip to communicate)

You can see that the router maintains two IP addresses: a public one to access the
external services provided by the Internet, and a private one to interconnect with
the systems of our home network.

Public IP
----------------------------------
WEB page: 104.24.124.114
Router: 85.83.4.127

Private IP
----------------------------------
Router: 192.168.0.1
PC: 192.168.0.10
Printer: 192.168.0.12

We could make an analogy between what was shown above and the telephone system. All
phone numbers are different (public IP), but we have switchboards (routers) that
are capable of routing a call (routing) to different extensions (private IP). These
extensions, looking only at them, can be repeated in different companies or
households.

Netmask

The network mask is used on private networks to indicate the range of a subnet.

Private IP addresses must be within the ranges listed below:

From 10.0.0.0 to 10.255.255.255

From 172.16.0.0 to 172.31.255.255
From 192.168.0.0 to 192.168.255.255

The following IPs should not be configured manually:

169.254.0.0 a 169.254.255.255
224.0.0.0 to 224.0.0.255
224.0.1.0 to 224.0.1.255
224.0.2.0 to 224.0.255.255
224.3.0.0 to 224.4.255.255
232.0.0.0 to 232.255.255.255
233.0.0.0 to 233.255.255.255
233.252.0.0 to 233.255.255.255
234.0.0.0 to 234.255.255.255
239.0.0.0 to 239.255.255.255

Any other IP address will be considered Public. Public IP addresses will generally
be assigned by our Internet service provider, so we won't have to worry about them
(at least not at the moment).

Look again at the range of private IP addresses. As we have indicated, the network
mask specifies the subnet to which a system belongs. In other words, with this
value we indicate to our team if it should send a data (package) to a device of our
subnet or not. In other words, given an IP address and a network mask, we know that
part of that IP address is the value of the subnet and what the host number is.
With the mask we also indicate the maximum number of hosts that can be configured
in a subnet. Another way to indicate the mask is with your CIDR

Table of possible masks:

Decimal CIDR Nº hosts

--------------- ---- --------
255.255.255.255 /32
255.255.255.254 /31
255.255.255.252 /30 2
255.255.255.248 /29 6
255.255.255.240 /28 14
255.255.255.224 /27 30
255.255.255.192 /26 62
255.255.255.128 /25 126
255.255.255.0 /24 254
255.255.254.0 /23 510
255.255.252.0 /22 1022
255.255.248.0 /21 2046
255.255.240.0 /20 4094
255.255.224.0 /19 8190
255.255.192.0 /18 16382
 255.255.128.0 /17 32766
255.255.0.0 /16 65534
255.254.0.0 /15 131070
255.252.0.0 /14 262142
255.248.0.0 /13 524286
255.240.0.0 /12 1048574
255.224.0.0 /11 2097150
255.192.0.0 /10 4194302
255.128.0.0 /9 8388606
255.0.0.0 /8 16777214
254.0.0.0 /7 33554430
252.0.0.0 /6 67108862
248.0.0.0 /5 134217726
240.0.0.0 /4 268435454
224.0.0.0 /3 536870910
192.0.0.0 /2 1073741822
128.0.0.0 /1 2147483646
0.0.0.0 /0 4294967294

Normally net masks are usually used: 255.255.255.0 255.255.255.0.0 255.0.0.0.0

And most commonly in our homes the 255.255.255.255.0.

In this way, and continuing with our example, the most logical thing is that our PC
has:

IP: 192.168.0.10
Netmask: 255.255.255.255.0

Or with the ICDR notation:

192.168.0.10/24

This way our device could communicate directly with any system in our network whose
IP address started at 192.168.0.

If we have a device that belongs to the 192.168.1 subnet, it can no longer

communicate directly and you should use a gateway, which we will see below.

On the other hand, if we want 192.168.0 and 192.168.1 networks to see each other
directly, we could use the 255.255.0.0.0 network mask. In this case, you would
really be looking at all the systems whose IPs start with 192.168, regardless of
the next two blocks of numbers.

Gateway

When a system must send a data (package) to a network to which it does not belong,
which it knows from its previously viewed network mask, it will search in its
routing table for the ip address to which it must indicate this data so that it can
be sent to the "outside". That is, if our PC wants to communicate with a system
that is not in your network, you must know an IP to send this data, leaving the
shipping control to that system.

In our example we know that the router has an IP address 192.168.0.1 for our
internal network. We only have this network at home. Therefore, our default route
or gateway should be the router address. Spoken in a colloquial way, if we send a
packet to a system that is not on our network, let's send it to the router that he
will know what to do with it. Internally the router when it receives the packet and
sees the address to which it is destined, it will activate its mechanisms to send
it through its public address abroad, contacting the external system.

DNS (Domain Name Server)

As mentioned above, all connected systems have an IP address. It would be very

complicated if we could memorize all the IP addresses of all the pages we usually
connect to. This is why there are servers that are capable of translating a name to
an IP address (and vice versa). These servers are called DNS (Name Resolution
Server).

Let's take as an example the navigation to a web page. When we write the name of a
page in our browser, the system will first ask our DNS what is the IP address of
the address we are requesting. Our DNS will return to our system an IP address that
will correspond to the page we are requesting.

The "dig" tool allows us to check the ips addresses of a domain name.

┌─[user@parrot]─[~]
└──╼ $dig parrotsec.org

; <<>> DiG 9.10.6-Debian <<>> parrotsec.org

;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59479
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;parrotsec.org. IN A

;; ANSWER SECTION:
parrotsec.org. 300 IN A 104.24.125.114
parrotsec.org. 300 IN A 104.24.124.114

;; Query time: 91 msec

;; SERVER: 212.142.144.66#53(212.142.144.66)
;; WHEN: Sun Nov 19 23:18:48 CET 2017
;; MSG SIZE rcvd: 74

You can see two important things in this example. The "ANSWER SECTION" section
tells us the IP addresses of parrotsec.org and the SERVER line tells us which DNS
server we asked for.

We can configure our systems with more than one DNS server, in case the main one
fails.

DHCP (Dynamic Host Configuration Protocol)

In the previous points we have defined several data that will be essential to
configure our systems and that can be connected:

* IP Address
* Net Mask
* Gateway
* DNS
These values can be configured manually, but can also be set automatically when the
system is connected to the network. These values can be supplied to us and
configured by a DHCP server. Generally, routers come with this feature turned on so
we don't have to worry about anything.

Final Note

Just as we have indicated at the beggining, this document is a brief (very brief)
introduction to networks, and once you understand the basic operation of a network
you should investigate and study its operation more extensively.

Below are links that may be of interest to you in the future:

* https://rfc-es.org/
* https://www.rfc-editor.org/rfc-index.html
* http://www.tldp.org/HOWTO/Networking-Overview-HOWTO.html