Submitted By: Sonu Nayak
Coventry ID: 12981621
220073@softwarica.edu.np
Submitted To: Abhijeet Karan
Module Title: ST4065CEM Computer System & Networks
BSc. (Hons) Ethical Hacking and Cyber Security
Softwarica college of IT and E-commerce
Coventry University
Networking Individual Project
1
Acknowledgement
While writing this dissertation, I had a lot of help and support.
I would first like to thank My Class Teacher Mr. Abhijeet Karna Sir whose idea and research
was invaluable in formulating the research questions and methodology. Your astute criticism
inspired me to sharpen my thinking and elevate the standard of my writing.
I would like to acknowledge friend from my Hostel Nikesh Upretti who gave me idea and tips to
write a repot on a particular topic. You gave me the resources I required to make the best
decision and effectively finish my dissertation.
Additionally, I want to thank my parents for their wise counsel and understanding ear.
You are there for me constantly.
2
ABSTRACT
An overview of the layered technique utilized in computer networks is given in the report and
discusses how it connects to the OSI model. It provides an explanation of the OSI model's data
transfer mechanism, concentrating on the data link layer and error detection. Along with logical
details on routing, a topological diagram, an explanation of IP addresses and subnetting
protocols, notably OSPF, the report also offers information on these topics. Additionally, it
covers network security and firewall procedures, including both hardware-based and softwarebased tactics and the setting up of gadgets in Cisco Packet Tracer. The paper ends with a section
on setting up the Windows firewall and reading recommendations. The paper offers a thorough
grasp of the numerous elements and factors involved in network design and security overall.
3
Table of Content
Contents
Introduction to Layered Approach .................................................................................................. 5
Data Transfer in OSI Model ........................................................................................................... 6
Data Link Layers and Error Detection ............................................................................................ 7
Logical Topological Diagram ......................................................................................................... 9
IP address and Subnetting ............................................................................................................. 10
Routing Protocol Used .................................................................................................................. 10
Configuration in Cisco Packet Tracer ........................................................................................... 12
Network security and Firewall ...................................................................................................... 21
Among the hardware options are: ............................................................................................. 22
Among the software options: .................................................................................................... 23
Configuring the windows firewall ................................................................................................ 25
Conclusion .................................................................................................................................... 35
References: .................................................................................................................................... 36
4
Introduction to Layered Approach
Despite not being realistically feasible, the OSI layer is extremely significant in computer
networks implemented because it is considering that it is a theoretical module used to explain
how data is transmitted between two systems. It is a framework that enables us to explore the
relationship between various technologies. It is important to understand the concept of OSI layer
because it enables us to fully understand the various technologies used in computer network
better.
There is a need if layered approach in computer network because it enable the isolation and
separation of various function, which improves network design, implementation and
troubleshooting easier. According to the OSI model, each layer is in charge of carrying out a
particular task and does so independently of the others. It is simpler to adapt to new networking
technology because to this modular architecture, which enables independent layer development
and updates.
For instance, the physical layer is in charge of transmitting raw bits through a physical medium
like copper wire or fiber optic cable. The data link layer is in charge of structuring the
uncompressed bits into frames and ensuring that the frames are correctly transmitted across
devices connected to the same network segment. The network layer is in charge of routing the
frames between various network segments while the transport layer is in charge of ensuring the
data is consistently transmitted from beginning to finish.
5
Data Transfer in OSI Model
From the following figure,
In the OSI model, the data transfer from a PC to a server via two routers involves the following
steps:
1. Physical Layer: The data is transferred using a physical media, such as copper wire
or fiber optic cable. Physical Layer: The data is transferred using a physical media,
such as copper wire or fiber optic cable.
2. Data link Layer: The information is put into data frames and sent via the physical media.
At this layer, mistakes may be found and fixed because the data frames are addressed to
the intended receiver.
3. Network layer: To get to their destination, the data frames are routed across the network.
If there are many routers, they will use routing tables to determine the best path for the
data.
4. Transport Layer: The data is segmented, and the segmented data is transferred to the
target. The reliability and proper order of the data delivery are made sure of by this layer.
5. Session Layer: This layer establishes, maintains, and terminates connections between
devices.
6
6. Presentation Layer: This layer transforms the data into a form that the application layer
may use.
7.
Application Layer: The application layer can use the data after this layer changes it into
that format.
Each layer carries out a particular task and uses a particular protocol to communicate with the
layers above and below it. The data is passed from one layer to the next, with each layer adding
its own header information to the data as it is passed along. (OSI 7-Layers)
Data Link Layers and Error Detection
The data link layer in the OSI model is where the error detection and correction process is
implemented. It is used to make sure that the intended recipient receives the given data precisely.
If an error is found, the data link layer can attempt to restore the original data using error
correction techniques. One common method is use error-correcting code (ECC) to add extra bits
7
to the data, which, in case of errors, might be used to recreate the original data. You can clearly
see it in given numerical.
8
Logical Topological Diagram
Figure 1: Topological Diagram for the given condition
9
IP address and Subnetting
Yes subnetting will be used in the above ip address block because it is a class C network address
and can only support a maximum of 254 hosts due to its large capacity. Which means that only
of 254 maximum hosts can be assigned to IP address id subnetting is not used.
We must choose the right subnet mask for each subnet in order to construct the subnet for 49, 27,
and 1145 hosts.
Please take note that there is a chance that the number of hosts within every subnet may vary
slightly from the number of hosts you requested, but this should be close enough. I hope this
helps! Let me know if you have any other questions
Routing Protocol Used
There are many different routing protocols that can be used to connect many networks; in this
case, I'm using the OSPF routing system.
OSPF
The Internet Engineering Task Force (IETF) developed the inner gateway protocol (IGP) known
the IGP known as Open Shortest Path First (OSPF), which is most typically utilized in big
10
networks. Every node in the network is conscious of the entire network's topology because OSPF
is a link-state routing system. Because OSPF is a link-state routing protocol, each node in the
network is aware of the topology of the entire network. Due to the fact that OSPF is a classless
routing system, it may support many IP networks. It works with variable length subnet masks
(VLSMs) and chooses routes primarily based on cost. Additionally, OSPF supports traffic
engineering and multi-area networks.
Due to the Dijkstra algorithm, a sophisticated method of route calculation, OSPF is a strong and
dependable protocol. This algorithm determines the shortest path for traffic by accounting for the
cost of each hop in the network. Acknowledgements are another tool OSPF employs to verify the
accuracy of the data it receives. This makes sure that there aren't any problems in the network's
operation. OFPS is an efficient protocol, as it minimizes the amount of control traffic generated.
(What is OSPF)
The following are some of OSPF's main benefits:




