Week 2: Networking Basics & Ticketing System Project

I completed two THM modules on networking: What is Networking? and Introductory Networking. I probably should have started with those modules last week. Anyways, networking can be defined as a connection of devices that communicate and share data or resources with each other. A network can only be public or private. The internet, for instance, is a giant public network made of multiple smaller private networks. Each device in a network has two identifying numbers:

1. Internet Protocol (IP) address: identifies a host on a network for a period of time, devices have both a public and a private IP address

   • Divided into 4 octets, example: 0.0.0.0

   • Each octet can span from 0-255, example: 255.255.255.255

   • Protocols allow different devices to communicate in the same language

   • Devices can use both public and private networks

   • Public IP addresses are given by an Internet Service Provider (ISP)

   • More devices connected = harder to get a public IP address under IPv4

   • The next version is IPv6, which looks like this: 2001:0bc8:85a3:0000:0000:8a2e:0370

2. Media Access Control (MAC) address: each device has a microchip board, which is a physical network interface that is assigned a unique address at the factory that built it

   • 12-character hexadecimal, example: a4:c3:f0:85:ac:2d

   • First six: the company vendor that built it

   • Last 6: unique number made by the company vendor

   • MAC addresses can be faked or spoofed (a network device pretending to use another MAC address by manually changing the MAC address)

   • Spoofing makes a firewall think it is receiving communication from an admin when it is not

   • Public network places like stores can use MAC address control by paying extra

Two protocol models explain the theory of networking. The first is the Open Systems Interconnection (OSI) model, which isn't used in the real world but is best for teaching. The OSI model has 7 layers that illustrate the theory behind computer networking. The Introductory Networking module also listed the following mnemonic to memorize the 7 layers: Anxious Pale Shakespeare Treated Nervous Drunks Patiently. I haven't yet found another one that I like since this one is in order.

Seven Layers: OSI Model

The 7 layers in the OSI model basically explain the encapsulation process, which is a process where data is sent from one computer to another. Each layer adds control information to the front of the data, which is called a header.

7th Layer: Is called the Application Layer and is the first to add a header to the data. It, as stated in the name, provides networking options (applications) to the programs on a computer so it can transmit the data. The File Transfer Protocol (FTP), for example, is used here over a TCP/IP network. Then the data is passed onto the next layer.

6th Layer: Is called the Presentation Layer, which translates data into a standardized format that the receiving computer can understand. This layer is necessary because the application layer mostly uses a format that only the application can understand. The Presentation Layer also handles encryption and any other transformations of data. The information from the 6th layer is added as a header in front of the 7th layer header. Once that is complete, the data is transferred to the next layer.

5th Layer: Is called the Session Layer, which checks to see if a connection with the other computer can be established. If the connection is established, it must maintain and synchronize the connections. Also, each session made is unique to that particular communication, which is also what allows multiple ongoing communications between different endpoints. Then the 5th layer adds a header to the front of the 6th and 7th headers of the data. Afterward, the data moves to the next layer.

4th Layer: Is called the Transport Layer, which chooses how data is transmitted. It's basically where data is divided into pieces to make it easier to send a message successfully. At this point, data is referred to as segments or datagrams, depending on which protocol is used. There are 2 common protocols:

TCP Transmission Control Protocol:

• TCP is connection-based, which means a connection is established the whole time it is used for reliable transmission

• acceptable speed is maintained, and any lost data is resent

• TCP is accurate over speed: best for file transfer and webpages

• Data is called a segment when using TCP

UDP User Datagram Protocol

• UDP is when packets are given to a computer without a set pace; the computer has to be the one to keep up (which is why videos could become pixelated if the connection is bad)

• UDP is speed over accuracy, best for video streaming

• Data is referred to as datagrams when using UDP

The 4th layer then adds a header to the front of the 5th layer before it moves on to the next layer.

3rd Layer: Is called the Network Layer, which locates the destination of the request. It takes the IP address and figures out the best route to take. Logical addressing is when it uses IP addresses since it is software-controlled. IP addresses are easy to organize and find, the IPV4 is currently the most common. At this stage, the data is called a packet. The 3rd layer adds a header to the front of the packet before moving on to the next layer.

2nd Layer: Is called the Data Link Layer, which focuses on finding the physical address of the transmission. When it receives a packet with an IP address, it adds the MAC address (every network-enabled computer has a network interface card (NIC) that has a unique MAC). The Data Link layer also checks if the data was corrupted during transmission, which could still happen in the physical layer, which is next. The data is referred to as frames in the 2nd layer. Before the data moves on, the Data Link layer adds a header to the front of it and a trailer to the end of the data. The trailer verifies the data hasn't been corrupted. The only way to tamper with the data would be to break the trailer. Finally, the frames are sent to the first layer.

1st Layer: Is called the Physical Layer, which is when binary data is converted into signals and transmitted across a network. The data is now referred to as bits.

