⚠️ChainsawCannon!⚠️ [inac...'s profile picture

Published by

published
updated

Category: Web, HTML, Tech

View Blog View Profile Report Blog Entry

HTB Academy - Introduction to Networking Notes [UNFINISHED]

Heyyyy! Here's some notes from the hackthebox academy intro to networking - feel free to look at these notes and please view the original here!

Networking Overview:

A network enables two computers to communicate with each other.

There is many arrays of topologies (mesh/tree/star)

mediums(ethernet/fiber/coax/wireless)

protocols (TCP/UDP/IPX)

Setting up flat networks isn't extremely difficult and can be a reliable network operationally. However, building a flat network is best comparable to building a house on a plot a land and considering it to be safe because of having a lock on the door. You can create defense networks for said networks. Pivoting networks isn't difficult but doing it quickly and silently is tough and will slow attackers down.

Pentester story:


Most networks will use a /24 subnet to a point most pentesters will set this subnet mask (255.255.255.0) without checking whatsoever. This network allows computers to communicate as long as the first three octets of an IP are the same (example: 142.069.1.xxx). Setting the subnet to 25 divides this range in half and computers will only be able to communicate to its respective half, the pentester claimed that the domain controller was offline when it was just on a different network. The network structure looked something like this:

  • Server Gateway: 10.20.0.1/25
  • Domain Controller: 10.20.0.10/25
  • Client Gateway: 10.20.0.129/25
  • Client Workstation: 10.20.0.200/25
  • Pentester IP: 10.20.0.252/24 (Set Gateway to 10.20.0.1)
The pentester communicated with the client workstations and thought they did ok! but due to the lack of understanding never managed to leave the client network and came across very HIGH VALUE targets such as database servers! (scary :0).

According to HTB Academy - the structure of a work-from-home setup may look like this:
overview of work-from-home setup
networking can best be compared to delivering mail, so like imagine information that's being sent over to a package you're getting whether it be your clothing, a new vinyl album, or maybe a cute figurine or plushie!

So imagine that when exchanging something from your home network to a company network. The Uniform Resource Locator (URL) we wish to enter our browser is also known as a Fully Qualified Domain Name (FQDN)
  • The difference between URL's and FQDN's are that
  • FQDN's such as "spacehey.com" only specifies a specific "building" so-to-speak.
  • As URL's such as maybe "spacehey.com/NaNam1 (hey that's my profile!)" Specifies a "floor" in the building..
Does that mean spacehey could be compared to a skyscraper based on how many users we have that cause many different URL floors?! Yes. yes it does.

The "post office" that sends our information over is known as a router and the package is forwarded to the main post office which is our Internet Service Provider (ISP)!
Your ISP will look through the "address register" (Domain Name Service/DNS) to find where the IP of the site you seek is at to send you over! After, the other end will send a packet of data back to your "return address" (IP address).

Other things HTB note relating to networks is:
  1. A web server would best be compared to a DMZ/Demilitarized zone since clients online can make communications with a website, making it more likely to become compromised. Placing it in a separate network would allow admins to put networking protection between web servers and other devices.
  2. Workstations should be on their own network, and in a perfect world should have a rule preventing contact with other workstations. If a workstation is on a same network as a server, man-in-the-middle or spoofing could become a very bad issue.
  3. The switch and router should be on an administration network, which would prevent snooping from workstations.
  4. IP phones should be on their own network so computers won't be able to eavesdrop on communications... you wouldn't want someone peeking at your IM's after all, hm?
  5. Printers should be on their own network as its impossible to secure. Your computer would use NTLMv2 authentication which can lead into stealing passwords... plus printers have very good persistence AND have tons of sensitive info :P
Network Types
WAN- The WAN, aka the Wide Area Network, is commonly known as the internet! You're on the WAN right now! Essentially it;s a large number of LAN networks connected together, companies even have their own which could is known as a intranet or an airgap network!

LAN- LAN's... I mentioned these briefly in WAN.... these are Local Area Networks that assign IP addresses for local use. Some colleges and other business use these to route online.

VPN- THIS BLOG IS SPONSORED BY NORD VPN ..... whooops... In all seriousness, VPN's AKA a Virtual Private Network come in three varieties, but all have the same ability: To make the user feel like they are connected to a completely different network. These variants are Site-To-Site (which are networks sharing their ranges, commonly used in company networks to join through the internet), Remote Access (which use a virtual interface to behave as another client network), and SSL (which are used within web browsers).

GAN- woah! this one is good for the internet quite literally! These Global Area Networks are composed on multiple WANs! and ensures that everyone here is always connected!

MAN- Also known as a Metropolitan Area Network, is made specifically for a geographical proximity, Cities usually use these.

PAN- Modern end devices have an ability to exchange data, this is done via the Personal Area Network! There's also some variety such as wireless one being able to exchange through a bluetooth or wireless usb's, the one established via bluetooth is called Piconet!

Network Topologies

This refers to the the physical or logical connections of devices on some network, Computers such as hosts, clients, and servers would actively use this network. They also include network components like switches, bridges, and routers.

The transmission medium layout used to connect devices is the physical topology of a network. For conductive or glass fiber media, its the cabling plan, the position of nodes, and connections between nodes and cabling.
In contrast, the logical topology is how signals act on network media or how data will be transferred to devices. 

1. Connections
Coaxial cabling relates to Wi-Fi, Glass Fiber Cabling relates to Cellular, Twisted-pair cabling relates to Satellite, and there's even more!

2. Nodes
There's many nodes such as: Repeaters, Hubs, Bridges, Switches, Routers/Modems, Gateways, and Firewalls.
Network nodes are the transmission medium's connection points to transmitters and are the receivers of signals. Some may be connected to a computer but some are on a microcontroller or may not even have a programmable device.

3. Classifications
Topologies are the virtual structure of a network, these can be physical or logical.

Point-To-Point- straightforward to two hosts
Bus- All hosts connected via some transition medium. there is no central network that controls processes. only one host can send and all the others can receive.
Star- maintains a connection to all hosts, each host being connected to a central network component via a router, hub, or switch. These can handle a forwarding function to data packets
Ring- a physical topology that is connecting each device via two cables, one for sending and one for receiving, the logical counterpart is based on the physical star where a distributor at the node simulates a ring by sending from one port to the next.


2 Kudos

Comments

Displaying 0 of 0 comments ( View all | Add Comment )