๐ŸŒฑ Beginner

Network Security Fundamentals

You cannot hack a network you do not understand. This guide covers the absolute essentials of networking that every security professional must master. From the packets on the wire to the logical addressing schemes.

Why This Matters

Every exploit, every payload, every C2 callback travels over a network. Understanding how data flowsโ€”from Layer 1 to Layer 7โ€”is the difference between a script kiddie and a professional.

The Two Models You Must Know

OSI Model (7 Layers)

The theoretical framework. Used for discussing attacks.

7ApplicationHTTP, SSH
6PresentationSSL/TLS
5SessionNetBIOS
4TransportTCP, UDP
3NetworkIP, ICMP
2Data LinkEthernet, ARP
1PhysicalCables, Hubs

TCP/IP Model (4 Layers)

The practical implementation. What actually runs.

4ApplicationHTTP, DNS, FTP
3TransportTCP, UDP
2InternetIP, ICMP, ARP
1Network AccessEthernet, Wi-Fi

Mnemonic: "All Traffic Is Not Perfect" (Application, Transport, Internet, Network Access)

Attack Surface by Layer

Every layer presents unique attack opportunities. Knowing where an attack occurs helps you understand how to execute and defend against it.

Layer Attack Type Example Technique
L7 - Application Web Exploits SQL Injection, XSS, API Abuse
L4 - Transport Session Hijacking TCP Sequence Prediction, SYN Flood DDoS
L3 - Network Routing Attacks IP Spoofing, ICMP Redirect, BGP Hijacking
L2 - Data Link LAN Attacks ARP Spoofing, MAC Flooding, VLAN Hopping
L1 - Physical Hardware Attacks Cable Tapping, Rogue Devices, Jamming

Quick Reference: Critical Ports

These are the ports you will encounter on almost every engagement. Memorize them.

21 | FTP
22 | SSH
23 | Telnet
25 | SMTP
53 | DNS
80 | HTTP
443 | HTTPS
445 | SMB
3389 | RDP

Learning Modules

๐ŸŒ

Networking Basics

The foundation: OSI Model, IP Addressing, and MAC Addresses.

Start Module โ†’
๐Ÿ”Œ

Protocols & Ports

Understanding TCP/UDP, the 3-Way Handshake, and common services.

Start Module โ†’
๐Ÿ”ข

Subnetting

Mastering IP division, CIDR notation, and network segmentation.

Start Module โ†’

Essential Recon Commands

Copy-paste these into your terminal to start exploring any network.

Discover Live Hosts (Ping Sweep) 
nmap -sn 192.168.1.0/24
Quick Port Scan (Top 1000) 
nmap -sT -T4 <target_ip>
View Your Network Interfaces 
ip addr show  # Linux
ipconfig /all # Windows
Check ARP Table (Local Neighbors) 
arp -a
Trace the Route to a Target 
traceroute <target>  # Linux
tracert <target>     # Windows

Related Tools

๐Ÿงฎ

Subnet Calculator

Calculate network ranges, broadcast addresses, and host counts.

 ๐Ÿšช

Port Reference

Comprehensive list of common and uncommon service ports.

 ๐Ÿ›ก๏ธ

Nmap Command Builder

Interactively build Nmap commands for your scans.

 ๐Ÿฆˆ

Wireshark Cheatsheet

Filter expressions and analysis tips for packet capture.

Related Topics

Internal Network Pentest

Apply networking knowledge to real assessments.

Cheatsheets

Quick reference for scanning and enumeration tools.

Wireless Pentesting

WiFi protocols and wireless network attacks.

Lab Setup

Build practice networks for safe learning.