Skip to content

Instantly share code, notes, and snippets.

@AkashRajvanshi

AkashRajvanshi/Phase5.md

Created March 18, 2020 06:23
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save AkashRajvanshi/cce15b27adda0d41f80a3076ebb064f8 to your computer and use it in GitHub Desktop.
Save AkashRajvanshi/cce15b27adda0d41f80a3076ebb064f8 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Phase5.md

Phase 5 : The Networking

Networking Fundamentals

Fundamentals of Internet Protocols

Description: Candidates should demonstrate a proper understanding of TCP/IP network fundamentals.

Key Knowledge Areas:

Demonstrate an understanding of network masks and CIDR notation.
Knowledge of the differences between private and public "dotted quad" IP addresses.
Knowledge about common TCP and UDP ports and services (20, 21, 22, 23, 25, 53, 80, 110, 123, 139, 143, 161, 162, 389, 443, 465, 514, 636, 993, 995).
Knowledge about the differences and major features of UDP, TCP and ICMP.
Knowledge of the major differences between IPv4 and IPv6.
Knowledge of the basic features of IPv6.

The following is a partial list of the used files, terms and utilities:

/etc/services
IPv4, IPv6
Subnetting
TCP, UDP, ICMP

Network Configuration

Basic networking configuration

Description: Candidates should be able to configure a network device to be able to connect to a local, wired or wireless, and a wide-area network. This objective includes being able to communicate between various subnets within a single network including both IPv4 and IPv6 networks.

Key Knowledge Areas:

Utilities to configure and manipulate ethernet network interfaces
Configuring basic access to wireless networks

Terms and Utilities:

ip
ifconfig
route
arp
iw
iwconfig
iwlist

Advanced Network Configuration and Troubleshooting

Description: Candidates should be able to configure a network device to implement various network authentication schemes. This objective includes configuring a multi-homed network device and resolving communication problems.

Key Knowledge Areas:

Utilities to manipulate routing tables
Utilities to configure and manipulate ethernet network interfaces
Utilities to analyze the status of the network devices
Utilities to monitor and analyze the TCP/IP traffic

Terms and Utilities:

ip
ifconfig
route
arp
ss
netstat
lsof
ping, ping6
nc
tcpdump
nmap

Persistent network configuration

Description: Candidates should be able to manage the persistent network configuration of a Linux host.

Key Knowledge Areas:

Understand basic TCP/IP host configuration.
Configure ethernet and wi-fi network using NetworkManager.
Awareness of systemd-networkd.

The following is a partial list of the used files, terms and utilities:

/etc/hostname
/etc/hosts
/etc/nsswitch.conf
/etc/resolv.conf
nmcli
hostnamectl
ifup
ifdown

Network Troubleshooting

Basic network troubleshooting

Description: Candidates should be able to troubleshoot networking issues on client hosts.

Key Knowledge Areas:

Manually configure network interfaces, including viewing and changing the configuration of network interfaces using iproute2.
Manually configure routing, including viewing and changing routing tables and setting the default route using iproute2.
Debug problems associated with the network configuration.
Awareness of legacy net-tools commands.

The following is a partial list of the used files, terms and utilities:

ip
hostname
ss
ping
ping6
traceroute
traceroute6
tracepath
tracepath6
netcat
ifconfig
netstat
route

Troubleshooting Network Issues

Description: Candidates should be able to identify and correct common network setup issues, to include knowledge of locations for basic configuration files and commands.

Key Knowledge Areas:

Location and content of access restriction files
Utilities to configure and manipulate ethernet network interfaces
Utilities to manage routing tables
Utilities to list network states.
Utilities to gain information about the network configuration
Methods of information about the recognized and used hardware devices
System initialization files and their contents (SysV init process)
Awareness of NetworkManager and its impact on network configuration

Terms and Utilities:

ip
ifconfig
route
ss
netstat
/etc/network/, /etc/sysconfig/network-scripts/
ping, ping6
traceroute, traceroute6
mtr
hostname
System log files such as /var/log/syslog, /var/log/messages and the systemd journal
dmesg
/etc/resolv.conf
/etc/hosts
/etc/hostname, /etc/HOSTNAME
/etc/hosts.allow, /etc/hosts.deny

Configure client side DNS

Description: Candidates should be able to configure DNS on a client host.

Key Knowledge Areas:

Query remote DNS servers.
Configure local name resolution and use remote DNS servers.
Modify the order in which name resolution is done.
Debug errors related to name resolution.
Awareness of systemd-resolved.

The following is a partial list of the used files, terms and utilities:

/etc/hosts
/etc/resolv.conf
/etc/nsswitch.conf
host
dig
getent

Network Security

Network Hardening

Description: Candidates should be able to secure networks against common threats. This includes verification of the effectiveness of security measures.

Key Knowledge Areas:

Configure FreeRADIUS to authenticate network nodes
Use nmap to scan networks and hosts, including different scan methods
Use Wireshark to analyze network traffic, including filters and statistics
Identify and deal with rogue router advertisements and DHCP messages

Terms and Utilities:

radiusd
radmin
radtest, radclient
radlast, radwho
radiusd.conf
/etc/raddb/*
nmap
wireshark
tshark
tcpdump
ndpmon

Network Intrusion Detection

Description: Candidates should be familiar with the use and configuration of network security scanning, network monitoring and network intrusion detection software. This includes updating and maintaining the security scanners.

Key Knowledge Areas:

Implement bandwidth usage monitoring
Configure and use Snort, including rule management
Configure and use OpenVAS, including NASL

Terms and Utilities:

ntop
Cacti
snort
snort-stat
/etc/snort/*
openvas-adduser, openvas-rmuser
openvas-nvt-sync
openvassd
openvas-mkcert
/etc/openvas/*

Packet Filtering

Description: Candidates should be familiar with the use and configuration of packet filters. This includes netfilter, iptables and ip6tables as well as basic knowledge of nftables, nft and ebtables.

Key Knowledge Areas:

Understand common firewall architectures, including DMZ
Understand and use netfilter, iptables and ip6tables, including standard modules, tests and targets
Implement packet filtering for both IPv4 and IPv6
Implement connection tracking and network address translation
Define IP sets and use them in netfilter rules
Have basic knowledge of nftables and nft
Have basic knowledge of ebtables
Be aware of conntrackd

Terms and Utilities:

iptables
ip6tables
iptables-save, iptables-restore
ip6tables-save, ip6tables-restore
ipset
nft
ebtables

Virtual Private Networks

Description: Candidates should be familiar with the use of OpenVPN and IPsec.

Key Knowledge Areas:

Configure and operate OpenVPN server and clients for both bridged and routed VPN networks
Configure and operate IPsec server and clients for routed VPN networks using IPsec-Tools / racoon
Awareness of L2TP

Terms and Utilities:

/etc/openvpn/*
openvpn server and client
setkey
/etc/ipsec-tools.conf
/etc/racoon/racoon.conf
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment