Jeethan's CL-CY-001 course work. Lv 2

Jeethan's CL-CY Level 1 MARVEL report

27 / 10 / 2024

Task 1 : Git and Git hub

What did I learn ?

• I learnt that Git is basically a version control system that helps in keeping the track of changes done in a certain project, it is basically a timeline history of our project
• I learnt different git commands such as git init, git add, git commit, git status, git log and many more.
• Github is basically a remote repository that allows us to share and collaborate our projects. Git and Github go hand-in-hand.
• I learnt about concepts such as cloning, forking, branching, pull request and push request
• To summarise these concepts :
  1. Cloning is basically downloading the entire Github repository into their local machine. We can do that by downloading the zip file from the website or by using the git clone command.
  2. Forking is nothing but copying the entire github repository of another individual into your own account. We can do that by simply clicking the fork option in the website.
  3. Push request is nothing but updating process, whatever changes you have done in the local repository can be pushed into the local repository by using the git push command.
  4. Pull request ,let's imagine you forked a repo and now you have made changes in that repo, now if you want to suggest the changes to the original owner of that repo you to do a pull request and it will be the owners choice whether to accept it or reject it. The pull request can be done directly on the website itself
  5. Branching, is a concept in which different versions of the product can be made simultaneously. This method of development is also called Trunk development. Whenever a service or a feature needs to be added into the product a new branch is made using the git branch command and git checkout is used to navigate between the branches. After the branch is made the service is added in that branch and checked. If it works properly then the branches are merged using the git merge command

References:

• Git and GitHub tutorial

Task 2 : OSI model

What did I learn ?

• I learnt that OSI model is nothing but a framework or a flow chart design of how data is transmitted from one computer to another or from one network to another network.

The OSI model consists of 7 layers:

1. Application Layer
2. Presentation Layer
3. Session Layer
4. Transport Layer
5. Network Layer
6. Data Link Layer
7. Physical Layer

Different protocols used:

References:

• OSI tutorial
• OSI tutorial by gate smashers
• OSI models by GeeksForGeeks

Task 3 : Encryption Techniques

What did i learn ?

• I learnt about Encryption and decryption and different types of Encryptions used.
• Encryption is a method used to convert readable data into ciphertext using a mathematical algorithm and a key.
• There are mainly 2 types of encryption used:
  1. Symmetric Encryption :
     • It is a type of cipher that only uses one private key for encryption and decryption
     • This means that both the sender and receiver must have the same secret key
     • Generally faster and more efficient in terms of computational resources.
     • If the key is leaked, both encryption and decryption processes are at risk.
     • AES(Advanced Encryption Standard) is a type of Symmetric Cipher.
     • AES uses complex matrix row and column transformations for encryption.
  2. Asymmetric Encryption :
     • It is a type of cipher that uses a pair of keys, it uses a private key and it uses a public key
     • The public key can be distributed and the private key is kept secret, by using the public key, people can can encrypted message and only the person with the private key can decrypt the encrypted message
     • It is slower compared to symmetric ciphers due to more complex mathematical operations.
     • But why public-private key pair?
       • Each public-private key pair is unique. Messages encrypted with a public key can only be decrypted with the corresponding private key.
       • the public key is actually derives from the private key
       • Basically you use your friends public key to encrypt your message and then send it to them, they will use their private key and decrypt it, now your friend can use your public key and encrypt their message and then send it to you and now you can decrypt using your private key.
     • Asymmetric encryption algorithms are designed to make it impossible to decrypt a message without the private key, even if an attacker has the public key and access to advanced computational resources. The encryption strength is based on mathematical problems that are hard to solve, such as factoring large prime numbers (in RSA) or solving discrete logarithm problems
     • RSA algorithm is purely mathematical, it basically uses large prime numbers to generate the key. References:
• AES encryption by Neso Academy
• RSA encryption
• Hashing
• Link to Github code

Task 4 : IP Addressing and Protocols

What did i learn ?

