Open in app

Sign in

Write

Sign in

THM Extending Your Network

Wade Roberts
4 min readJan 8, 2022
Photo by Jonathan on Unsplash

This room covers VPN’s, Firewalls, and layer 2 & 3 devices within the pre-security learning path, this learning path covers a lot of content I’ve already covered within university and self-study, but is a good refresher on the topics to further solidify them

Task 1: Introduction to Port Forwarding

Without port forwarding, devices would not be able to cross a router to the internet and would only be capable of being accessed within a gateway boundary (or be in scope to an intranet.) To enable internet connection to a web server, then the port needs to be forwarded so the IP is available to the router and traffic can access the web server from outside the router.

What is the name of the device that is used to configure port forwarding?

Router

Task 2: Firewalls 101

Acts much like a security guard and decides what information is allowed in and out of a network, what is allowed to enter or leave the network can be defined based on a number of conditions.

  • Where the traffic is incoming from (accept/deny from particular network).
  • Where is the traffic destined too (accept or deny particular network).
  • What port is the traffic occurring from (allow/disallow traffic to particular ports).
  • Protocol of the incoming/outgoing traffic (TCP/UDP/Both)

Stateful Firewalls

  • Does not inspect packets, but inspects connections.
  • High resource overhead due to dynamic decision-making.
  • Blocks the entire device if it disagrees with connection.

Stateless Firewalls

  • Checks packets using static rules.
  • Lower resource overhead, but the firewall is only as good as the static rules put in place.
  • Effective during traffic floods (such as those experienced during DDoS attacks (Distributed Denial of Service)).

What layers of the OSI model do firewalls operate at ?

Layer 3,Layer 4

What category of firewall inspects the entire connection?

Stateful

What category of firewall inspects individual packets?

Stateless

Task 3: Practical — Firewall

Deploy the static site attached to this task. You must correctly configure the firewall to prevent the device from overloading to receive the flag!

What is the flag?

THM{FIREWALLS_RULE}

Task 4: VPN basics

A VPN (Virtual Private Network) enables devices in differing networks to communicate in a secure fashion between one another through a layer 3 devices into the internet (This connection is referred to as a tunnel).

Benefits of VPN’s

  • Connection of geographically diverse locations — If a business had multiple offices and are connected via a VPN, this enables sharing of infrastructure such as servers from an office in which the server does not physically exist.
  • Privacy — VPN connections are encrypted and can only be decrypted by devices within the VPN.
  • Anonymity — over a non VPN connection, traffic can be viewed by ISP’s (Internet Service Providers) and other intermediaries and tracked by them. The level of anonymity depends on the services utilized, if information is still fully logged, the anonymity is still an issue.

VPN Technology

  • PPP — Utilized by PPTP, allows authentication and enables encryption of data. VPN’s utilize private keys and public certificates, which must match. Not capable of crossing level 3 alone
  • PPTP (Point to Point Tunneling Protocol) — Enables PPP data to travel and leave a network, simple to set up, but with weak encryption when compared to alternative tunneling protocols (such as IPSec).
  • IPSec (Internet Protocol Security) — encrypts data by utilizing the IP framework. Difficult to set up compared to other protocols (such as PPTP), but once it is working offers strong encryption with a wide range of device support.

What VPN technology only encrypts & provides the authentication of data?

PPP

What VPN technology uses the IP framework?

IPSec

Task 5: LAN Networking Devices

What’s a router
A layer 3 device which is utilized to pass information from one network to another through the internet (referred to as routing), they are a dedicated layer 3 (Network) device which utilizes IP addresses and a number of other protocols (See: OSPF & RIP) in order to transmit data across the most efficient path.

What’s a switch
Used to connect multiple devices to a router or interlink multiple devices through the switch itself to transmit frames. Capable of facilitating many Ethernet cables to support their role. Can operate within layer 2 (Data link) which utilizes MAC addressing and layer 3 (Network) which utilizes both IP and MAC addressing.

A layer 2 switch cannot operate at layer 3; however, a layer 3 switch can operate at layer 3 and layer 2. In order to utilize a VLAN (Virtual Local Area Network) which segments sub-netted networks to allow two departments within an office to communicate among themselves a layer 3 switch would be needed. A layer 2 switch would still enable both to send and receive information via the internet, but would not enable the two VLANs to communicate among one another.

What is the verb for the action that a router does?

Routing

What are the two different layers of switches? Separate these by a comma I.e.: LayerX,LayerY

Layer2,Layer3

Task 6: Practical — Network Simulator

Deploy the static site attached to this task. And experiment with the network simulator. The simulator will break down every step a packet needs to take to get from point a to b. Try sending a TCP packet from computer1 to computer3 to reveal a flag.

What is the flag from the network simulator?

THM{YOU’VE_GOT_DATA}

How many HANDSHAKE entries are there in the Network Log?

5

Routing
Switches
Routers
Networking
Thm

--

--

Wade Roberts

Written by Wade Roberts

2 Followers

Student documenting my rise through technology and life.

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams