1
00:00:00,390 --> 00:00:00,720
Okay.

2
00:00:00,720 --> 00:00:07,920
So before we talk about how to expand the sniffing space, let me explain the act of network devices

3
00:00:07,920 --> 00:00:10,050
and the routers, hubs and switches.

4
00:00:11,580 --> 00:00:18,510
Hub is commonly used to connect segments of a LAN, which is a local area network, and a hub contains

5
00:00:18,510 --> 00:00:20,220
multiple ports.

6
00:00:20,520 --> 00:00:26,490
When a packet arrives at one port, it is copied to the other ports so that all the segments of the

7
00:00:26,490 --> 00:00:29,280
land can see all of the packets.

8
00:00:30,130 --> 00:00:35,530
Hub acts as a common connection point for devices in a network.

9
00:00:37,320 --> 00:00:46,140
Now Switch operates at the data link layer layer two and sometimes the network layer, which is layer

10
00:00:46,140 --> 00:00:49,140
three of the OSI reference model.

11
00:00:49,690 --> 00:00:53,260
And therefore support any packet protocol.

12
00:00:54,110 --> 00:01:00,980
A Lancet used switches to join segments are called switch Islands or in the case of Ethernet networks,

13
00:01:00,980 --> 00:01:05,640
switched Ethernet lens in basically all networks.

14
00:01:05,660 --> 00:01:11,750
Switch is a device that filters and forwards packets between LAN segments.

15
00:01:12,870 --> 00:01:16,620
A router is connected to at least two networks.

16
00:01:16,650 --> 00:01:23,550
Commonly two LANs or WANs, which are the wide area networks, or LAN and its ISP, which is the Internet

17
00:01:23,550 --> 00:01:25,350
Service Providers Network.

18
00:01:26,080 --> 00:01:32,530
Router is generally located at Gateways, the places where two or more networks connect.

19
00:01:33,360 --> 00:01:35,980
Using headers and forwarding tables.

20
00:01:36,000 --> 00:01:42,750
Router determines the best path for forwarding the packets, and in addition, the router also uses

21
00:01:42,750 --> 00:01:50,370
protocols such as ICMP Internet control message protocol to communicate with each other and configures

22
00:01:50,370 --> 00:01:53,390
the best route between any two hosts.

23
00:01:53,400 --> 00:02:00,750
So in a word, router forwards data packets along networks.

24
00:02:01,940 --> 00:02:04,390
Now let's compare the hub and the switch.

25
00:02:04,400 --> 00:02:09,350
Since both of these two devices have similar roles on the network.

26
00:02:09,800 --> 00:02:16,700
Each serves as a central connection for all of your network equipment and handles a data type known

27
00:02:16,700 --> 00:02:17,960
as frames.

28
00:02:18,170 --> 00:02:20,960
Frames Carry your data.

29
00:02:21,380 --> 00:02:28,820
When a frame is received, it is amplified and then transmitted on to the port of the destination PC,

30
00:02:28,850 --> 00:02:31,340
which is typically a personal computer.

31
00:02:31,880 --> 00:02:39,620
The big difference between a hub and a switch is in the method in which frames are being delivered.

32
00:02:39,830 --> 00:02:42,170
You got that in a hub.

33
00:02:42,440 --> 00:02:47,690
A frame is passed along or broadcast to every one of its ports.

34
00:02:47,720 --> 00:02:51,470
It doesn't matter that the frame is only destined for one port.

35
00:02:52,020 --> 00:02:56,550
The hub has no way of distinguishing which port a frame should be sent to.

36
00:02:56,550 --> 00:02:57,180
Right.

37
00:02:57,760 --> 00:03:03,220
So passing it along to every port ensures that it will reach its intended destination.

38
00:03:03,520 --> 00:03:08,800
Now, this places a lot of traffic on the network and can lead to poor network response times.

39
00:03:08,800 --> 00:03:10,450
You can only imagine, right?

40
00:03:10,810 --> 00:03:16,540
Besides, the frame is received by the unintended nodes, which could be hackers.

41
00:03:16,540 --> 00:03:21,880
And in a cybersecurity point of view, what about the confidentiality?

42
00:03:22,420 --> 00:03:30,160
And additionally, on a ten 100 megabit per system hub, it must share its bandwidth with each and every

43
00:03:30,160 --> 00:03:31,210
one of its ports.

44
00:03:31,210 --> 00:03:38,380
So when only one PC is broadcasting, it will have access to the maximum available bandwidth.

45
00:03:38,620 --> 00:03:45,310
However, if there are multiple PCs broadcasting, then that bandwidth will need to be divided among

46
00:03:45,310 --> 00:03:49,870
all of those systems which will degrade performance for everybody.

47
00:03:50,780 --> 00:03:58,550
So in comparison, a switch keeps a record of the Mac, which is the media access control address of

48
00:03:58,550 --> 00:04:00,560
all the devices connected to it.

49
00:04:01,010 --> 00:04:07,460
With this information, a switch can identify which system is sitting on which port.

50
00:04:08,240 --> 00:04:15,950
So when a frame is received, it knows exactly which port to be sent to without significantly increasing

51
00:04:15,950 --> 00:04:17,690
network response times.

52
00:04:17,930 --> 00:04:25,850
And in addition, unlike a hub, a ten 100 megabit per second switch will allocate a full ten 100mbps

53
00:04:25,850 --> 00:04:27,060
to each of its ports.

54
00:04:27,080 --> 00:04:33,830
So regardless of the number of PCs transmitting, users will always have access to the maximum amount

55
00:04:33,830 --> 00:04:34,570
of bandwidth.

56
00:04:34,580 --> 00:04:35,750
That's important.

57
00:04:35,930 --> 00:04:41,510
So it's for these reasons that a switch is considered to be, well, let's say, a much better choice

58
00:04:41,510 --> 00:04:42,650
than a hub, right?

59
00:04:42,830 --> 00:04:43,850
Good.