salahalsabhi/Introductory-Networking-TryHackMe-Cybersecurity-Learning-Journey

# 入门级网络-TryHackMe-网络安全学习之旅 我完成了TryHackMe的入门级网络房间！这是一个关于网络理论和基础网络工具的课程。 # 入门级网络 — TryHackMe ``` introductory-networking/ │ ├── README.md ├── writeup.md ├── networking-fundamentals.md ├── commands-reference.md ├── protocols-cheat-sheet.md ├── dns-guide.md ├── subnetting-basics.md ├── troubleshooting-tools.md ├── security-notes.md ├── cheat-sheet.md └── screenshots/ ├── ping-results.png ├── traceroute-output.png ├── dns-lookup.png ├── whois-results.png └── wireshark-analysis.png ``` # README.md ``` ## 概述 This repository documents my completion of the **Introductory Networking** room on TryHackMe. This room provided foundational networking theory, practical command-line networking skills, protocol analysis, DNS understanding, subnetting basics, and essential troubleshooting methodologies. --- # 学习目标 - Understand networking fundamentals - Learn the OSI model - Understand TCP/IP protocol stack - Explore common networking protocols - Practice DNS enumeration - Learn routing fundamentals - Use troubleshooting tools effectively - Understand IP addressing and subnetting - Develop security-focused networking awareness --- # 培养技能 ## 核心网络技能 - IP addressing - DNS resolution - Routing analysis - Protocol identification - Port awareness - Host discovery - Subnetting basics ## 实用安全技能 - Reconnaissance - DNS analysis - WHOIS investigation - Connectivity troubleshooting - Route tracing - Network diagnostics --- # 使用工具 - ping - traceroute - nslookup - dig - whois - ip - ifconfig - arp - route - netstat - ss - Wireshark --- # 职业相关性 Useful for: - SOC Analysts - Network Administrators - Penetration Testers - Blue Team Analysts - Helpdesk Engineers - Incident Responders - System Administrators --- # 核心要点 Networking is foundational to cybersecurity because every attack, defense, detection, and investigation depends on understanding how systems communicate. ``` # 实验报告.md ``` # 入门网络房间演练 ## 什么是网络？ Networking allows systems to communicate using standardized protocols, addressing schemes, and routing processes. --- # OSI 模型 | Layer | Name | Purpose | |------|------|---------| | 7 | Application | User services | | 6 | Presentation | Data formatting | | 5 | Session | Session management | | 4 | Transport | TCP/UDP | | 3 | Network | Routing/IP | | 2 | Data Link | MAC addressing | | 1 | Physical | Hardware transmission | --- # TCP/IP 模型 | Layer | Protocols | |------|-----------| | Application | HTTP, DNS, FTP | | Transport | TCP, UDP | | Internet | IP, ICMP | | Network Access | Ethernet | --- # 常见网络协议 | Protocol | Port | Purpose | |---------|------|---------| | HTTP | 80 | Web traffic | | HTTPS | 443 | Secure web | | FTP | 21 | File transfer | | SSH | 22 | Secure shell | | DNS | 53 | Domain resolution | | SMTP | 25 | Email | | DHCP | 67/68 | IP assignment | | SMB | 445 | File sharing | | RDP | 3389 | Remote desktop | --- # 基本网络命令 ## Ping ```bash ping google.com ping -4 google.com ping -i 2 google.com ping -v google.com ``` ## 路由追踪 ``` traceroute google.com traceroute -i tun0 google.com traceroute -T google.com ``` ## DNS查询 ``` nslookup google.com dig google.com dig +short google.com dig google.com @8.8.8.8 ``` ## WHOIS查询 ``` whois microsoft.com ``` ## 接口信息 ``` ifconfig ip a ip route ``` ## ARP表 ``` arp -a ip neigh ``` # DNS基础 ## 常见记录类型 * A记录 (IPv4) * AAAA记录 (IPv6) * MX记录 (邮件) * NS记录 (域名服务器) * TXT记录 (文本) * CNAME记录 (别名) ## 示例 ``` dig google.com MX dig google.com NS dig google.com TXT ``` # 路由概念 路由器负责确定网络间数据包传输的最佳路径。 ## 命令 ``` ip route route -n traceroute target.com ``` # IP地址与子网划分 ## IPv4地址示例： ``` 192.168.1.1 ``` ## 私有IP地址范围： * 10.0.0.0/8 * 172.16.0.0/12 * 192.168.0.0/16 # CIDR快速参考表 | CIDR | 子网掩码 | | ---- | ------------- | | /8 | 255.0.0.0 | | /16 | 255.255.0.0 | | /24 | 255.255.255.0 | | /32 | 单主机地址 | # 实际枚举工作流程 ``` ping target.com nslookup target.com dig target.com whois target.com traceroute target.com ip a netstat -tulnp ``` # 安全相关性 网络知识在以下方面至关重要： * 威胁狩猎 * 信息收集 * 防火墙分析 * 横向移动检测 * 数据包检查 * 事件响应 * 网络分段 # 学习心得 * 网络是网络安全的基础 * DNS对于枚举至关重要 * 路由影响网络可达性 * 协议定义了通信方式 * 故障排除工具对诊断必不可少 * 安全始于理解网络流量 ``` --- # networking-fundamentals.md ```markdown # 网络基础 ## 核心概念 ### IP 寻址 - Public IPs - Private IPs - Subnet masks - Gateways - CIDR notation --- ### 端口 - Well-known ports - Registered ports - Dynamic ports --- ### 协议类型 - TCP (Reliable) - UDP (Fast, connectionless) - ICMP (Diagnostics) - DNS (Resolution) --- ### 路由 - Default gateway - Static routes - Dynamic routes - Hops --- ### DNS - Domain to IP mapping - Resolver hierarchy - Record types - Public DNS servers ``` # 命令参考.md ``` # 网络命令参考 ## 连通性测试 ```bash ping host ping -4 host ping -i 2 host ping -v host ``` ## 路由分析 ``` traceroute host traceroute -i interface host traceroute -T host route -n ip route ``` ## DNS枚举 ``` nslookup domain dig domain dig +short domain dig domain @8.8.8.8 ``` ## WHOIS查询 ``` whois domain ``` ## 接口分析 ``` ifconfig ip a ip link ``` ## ARP ``` arp -a ip neigh ``` ## 端口检查 ``` netstat -tulnp ss -tulnp ``` ``` --- # protocols-cheat-sheet.md ```markdown # 常见网络协议速查表 | Protocol | Port | Purpose | |---------|------|---------| | HTTP | 80 | Web browsing | | HTTPS | 443 | Secure web | | FTP | 21 | File transfer | | SSH | 22 | Secure access | | DNS | 53 | Domain resolution | | SMTP | 25 | Email sending | | POP3 | 110 | Mail retrieval | | IMAP | 143 | Mail sync | | DHCP | 67/68 | IP assignment | | SMB | 445 | File sharing | | RDP | 3389 | Remote desktop | ``` # DNS指南.md ``` # DNS 指南 ## DNS 功能 Converts domain names into IP addresses. --- # 关键命令 ```bash nslookup domain.com dig domain.com dig +short domain.com dig domain.com MX dig domain.com NS ``` # 公共DNS服务器 * Google: 8.8.8.8 / 8.8.4.4 * Cloudflare: 1.1.1.1 / 1.0.0.1 # 安全用途 * 子域名发现 * 邮件服务器分析 * 被动信息收集 * 基础设施映射 ``` --- # subnetting-basics.md ```markdown # 子网划分基础 ## 关键概念 - Network address - Broadcast address - Host range - Subnet masks - CIDR --- # 示例 - /24 = 255.255.255.0 - /16 = 255.255.0.0 - /8 = 255.0.0.0 --- # 重要性 - Network segmentation - Security boundaries - IP management - Routing efficiency ``` # 故障排除工具.md ``` # 故障排除工具 ## Ping Checks availability and latency. ## Traceroute Maps route path. ## Dig / Nslookup DNS troubleshooting. ## Whois Domain registration intelligence. ## Netstat / ss Service and port visibility. ## ARP Local network discovery. ## Wireshark Packet analysis. ``` # 安全笔记.md ``` # 网络安全笔记 ## 常见风险 - DNS spoofing - MITM attacks - Open ports - Weak segmentation - Packet sniffing - Routing manipulation --- # 防御实践 - Firewalls - VPNs - IDS/IPS - Secure DNS - Segmentation - Encryption - Monitoring ``` # 速查表.md ``` # 快速网络速查表 ## 最常用命令 ```bash ping host traceroute host nslookup domain dig +short domain whois domain ip a netstat -tulnp ``` # DNS核心要点 ``` dig domain MX dig domain NS dig domain TXT ``` # 故障排除要点 ``` ping traceroute ip route arp -a ``` ``` --- # GitHub 上传命令 ```bash git init git add . git commit -m "Added Introductory Networking TryHackMe professional writeup" git branch -M main git remote add origin YOUR_REPO_URL git push -u origin main ``` # 可选增强功能 * 添加Wireshark数据包捕获 * 包含子网划分实践实验 * 添加Nmap基础 * 扩展至防火墙分析 * 添加网络拓扑图 * 包含实际安全场景 # 项目价值 本项目展示了： * 网络基础知识 * 安全意识 * DNS情报分析 * 故障排除方法论 * 命令行熟练度 * 专业文档编写能力 * 网络安全成长历程 # 作者 **Salah Al Salti** 网络安全学习者 | SOC分析师方向 | TryHackMe与Hack The Box爱好者 # 免责声明 本项目仅用于教育目的。所有活动均在TryHackMe等合法实验环境中进行。 我的LinkedIn主页：[https://www.linkedin.com/feed/update/urn:li:activity:7461361791676264449/]

标签：DNS枚举, OSI模型, SOC分析师, TCP/IP, TryHackMe, Wireshark, 协议分析, 句柄查看, 子网划分, 学习笔记, 安全技能, 实践学习, 情报分析, 故障排除, 权限提升, 网络基础, 网络安全, 网络安全工具, 网络工具, 网络诊断, 隐私保护