Before an operator can attack a network, they must first understand it.
Every packet, connection, protocol, service, firewall, and pivot ultimately exists within a network. Whether you are investigating an incident, deploying infrastructure, defending an environment, or conducting offensive operations, networking forms the foundation upon which everything else is built.
Fortunately, becoming an effective operator does not require becoming a network engineer.
This chapter intentionally avoids deep dives into specialized or historical networking topics, such as "TCP session hijacking". Instead, the focus is on the concepts that operators encounter repeatedly throughout modern environments.
By the end of this chapter you should understand:
- How networks are structured
- How systems communicate
- How traffic moves between networks
- How organizations separate and protect systems
- How access is controlled through routing, proxies, VPNs, and firewalls
- How operators think about trust boundaries and network placement
Throughout your journey you will encounter increasingly complex environments:
Internet
↓
Firewall
↓
DMZ
↓
Internal Network
↓
Domain Controllers
The ability to visualize and understand these environments is often more valuable than memorizing obscure protocols or historical scanning techniques.
This chapter aims to provide the foundation required to answer those questions.
The concepts introduced here will continue to appear throughout the remainder of the course, particularly during:
- Active Directory Operations
- Web Attacks
- Lateral Movement
- Pivoting
- Command and Control
- Cloud Infrastructure
- Detection and Response
Do not worry if every detail does not immediately click into place.
Much of networking becomes easier once you begin seeing these concepts in action.
For now, focus on building a mental map of how systems, networks, and trust boundaries fit together.
Everything that follows will build upon that map.