Beginner โฑ 45 Minutes Prereq: None

Networking Fundamentals

Before you can exploit a network, you must understand the infrastructure. This module covers the vocabulary of the internet and how devices identify each other.

1. What is a Network?

Launch Ping Sim

A network is simply two or more computers connected together to share resources. In cybersecurity, the network is the battlefield. It is the road that data travels on.

root@kali:~# ping 8.8.8.8
# Sending data packets to Google to see if the network is alive
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=115 time=14.2 ms
๐Ÿ•ต๏ธ

Security Relevance

Hackers start every engagement by "mapping the network." They use tools like nmap to find every connected device.

2. LAN vs WAN

Launch LAN Visualizer

Networks are classified by their physical scope. Understanding this distinction is vital for understanding "pivoting" attacks.

Your PC
โŸถ
Router (Gateway)
โŸถ
ISP
โŸถ
The Internet

๐Ÿ›ก๏ธ Attack Vector: Pivoting

LAN attacks usually involve "Pivoting". Once you hack one weak device (like a printer), you are "inside" the LAN.

๐Ÿงช Mini Exercise

Open your terminal (or CMD on Windows) and type: ipconfig (Win) or ip a (Linux).
Look for your "IPv4 Address". Does it start with 192.168... or 10...? If so, you are on a LAN.

3. Bandwidth, Latency, Throughput

Launch Speed Sim

Confusing these terms is a rookie mistake. Imagine a highway:

  • Bandwidth: The number of lanes on the highway. (Max theoretical capacity).
  • Throughput: The actual number of cars moving right now. (Real-world speed).
  • Latency (Ping): The time it takes for one car to drive to the destination and come back.
โš ๏ธ

Red Flag: High Latency

Sudden high latency or low throughput can indicate that your traffic is being intercepted, proxied, or routed through a malicious node (Man-in-the-Middle attack).

4. MAC vs IP Address

Launch Packet Viewer

Every device needs an ID card. In networking, you have two.

MAC Address (Physical)

Burnt into the hardware. Looks like: 00:1A:2B:3C:4D:5E. Used for local communication inside the LAN.

IP Address (Logical)

Assigned by the network router. Looks like: 192.168.1.5. Used to find devices across the internet.

๐Ÿ’€ MAC Spoofing

Hackers change their MAC address to bypass "MAC Filtering" on Wi-Fi or to impersonate trusted devices. In Linux, this is as easy as typing: macchanger -r eth0.

5. Public vs Private IP

Launch NAT Sim

Not all IP addresses can go on the internet. Because we ran out of IPv4 addresses, we use private ranges internally.

# Common Private Ranges (RFC 1918)
192.168.x.x (Home networks)
10.x.x.x (Enterprise networks)
172.16.x.x (Universities/Labs)

6. DNS (Domain Name System)

Launch DNS SIMULATION

Computers speak in numbers (IPs), humans speak in names (google.com). DNS is the phonebook that translates them.

โš ๏ธ Attack Vector: DNS Poisoning

If a hacker can corrupt the DNS cache, they can make facebook.com point to their own malicious IP address.

๐Ÿงช Mini Exercise

Open your terminal and type: nslookup google.com.
The "Address" shown is the real IP address of Google's server. You just performed a DNS query manually.

๐Ÿ“Œ Module Recap

  • LAN is your trusted local zone; WAN is the untrusted internet.
  • MAC Addresses are for local ID; IP Addresses are for global travel.
  • Private IPs (192.168.x.x) stay inside; Public IPs go outside.
  • DNS translates names to IPs. It is a frequent target for spoofing.
โ† Back to Roadmap
Next: OSI Model & Encapsulation
Next Module โ†’