Networking & Ethical hacking

Networking & Ethical hacking

What is CCNA?

CCNA is an entry level certification offered by Cisco that validates your ability to install, configure, and troubleshoot networks. It's often a first step into networking career.


Key concepts in CCNA


1. Networking basics

  • LAN(local area network)

A network within a small area (like a building)

  • WAN(Wide area network)

Connects LANs across longer distances. 

  • IP Address

A unique address for each device on a network.

  • MAC Address

A hardware address used to identify devices on a LAN.




2. OSI Models (7 layers of networking)

  1. Physical- Cables, switches, etc

  2. Data link- MAC addresses, switches.

  3. Network- IP addresses, routers.

  4. Transport- TCP/UDP Protocols.

  5. Session- Maintains connections.

  6. Presentation- Data translation/encryption.

  7. Application- user interfaces. 


3. IP Addressing and subnetting 


  • IPv4- e.g., 192.168.1.1

  • Subnetting- Dividing a network into a smaller parts for better management and security.


4. Routing and Switching


  • Switch- Connects devices in the same network.

  • Router- Connects different networks.

  • VLANs (Virtual LANs)- separate logical networks within a physical switch.

5. Network Protocols


  •  TCP/IP- Main protocol suite used in networking.

  • DNS- Converts domain names into IP Addresses.

  • DHCP- Assigns IP addresses automatically.

  • HTTP/HTTPS- Web communication protocols.

  • FTP- Tranfers files.


6. CISCO IOS & CLI 


  • Cisco devices use IOS (Internetwork Operating System)

  • You’ll configure devices using CLI (Command Line Interface)




Basic CLI Commands:

enable                   # Enter privileged mode

configure terminal       # Enter global config mode

interface FastEthernet0/1 # Enter interface config

ip address 192.168.1.1 255.255.255.0

no shutdown              # Activate the interface


7. Network Security basics


  • Access Control Lists (ACLs): Control who can access network resources.

  • Port Security: Limit devices on a switch port.


Kali Linux & Penetration Testing:


What is kali Linux?


Kali Linux is a specialised linux distribution built for penetration testing, ethical hacking, and digital forensics. It comes preloaded with hundreds of tools used by cybersecurity professionals. 


  • Based on Debian Linux 

  • Maintained by Offensive Security 

  • Free and open-source.



What is Penetration Testing?

Penetration Testing (Pen Testing) is a simulated cyberattack on a system, network, or application to find and fix security vulnerabilities before real attackers do.


Pen testers act like ethical hackers — they break in legally to help improve security.


Kali Linux tools for Pen testing


Here are a few tools grouped by category.


  1. Information Gathering

 

  • Nmap- Scans network and finds open ports.

  • Whois- Info about domains.

  • theHarvester- Gathers emails, subdomains, etc.


  1. Vulnerability Analysis 


  • Nikto- Web server vulnerability scanner.

  • OpenVAS- full featured vulnerability scanner.


  1. Exploitation tools


  • Metasploit Framework- Exploit systems, test payloads. 

  • SQLmap- Detect and exploit SQL injection flaws.


  1. Wireless Attacks


  • Aircrack-ng – Cracks Wi-Fi passwords.

  • Reaver – Attacks WPS in routers.


  1. Password Attacks


  • John the Ripper- Password Cracking tool

  • Hydra- Brute force login credentials.


  1. Sniffing & Spoofing 


  • Wireshark- Capture and analyze network packets.

  • Ettercap- Man-in-the-middle attacks.


Common Pen Testing Stages (PTES Methodology)


  1. Reconnaissance (Recon):

Gather info about the target (passive & active)

  1. Scanning: Identify open ports and services.

  2. Exploitation: Use vulnerabilities to gain access.

  3. Privilege Escalation: Gain higher-level access.

  4. Post Exploitation: Analyze what was accessed.

  5. Reporting: Document findings and suggest fixes.


Is Pen Testing Legal?


Only if you have permission from the owner of the system. Without consent, it's considered illegal hacking.


Learning Resources 


  • TryHackMe, Hack the Box- Hands-on labs.

  • OWASP Top 10- Common web vulnerabilities.

  • Metasploit Unleashed- learn exploitation tools.


Cyber security and ethical Hacking tools:


  1. Reconnaissance(Info Gathering)


  • Nmap- Network scanner for finding open ports/services.

  • theHarvester- Gathers emails, domains, usernames from public resources.

  • Maltego- Visual link analysis for relationships and data mapping.

  • Recon-ng- Recon framework like Metasploit but for recon.




  1. Scanning & Vulnerability Analysis

 

  • Nikto- Web server scanner for outdated software and dangerous files.

  • OpenVAS- Open-source vulnerability scanning.

  • Nessus- Comprehensive vulnerability assessment tool.

  • WhatWeb/Wappalyzer- Detects website technologies.


  1. Exploitation


  • Metasploit Framework- Powerful tool for exploiting vulnerabilities.

  • SQLmap- Automates SQL injection detection and exploitation.

  • BeEF(Browser Exploitation Framework)- Exploits vulnerabilities in web browsers.




4. Wireless Testing 

  • Aircrack-ng– Cracks Wi-Fi passwords using captured packets.

  • Reaver– Attacks WPS to retrieve WPA/WPA2 passphrases.

⚠️
Mobile Access Required
This website is optimized for mobile devices only.
Please open this page on your smartphone or tablet for the best experience.