To reduce OSPF routing traffic and the size of each area's link-state database, you can 
partition an Autonomous System (AS) into areas and maintain different area topologies.
Equal-cost multipath routing is offered
 by OSPF. Using various next hops, you can add
duplicate routes to the TCP stack.
11
Task-3
Configuration in Cisco Packet Tracer
Setting host name to R1
The command that was used to secure all logins, including serial, enable, ssh, and telnet,
and set the router's hostname to R1 is as follows:
12
Figure 2: Setting Hostname
Establishing a class C IP address and connecting to the switch with a description.
The command needed to change the IP address of class C to R1 is as follows:
Figure 3: Setting class C ip and description
The command used to create your login (your name) and password with privilege level 7
is as follows:
 We then used the write command to save it.
Figure 4: username and password
13
The command used to add a motd banner that reads "Unauthorized access only" is as
follows:
Figure 5: motd banner

The command that was used to set up Telnet using my own username and password is as
follows:
Figure 6: Configuration telnet

The command used to configure SSH is listed below:
14
Figure 7: Configuration the SSH

The command used to protect every password so that none could be seen when reading
the router's configuration in plain text is as follows:
15
Figure 8: Configuration and securing the password
Switch 0 Configuration
16
Figure 9: In switch 0 config.VLAN
Configuration of Switch 1
17
Figure
Figure 10: In Switch 1 VLAN CONFIG

The command used to set up the trunk port connection between the switches is as
follows:
18







The figure below illustrates the implementation of PVST and network redundancy:
19
Figure 12: implemented PVST and Network redundancy
20
Network security and Firewall
Being a cyber-security student, there are many different kinds of network threats that
might undermine a network's security. Typical instances include:


Denial of Service (DoS) attack:

By flooding a system or network with traffic, a network attack known as a denial of
service (DoS) attempt aims to make it inaccessible to authorized users. This can be done
in a number of ways, such as by overloading the network with artificial traffic, depleting
a particular network resource, or taking advantage of vulnerability in the system.





Man-in-the-Middle (MitM) attack:


The attacker intercepts and perhaps modifies the communication between two parties as
part of a "Man-in-the-Middle" (MitM) attack on a network. Without being noticed by the
persons involved, the attacker is able to read, insert, and edit the message. There are
several ways to accomplish this, such as by using a phony access point, DNS spoofing, or
ARP spoofing. MitM attacks can be used to steal sensitive data, such as login passwords,
or to infect a network with malware.

21



Phishing:

Phishing is a form of social engineering attack where targets are tricked into giving
sensitive information, such as login credentials or financial information, by means of
bogus emails or websites. The attacker often sends an email or message asking the
recipient to click on a link or enter their details into a false website while posing as a
reliable body, such a bank or a well-known firm.

It may be possible to use both hardware and software solutions to reduce these threats.
Among the hardware options are:



Firewalls:
A firewall is a sort of network security system that monitors and controls both the
network's incoming and outgoing traffic in line with previously specified security rules
and regulations. Between a trustworthy internal network and dubious external networks,
like the Internet, it serves as a barrier. Firewalls may be installed as software, hardware,
or a hybrid of the two. In addition to monitoring and logging network activity, they can
be used to block unwanted traffic and restrict access to a network. (What is Firewall)

Intrusion Detection and Prevention System (IDPS):
22
A network security tool called intrusion detection and prevention system (IDPS) finds
and stops unauthorized access, abuse, and other malicious activity on a computer or
network. Utilizing a variety of tactics, it keeps track of network activity to look for
potential security risks and then takes action by quarantining the threat's source,
obstructing traffic, or notifying an administrator as necessary.