• I learnt about TCP/IP, UDP and Web Scraping.
  1. IP:
     • An IP address is basically a unique identification given to a device which is connected to the internet. It helps the data reach the correct destination. No two computers have the same IP address
     • IP address basically helps the data like a GPS system
  2. TCP :
     • TCP full form is Transmission control protocol it comes under the Network layer and it breaks the data into packets, here the data packet contains source and destination IP addresses
     • TCP is reliable as it keeps a track of lost or corrupted data packets. If any data packet is lost or corrupted while transferring, The TCP requests the source for the data packet again
  3. UDP :
     • UDP full for is User Datagram Protocol
     • Its less secure than TCP because UDP doesn't check if the data is reached, if it has reached in correct order or is the data corrupted
     • Its faster than TCP
  4. Web Scraping :
     • It is the process of automatically extracting data from websites using a software or script. It involves accessing web pages and retrieving specific information, such as text, images, tables, or other data, based on predefined rules.
     • It works by sending HTTP requests to a website’s server, which in turn the website responds with the HTML content of the web page. The scraper we use then parses this HTML to extract the desired data. The extracted data can be stored in a structured format like a CSV file, Excel sheet, or database for analysis. Reference :
• Web scraping from Code with Harry
• Web scraping from Tech with Tim
• Beautiful soup documentation
• Link to Github code

Task 5 : Kali Linux and SSH

What did i learn ?

• Firstly i learned about SSH(Secure Shell) and how it works and its use cases
• Basically its main task is used to connect the client and the server in a very secure manner. It’s mainly used for remote administration and management of servers.

• So how does it work?

  • Instead of a password, SSH can use a pair of cryptographic keys (public and private keys) for authentication, which is more secure.
  • For an SSH connection a SSH file (this is the private SSH key) should be there in the local machine and the public key is given to the server
  • To generate SSH file u can use ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
  • SSH uses RSA, that is it uses a private key and a public key. The private key should remain on the local machine and never be shared, while the public key can be uploaded to remote servers.
  • Now, after private and public key is done the server sends a sample message to the local machine which is encrypted using the public key, and if the message gets decrypted using the private key in the machine the connection is made
  • SSH includes tools like SCP (Secure Copy Protocol) and SFTP (Secure File Transfer Protocol) for securely transferring files.

• How does SSH differ from a normal connection like TelNet?

  • SSH is more secure than a normal connection (like Telnet or unencrypted FTP) because it uses encryption, authentication, and data checking mechanisms.
    1. Encryption:
       • So, SSH encrypts the data that is to be transmitted so that it cannot be tracked or read by any third person. It uses encryption algorithms like RSA making sure that the data remains secure
    2. Authentication:
       • Basic authentication which is done using username and password is sent in clear text, making it easy for attackers to capture and read the login information, This shows that SSH is more secure because it uses encryption
    3. Integrity Check: - SSH uses hashing algorithms like SHA-2 to check the integrity of the transmitted data. Whereas normal connection doesn't do any hashing
• Next in this task I learnt about an Operating system called Kali Linux which is specifically made for Networking and Ethical hacking.
  • In Kali Linux provides a tool known as Nmap(Network mapper).Nmap scans large number of networks and devices and provides information about those devices and networks
  • Nmap operates by sending packets to target hosts and analyzing the responses. Based on these responses, it can determine a variety of details about the hosts, including which ports are open, what services are running, the operating system being used, and even specific versions of applications. References :
• Install Kali linux using virtual box
• Nmap tutorial Basics playlist

Task 6 : Chat application using Socket.IO

What did i learn ?

• I learnt about what are clients and servers and how they connect with each other.
• I learnt about sockets modules in python. Resources :
• Sockets tutorial
• Link to github code

Task 7 : Database

What did i learn ?

• I learnt the basics of SQL and its commands, i learnt how CRUD commands work.
• I also learnt what are GET,POST,PUT and DELETE commands and the difference between them.
• Here in this task i have made a simple database using MySQL where I can add, delete, update and read student data.

• A fun database made using MySQL CLI:

Resources:

• Chatgpt (for the code)
• MySQL
• Postman
• RapidAPI VS code Extension
• Link to Github code