Networking Mastery¶

• TCP/IP Model
• DNS
• HTTP
• Troubleshooting

Networking is the core of everything
Before you hack anything you need to understand how data moves across networks because every attack exploits some aspect of network communication -- from packet manipulation to protocol weaknesses to service exploitation

The OSI Model (Conceptual)

7: Application   - HTTP, FTP, SMTP, DNS
6: Presentation  - TLS, SSL, encoding
5: Session       - Session management, NetBIOS
4: Transport     - TCP, UDP (your packet filters)
3: Network       - IP, ICMP, routing (nmap's playground)
2: Data Link     - Ethernet, MAC addresses, ARP (spoofing central)
1: Physical      - Cables, radio, signal

For security work you live at layers 2-4 most of the time but when web app testing layers 5-7 are your domain

Why Networking Knowledge is Non-Negotiable

Every security tool manipulates network communications
Nmap sends crafted IP packets. Burp Suite proxies web traffic through a local server. Netcat creates raw TCP connections. tcpdump captures and analyzes packet streams. If you don't understand TCP handshakes , HTTP request structures , and DNS resolution mechanics you're operating tools without understanding what they actually do

IP Addressing and CIDR

# CIDR notation cheat sheet
/32 = 1 host      # Single host
/24 = 256 hosts   # Class C (typical subnet)
/16 = 65536 hosts # Class B (large subnet)
/8  = 16M hosts   # Class A (massive)

# Common private ranges
10.0.0.0/8        # RFC 1918 Class A
172.16.0.0/12     # RFC 1918 Class B
192.168.0.0/16    # RFC 1918 Class C

TCP vs UDP

TCP - Connection-oriented , reliable , ordered delivery
Three-way handshake (SYN, SYN-ACK, ACK) before data
Used by: HTTP , SSH , SMTP , FTP , DNS (zone transfers)
Vulnerable to: SYN flood , session hijacking , sequence prediction

UDP - Connectionless , fire-and-forget , no guarantees
No handshake , lower overhead , faster
Used by: DNS (queries) , DHCP , SNMP , NTP , streaming
Vulnerable to: amplification attacks , spoofing

Port Number Ranges

0-1023      # Well-known (privileged) ports
1024-49151  # Registered ports
49152-65535 # Dynamic/private (ephemeral)

Common high-value ports: 22 (SSH) , 80 (HTTP) , 443 (HTTPS) , 445 (SMB) , 3389 (RDP) , 3306 (MySQL) , 1433 (MSSQL) , 6379 (Redis) , 27017 (MongoDB)