This Report is yet to be approved by a Coordinator.
Jeethan's CL-CY Level 1 MARVEL report
27 / 10 / 2024
Task 1 : Git and Git hub
What did I learn ?
- I learnt that Git is basically a version control system that helps in keeping the track of changes done in a certain project, it is basically a timeline history of our project
- I learnt different git commands such as
git init, git add, git commit, git status, git log
and many more. - Github is basically a remote repository that allows us to share and collaborate our projects. Git and Github go hand-in-hand.
- I learnt about concepts such as
cloning, forking, branching, pull request and push request
- To summarise these concepts :
- Cloning is basically downloading the entire Github repository into their local machine. We can do that by downloading the zip file from the website or by using the
git clone
command. - Forking is nothing but copying the entire github repository of another individual into your own account. We can do that by simply clicking the
fork
option in the website. - Push request is nothing but updating process, whatever changes you have done in the local repository can be pushed into the local repository by using the
git push
command. - Pull request ,let's imagine you forked a repo and now you have made changes in that repo, now if you want to suggest the changes to the original owner of that repo you to do a pull request and it will be the owners choice whether to accept it or reject it. The pull request can be done directly on the website itself
- Branching, is a concept in which different versions of the product can be made simultaneously. This method of development is also called Trunk development. Whenever a service or a feature needs to be added into the product a new branch is made using the
git branch
command andgit checkout
is used to navigate between the branches. After the branch is made the service is added in that branch and checked. If it works properly then the branches are merged using thegit merge
command
- Cloning is basically downloading the entire Github repository into their local machine. We can do that by downloading the zip file from the website or by using the
References:
Task 2 : OSI model
What did I learn ?
- I learnt that
OSI model
is nothing but a framework or a flow chart design of how data is transmitted from one computer to another or from one network to another network.
The OSI model consists of 7 layers:
- Application Layer
- Presentation Layer
- Session Layer
- Transport Layer
- Network Layer
- Data Link Layer
- Physical Layer
Different protocols used:
Protocol | Full Form | Use Case | OSI Layer |
---|---|---|---|
HTTP | Hypertext Transfer Protocol | Web browsing and transferring web content | Application Layer |
HTTPS | Hypertext Transfer Protocol Secure | Secure web communication and transactions | Application Layer |
FTP | File Transfer Protocol | File transfer between client and server | Application Layer |
SFTP | Secure File Transfer Protocol | Secure file transfer using SSH | Application Layer |
SMTP | Simple Mail Transfer Protocol | Sending and transferring emails | Application Layer |
DNS | Domain Name System | Resolving domain names to IP addresses | Application Layer |
SSH | Secure Shell | Secure remote login and command execution | Application Layer |
Telnet | Telecommunications Network | Insecure remote access and command execution | Application Layer |
SNMP | Simple Network Management Protocol | Network management and monitoring | Application Layer |
TFTP | Trivial File Transfer Protocol | Simple and minimal file transfer | Application Layer |
TCP | Transmission Control Protocol | Reliable communication, connection-oriented data transfer | Transport Layer |
UDP | User Datagram Protocol | Unreliable communication, connectionless data transfer | Transport Layer |
IP | Internet Protocol | Routing packets across networks | Network Layer |
Ethernet | Ethernet | Network access, physical data transfer over wired LAN | Data Link Layer |
PPP | Point-to-Point Protocol | Direct connection between two nodes | Data Link Layer |
References:
Task 3 : Encryption Techniques
What did i learn ?
- I learnt about Encryption and decryption and different types of Encryptions used.
- Encryption is a method used to convert readable data into ciphertext using a mathematical algorithm and a key.
- There are mainly 2 types of encryption used:
- Symmetric Encryption :
- It is a type of cipher that only uses one private key for encryption and decryption
- This means that both the sender and receiver must have the same secret key
- Generally faster and more efficient in terms of computational resources.
- If the key is leaked, both encryption and decryption processes are at risk.
AES(Advanced Encryption Standard)
is a type of Symmetric Cipher.- AES uses complex matrix row and column transformations for encryption.
- Asymmetric Encryption :
- It is a type of cipher that uses a pair of keys, it uses a private key and it uses a public key
- The public key can be distributed and the private key is kept secret, by using the public key, people can can encrypted message and only the person with the private key can decrypt the encrypted message
- It is slower compared to symmetric ciphers due to more complex mathematical operations.
- But why public-private key pair?
- Each public-private key pair is unique. Messages encrypted with a public key can only be decrypted with the corresponding private key.
- the public key is actually derives from the private key
- Basically you use your friends public key to encrypt your message and then send it to them, they will use their private key and decrypt it, now your friend can use your public key and encrypt their message and then send it to you and now you can decrypt using your private key.
