1
00:00:00,530 --> 00:00:08,030
‫OK, so before we talk about how to expand the sniffing space, let me explain the active network devices

2
00:00:08,030 --> 00:00:09,860
‫and the routers, hubs and switches.

3
00:00:11,720 --> 00:00:18,560
‫Hub is commonly used to connect segments of a land, which is a local area network and a hub contains

4
00:00:18,560 --> 00:00:19,970
‫multiple ports.

5
00:00:20,810 --> 00:00:26,870
‫When a packet arrives at one port, it is copied to the other port so that all the segments of the land

6
00:00:26,870 --> 00:00:29,090
‫can see all of the packets.

7
00:00:30,270 --> 00:00:35,400
‫Hub act as a common connection point for devices in a network.

8
00:00:37,510 --> 00:00:46,210
‫Now, Switch operates at the data link layer layer two and sometimes the network layer, which is layer

9
00:00:46,210 --> 00:00:48,970
‫three of the OCI reference model.

10
00:00:49,850 --> 00:00:53,090
‫And therefore support any package protocol.

11
00:00:54,270 --> 00:01:01,050
‫Lands it use switches to join segments are called Switch Lands or, in the case of Ethernet networks,

12
00:01:01,050 --> 00:01:05,550
‫switched Ethernet lands in basically all networks.

13
00:01:05,880 --> 00:01:11,550
‫Switch is a device that filters and forwards packets between land segments.

14
00:01:12,960 --> 00:01:19,740
‫A router is connected to at least two networks, commonly to LANs or Wens, which are the Wide Area

15
00:01:19,740 --> 00:01:25,170
‫Network or LAN and its ISP, which is the internet service providers network.

16
00:01:26,320 --> 00:01:29,210
‫Router is generally located at gateways.

17
00:01:29,440 --> 00:01:32,380
‫The places where two or more networks connect.

18
00:01:33,570 --> 00:01:40,020
‫Using headers and forwarding tables, router determines the best path for forwarding the packet.

19
00:01:40,590 --> 00:01:48,270
‫And in addition, the router also uses protocols such as ICMP Internet Control Message Protocol to communicate

20
00:01:48,270 --> 00:01:53,250
‫with each other and configures the best route between any two hosts.

21
00:01:53,610 --> 00:02:00,540
‫So, in a word, router forwards data packets along networks.

22
00:02:02,170 --> 00:02:08,590
‫Now, let's compare the hub and the switch, since both of these two devices have similar roles on the

23
00:02:08,590 --> 00:02:09,100
‫network.

24
00:02:10,090 --> 00:02:16,780
‫Each serves as a central connection for all of your network equipment and handles a data type known

25
00:02:16,780 --> 00:02:17,740
‫as frames.

26
00:02:18,490 --> 00:02:20,740
‫Frames carry your data.

27
00:02:21,700 --> 00:02:28,960
‫When a frame is received, it is amplified and then transmitted onto the port of the destination PC,

28
00:02:28,990 --> 00:02:31,120
‫which is typically a personal computer.

29
00:02:32,210 --> 00:02:39,350
‫The big difference between a hub and a switch is in the method in which frames are being delivered.

30
00:02:40,000 --> 00:02:41,910
‫Got that in a hub?

31
00:02:42,710 --> 00:02:47,720
‫A frame is passed along or broadcast to every one of its ports.

32
00:02:47,810 --> 00:02:51,320
‫It doesn't matter that the frame is only destined for one port.

33
00:02:52,180 --> 00:02:56,980
‫The hub has no way of distinguishing which port a frame should be sent to, right?

34
00:02:57,950 --> 00:03:03,020
‫So passing it along to every port ensures that it will reach its intended destination.

35
00:03:03,830 --> 00:03:08,880
‫Now this places a lot of traffic on the network and can lead to poor network response times.

36
00:03:08,900 --> 00:03:16,400
‫You can only imagine right beside the frame is received by the unintended nodes, which could be hackers.

37
00:03:16,730 --> 00:03:21,650
‫And in a cybersecurity point of view, what about the confidentiality?

38
00:03:22,670 --> 00:03:30,230
‫And additionally, on a 10 100 megabit per system hub, it must share its bandwidth with each and every

39
00:03:30,230 --> 00:03:31,130
‫one of its ports.

40
00:03:31,400 --> 00:03:38,150
‫So when only one PC is broadcasting, it will have access to the maximum available bandwidth.

41
00:03:38,690 --> 00:03:45,380
‫However, if there are multiple pieces broadcasting, then that bandwidth will need to be divided among

42
00:03:45,380 --> 00:03:49,700
‫all of those systems, which will degrade performance for everybody.

43
00:03:50,960 --> 00:03:58,610
‫So in comparison, a switch keeps a record of the Mac, which is the media access control address of

44
00:03:58,610 --> 00:04:02,390
‫all the devices connected to it with this information.

45
00:04:02,660 --> 00:04:07,280
‫A switch can identify which system is sitting on which port.

46
00:04:08,450 --> 00:04:15,980
‫So when a frame is received, it knows exactly which port to be sent to without significantly increasing

47
00:04:15,980 --> 00:04:17,480
‫network response times.

48
00:04:18,200 --> 00:04:25,370
‫And in addition, unlike a hub, a 10 100 megabits per second switch will allocate a full 10 100 megabits

49
00:04:25,370 --> 00:04:26,930
‫per second to each of its ports.

50
00:04:27,320 --> 00:04:33,890
‫So regardless of the number of pieces transmitting, users will always have access to the maximum amount

51
00:04:33,890 --> 00:04:34,580
‫of bandwidth.

52
00:04:34,670 --> 00:04:35,570
‫That's important.

53
00:04:36,020 --> 00:04:41,570
‫So it's for these reasons that a switch is considered to be, well, let's say, a much better choice

54
00:04:41,570 --> 00:04:42,410
‫than a hub, right?

55
00:04:43,100 --> 00:04:43,640
‫Good.