Virtual Private Network (VPN):
The term "Virtual Private Network," or VPN, refers to the possibility of creating a secure
network connection when utilizing public networks. VPNs mask your online identity and
encrypt your internet activity. This makes it more challenging for outside parties to
monitor your internet activities and steal data.
Among the software options:

Antivirus and Anti-malware software: These tools can be employed to find and get rid of
malware from a network.


Network Segmentation: In order to make it more difficult for hackers to move laterally

within a network, this entails breaking a network into smaller sub-Networks.
23




Security Information and Event Management (SIEM) software: Network logs can
be monitored
 and examined using these techniques to look for suspicious
behavior.
Two-Factor Authentication: This increases the security of user authentication by
requesting a second form of identification,
such as a fingerprint or a one-time

code provided to a mobile device.
It is crucial to remember that security is a continuous process, and that in order to respond to new
risks and vulnerabilities, mitigation measures should be continuously examined and updated.
Firewalls are essential parts of every network because they serve as a shield in between
authorized internal network and an untrusted external network, like the Internet. By regulating
incoming and outgoing network traffic in line with predetermined security rules and regulations,
they can aid in the prevention of unauthorized access, data theft, and other cyber risks.
Firewalls can be positioned in a network in a number of ways:



Network-based Firewall: The perimeter of a network, often between the internal network
and the Internet, is where this kind of firewall is installed.
It maintains a record of and

regulates all incoming and outgoing network traffic.
Host-based firewall: This kind of firewall is set up on a particular host, like a server
or a
PC. It keeps a record of and regulates all incoming and outgoing traffic on the host.
24

Wireless Firewall: By limiting network access and checkingup on wireless traffic, this
kind of firewall is required to safeguard wireless networks.
Stateless and stateful filtering is two of the many filtering method that firewalls might utilize.
1. Stateless Filtering: This approach tests every packet individually and bases its decisions
on the header data, which includes the destination and source IP addresses and port
numbers.
2. Stateful Filtering: This approach monitors the connection's condition and bases choices
on the larger framework of the traffic. Given its ability to spot patterns in the network
that are suspicious of an attack, it can detect and stop malicious traffic that passes for
legit traffic.
In conclusion, firewalls are crucial for securing networks against cyber threats. Depending on the
particular requirements of the organization, they might be deployed at various points within a
network. Additionally, firewalls can determine which traffic to accept or deny using a range of
filtering techniques, which also include stateless and stateful filtering.
Configuring the windows firewall
The following techniques can be used to configure the Windows firewall to block
certain services like SSH and Telnet:
1. In Start menu's search box and type "Firewall."
25
2. To access the firewall settings, select "Windows Defender Firewall" in step
two.
Figure 13:
3. You can clearly see in left side there is “Advance Setting”, Click On it.
Figure:
26
4. Select "Inbound Rules" from the left-hand option in the Advanced Settings box.
27
Figure:
5. From the right side pane, choose "New Rule" to add a new inbound rule.
6. By selecting "Next," the New Inbound Rule will allows you to select "Port".
28
Figure:
7. On the Protocol and Ports tab, select "TCP," and then type the particular port number or range
of ports for the service you want to block. For instance, using port 22 for SSH and port 23 for
Telnet would bar users from utilizing those services. Next, click.
Figure:
29
8. Choose "Block the connection" on the Action screen, then click "Next."
Figure:
30
9. On the profile page, select the profile that you wish to apply the rule to. By default, all
profiles are subject to the rule. Select "Next."
Figure:
10. On the Name page, give the rule a description and name before clicking "Finish" to create it.
Figure:
31
The page for Protocol and Ports is shown in the following screenshot.
Figure:
32
The Name page, where you can give the rule a name and an optional description, is seen in the
following screenshot:
Figure:
33
34
Conclusion
The paper gives a thorough review of all the various parts and factors that go into maintaining
the reliability of network connectivity and security. The OSI model offers a common language
and comprehension of the numerous networking protocols and components, making it simpler
for professionals to communicate and troubleshoot issues. It highlights the value of the Open
Systems Interconnection (OSI) model in correctly identifying and resolving network problems as
well as the impact of new technique on the architecture and make of network systems. The paper
also includes cases of guiding principles for securing networks and defending against attacks, as
well as scenario-based examples to emphasize key ideas and principles of the OSI model. As was
stated in the conclusion, in order to ensure the constancy of networks and the access to data, it is
imperative to keep up with the most recent research findings.
35
References:
What is a firewall? Firewalls explained and why you need one.
(n.d.). https://us.norton.com/blog/emerging-threats/what-is-firewall#
Price-Evans, I. (n.d.). What is open shortest path first (OSPF)? Metaswitch | Cloud
Native Communications Software. https://www.metaswitch.com/knowledgecenter/reference/what-is-open-shortest-path-first-ospf
Layers of OSI model. (2022, June 15).
GeeksforGeeks. https://www.geeksforgeeks.org/layers-of-osi-model/
36