- Asymmetric encryption algorithms are designed to make it impossible to decrypt a message without the private key, even if an attacker has the public key and access to advanced computational resources. The encryption strength is based on mathematical problems that are hard to solve, such as factoring large prime numbers (in
RSA
) or solving discrete logarithm problems - RSA algorithm is purely mathematical, it basically uses large prime numbers to generate the key. References:
- Symmetric Encryption :
- AES encryption by Neso Academy
- RSA encryption
- Hashing
- Link to Github code
Task 4 : IP Addressing and Protocols
What did i learn ?
- I learnt about
TCP/IP
,UDP
andWeb Scraping
.- IP:
- An IP address is basically a unique identification given to a device which is connected to the internet. It helps the data reach the correct destination. No two computers have the same IP address
- IP address basically helps the data like a GPS system
- TCP :
- TCP full form is Transmission control protocol it comes under the Network layer and it breaks the data into packets, here the data packet contains source and destination IP addresses
- TCP is reliable as it keeps a track of lost or corrupted data packets. If any data packet is lost or corrupted while transferring, The TCP requests the source for the data packet again
- UDP :
- UDP full for is User Datagram Protocol
- Its less secure than TCP because UDP doesn't check if the data is reached, if it has reached in correct order or is the data corrupted
- Its faster than TCP
- Web Scraping :
- It is the process of automatically extracting data from websites using a software or script. It involves accessing web pages and retrieving specific information, such as text, images, tables, or other data, based on predefined rules.
- It works by sending HTTP requests to a website’s server, which in turn the website responds with the HTML content of the web page. The scraper we use then parses this HTML to extract the desired data. The extracted data can be stored in a structured format like a
CSV file
,Excel sheet
, ordatabase
for analysis. Reference :
- IP:
- Web scraping from Code with Harry
- Web scraping from Tech with Tim
- Beautiful soup documentation
- Link to Github code
Task 5 : Kali Linux and SSH
What did i learn ?
- Firstly i learned about SSH(
Secure Shell
) and how it works and its use cases - Basically its main task is used to connect the client and the server in a very secure manner. It’s mainly used for remote administration and management of servers.
-
So how does it work?
- Instead of a password, SSH can use a pair of cryptographic keys (public and private keys) for authentication, which is more secure.
- For an SSH connection a
SSH file (this is the private SSH key)
should be there in the local machine and the public key is given to the server - To generate SSH file u can use
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
- SSH uses RSA, that is it uses a private key and a public key. The private key should remain on the local machine and never be shared, while the public key can be uploaded to remote servers.
- Now, after private and public key is done the server sends a
sample message
to the local machine which is encrypted using the public key, and if the message gets decrypted using the private key in the machine the connection is made - SSH includes tools like SCP (Secure Copy Protocol) and SFTP (Secure File Transfer Protocol) for securely transferring files.
-
How does SSH differ from a normal connection like TelNet?
- SSH is more secure than a normal connection (like Telnet or unencrypted FTP) because it uses encryption, authentication, and data checking mechanisms.
- Encryption:
- So, SSH encrypts the data that is to be transmitted so that it cannot be tracked or read by any third person. It uses encryption algorithms like RSA making sure that the data remains secure
- Authentication:
- Basic authentication which is done using username and password is sent in clear text, making it easy for attackers to capture and read the login information, This shows that SSH is more secure because it uses encryption
- Integrity Check: - SSH uses hashing algorithms like SHA-2 to check the integrity of the transmitted data. Whereas normal connection doesn't do any hashing
- Encryption:
- SSH is more secure than a normal connection (like Telnet or unencrypted FTP) because it uses encryption, authentication, and data checking mechanisms.
- Next in this task I learnt about an Operating system called
Kali Linux
which is specifically made for Networking and Ethical hacking.- In Kali Linux provides a tool known as Nmap(Network mapper).Nmap scans large number of networks and devices and provides information about those devices and networks
- Nmap operates by sending packets to target hosts and analyzing the responses. Based on these responses, it can determine a variety of details about the hosts, including which ports are open, what services are running, the operating system being used, and even specific versions of applications. References :
- Install Kali linux using virtual box
- Nmap tutorial Basics playlist
Task 6 : Chat application using Socket.IO
What did i learn ?
- I learnt about what are clients and servers and how they connect with each other.
- I learnt about sockets modules in python. Resources :
- Sockets tutorial
- Link to github code
Task 7 : Database
What did i learn ?
- I learnt the basics of
SQL
and its commands, i learnt howCRUD
commands work. - I also learnt what are
GET
,POST
,PUT
andDELETE
commands and the difference between them. - Here in this task i have made a simple database using
MySQL
where I can add, delete, update and read student data.
- A fun database made using MySQL CLI:
Resources:
- Chatgpt (for the code)
- MySQL
- Postman
- RapidAPI VS code Extension
- Link to Github code