The whole process is reversed when the second computer receives the bits, it removes information layer by layer, which is called de-encapsulation. It starts with the physical layer, then unravels it until it reaches the data. It's the same OSI model in each computer, but it isn't as straightforward in real life. The OSI model is merely used to explain the theory of networking. The older, real-world networking protocol is the TCP/IP Model.

Quick side note, before the TCP/IP and OSI models, there wasn't an agreed-upon model to follow. The DoD provided the standard in 1982 to solve the inconsistencies. Then the ISO (International Organization for Standardization) introduced the OSI model to help guide learners, but the TCP/IP model is the standard used in modern networking.

TCP/IP Model

The TCP/IP Model still follows the same encapsulation and decapsulation process as the OSI Model. However, there are 4 layers in the ICP/IP Model:

• Application: is basically the application, presentation, and session layers from the OSI model

• Transport

• Internet: is the network layer of the OSI model

• Network Interface: was broken into data link and physical layers, like with the OSI model, but not officially defined in RFC1122, but it's the same thing

TCP is a connection-based protocol; there needs to be a stable connection between two computers, and the process to establish that connection is the three-way handshake.

A three-way handshake is when a computer sends a special request containing a SYN bit, short for synchronize, to a remote server. The server responds with the same SYN attached to an ACK bit, which is short for acknowledgement. Then the computer will send back an ACK bit. This establishes that the data can be reliably sent, and anything lost or corrupted can be resent.

I also tested out the networking tool Ping, which uses the Internet Control Message Protocol (ICMP) to check the connection on devices by using an echo packet that replies once it is received. Ping works on the network layer of the OSI model, which is the Internet layer of the TCP/IP model. I typed ping [target URL address] -4 into the command line so that it would show me the IP address of a server hosting a website in IPV4. I can also type in an IP address, and it'll list the seconds per packet along with the average time it takes to establish a connection.

Last but not least, I finally got around to making a Ticketing System!

A ticketing system tracks, manages, and resolves user issues. Each issue is a ticket, and they can be organized to decide which to prioritize. The video mentioned multiple different ticketing systems and which organization commonly used each, and then it explained the components of a ticketing system.

Components of a Ticketing System:

1. ID: unique identifier to track progress, past issues, and maintain records (often numeric)

2. Requester: the user who submits the ticket

3. Category: organized labels to determine the issue

   • Hardware: laptop not booting, monitor issues

   • Software: application crashes and can't install

   • Network: connectivity issues

   • Security: account lockouts and phishing attempts

   • Access request: new employee or permissions

4. Priority Level: not everything is equally urgent, decide what is handled first

   • Critical P1: the entire company is affected (email is down)

   • High P2: department-wide issue (finance team's payroll system is inaccessible)

   • Medium P3: individual user impacted (a slow laptop)

   • Low: minor inconvenience (request for a new mouse)

5. Assigned Tech: who handles it based on expertise and shift schedule

6. Status:

   • new: just created

   • in progress: working on it

   • pending user response: asking for more info from the user

   • escalated: ticket moved to a higher level

   • resolved: issue fixed and pending user confirmation

   • closed: when the user has confirmed it is solved and the ticket is archived

7. Proper Logging

• Gather essential details: user information like name, dep, email, and contact number, device name, category, priority, ask questions, then assign it, add notes before escalating

Life cycle of a ticket

1. User submits a ticket

2. The ticket gets categorized and assigned to a tech

3. Tech troubleshoots and documents findings

4. The issue is resolved and escalated if needed

5. User is notified and marked closed once confirmed

6. Post follow-up is optional

SLA Ticketing Practices (the standard)

• A formal contract between IT support teams and users that defines expected response and resolution times

• Response time, resolution time, ticket prioritization, escalation process, service availability, penalties, and breach consequences

• Example: critical issue, then respond within 15 min, resolve in 2 hrs, breach happens when IT fails

• SLA ensures timely support, manages user expectations, prevents ticket backlog, and supports performance tracking of IT teams

Workflow

1. Always acknowledge tickets promptly, and confirm receipt

2. Follow SLA guidelines

3. Communicate clearly

4. Document Everything

5. Escalate when necessary

6. Close tickets properly

I made an account on https://www.spiceworks.com/ and then worked through each activity in the video. The first activity focused on filling a ticket with all of the necessary information.

Then I had to close the ticket properly by first asking if the fix was sufficient. I also wrote internal notes before pressing the close button.

Then I learned about the escalation process. SpiceWorks doesn't have an escalation option, so I just wrote what would be a message to the next team and selected internal notes. In that situation, I would also have to notify the person asking for access that the ticket has been escalated.

Overall, it was incredibly simple to set up and play around with. Next week, I'm planning on exploring a couple more networking tools and continuing the THM modules. I'll also start learning Python because there's another project I'll do in the fourth week.