Open Skills Logo
Open Skills

Network 101

This skill should be used when the user asks to "set up a web server", "configure HTTP or HTTPS", "perform SNMP enumeration", "configure SMB shares", "test network services", or needs guidance on configuring and testing network services for penetration testing labs.

View Source
name:Network 101description:This skill should be used when the user asks to "set up a web server", "configure HTTP or HTTPS", "perform SNMP enumeration", "configure SMB shares", "test network services", or needs guidance on configuring and testing network services for penetration testing labs.metadata:author:zebbernversion:"1.1"

Network 101

Purpose

Configure and test common network services (HTTP, HTTPS, SNMP, SMB) for penetration testing lab environments. Enable hands-on practice with service enumeration, log analysis, and security testing against properly configured target systems.

Inputs/Prerequisites

  • Windows Server or Linux system for hosting services

  • Kali Linux or similar for testing

  • Administrative access to target system

  • Basic networking knowledge (IP addressing, ports)

  • Firewall access for port configuration

    • Outputs/Deliverables

  • Configured HTTP/HTTPS web server

  • SNMP service with accessible communities

  • SMB file shares with various permission levels

  • Captured logs for analysis

  • Documented enumeration results

    • Core Workflow

    1. Configure HTTP Server (Port 80)

    Set up a basic HTTP web server for testing:

    Windows IIS Setup:

  • Open IIS Manager (Internet Information Services)

  • Right-click Sites → Add Website

  • Configure site name and physical path

  • Bind to IP address and port 80

    • Linux Apache Setup:

    # Install Apache
    sudo apt update && sudo apt install apache2
    Start service

    sudo systemctl start apache2
    sudo systemctl enable apache2
    Create test page

    echo "<html><body><h1>Test Page</h1></body></html>" | sudo tee /var/www/html/index.html
    Verify service

    curl http://localhost

    Configure Firewall for HTTP:

    # Linux (UFW)
    sudo ufw allow 80/tcp
    Windows PowerShell

    New-NetFirewallRule -DisplayName "HTTP" -Direction Inbound -Protocol TCP -LocalPort 80 -Action Allow

    2. Configure HTTPS Server (Port 443)

    Set up secure HTTPS with SSL/TLS:

    Generate Self-Signed Certificate:

    # Linux - Generate certificate
    sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
      -keyout /etc/ssl/private/apache-selfsigned.key \
      -out /etc/ssl/certs/apache-selfsigned.crt
    Enable SSL module

    sudo a2enmod ssl
    sudo systemctl restart apache2

    Configure Apache for HTTPS:

    # Edit SSL virtual host
    sudo nano /etc/apache2/sites-available/default-ssl.conf
    Enable site

    sudo a2ensite default-ssl
    sudo systemctl reload apache2

    Verify HTTPS Setup:

    # Check port 443 is open
    nmap -p 443 192.168.1.1
    Test SSL connection

    openssl s_client -connect 192.168.1.1:443
    Check certificate

    curl -kv https://192.168.1.1

    3. Configure SNMP Service (Port 161)

    Set up SNMP for enumeration practice:

    Linux SNMP Setup:

    # Install SNMP daemon
    sudo apt install snmpd snmp
    Configure community strings

    sudo nano /etc/snmp/snmpd.conf
    Add these lines:

    rocommunity public

    rwcommunity private
    Restart service

    sudo systemctl restart snmpd

    Windows SNMP Setup:

  • Open Server Manager → Add Features

  • Select SNMP Service

  • Configure community strings in Services → SNMP Service → Properties

    • SNMP Enumeration Commands:

    # Basic SNMP walk
    snmpwalk -c public -v1 192.168.1.1
    Enumerate system info

    snmpwalk -c public -v1 192.168.1.1 1.3.6.1.2.1.1
    Get running processes

    snmpwalk -c public -v1 192.168.1.1 1.3.6.1.2.1.25.4.2.1.2
    SNMP check tool

    snmp-check 192.168.1.1 -c public
    Brute force community strings

    onesixtyone -c /usr/share/seclists/Discovery/SNMP/common-snmp-community-strings.txt 192.168.1.1

    4. Configure SMB Service (Port 445)

    Set up SMB file shares for enumeration:

    Windows SMB Share:

  • Create folder to share

  • Right-click → Properties → Sharing → Advanced Sharing

  • Enable sharing and set permissions

  • Configure NTFS permissions

    • Linux Samba Setup:

    # Install Samba
    sudo apt install samba
    Create share directory

    sudo mkdir -p /srv/samba/share
    sudo chmod 777 /srv/samba/share
    Configure Samba

    sudo nano /etc/samba/smb.conf
    Add share:

    [public]

       path = /srv/samba/share

       browsable = yes

       guest ok = yes

       read only = no
    Restart service

    sudo systemctl restart smbd

    SMB Enumeration Commands:

    # List shares anonymously
    smbclient -L //192.168.1.1 -N
    Connect to share

    smbclient //192.168.1.1/share -N
    Enumerate with smbmap

    smbmap -H 192.168.1.1
    Full enumeration

    enum4linux -a 192.168.1.1
    Check for vulnerabilities

    nmap --script smb-vuln* 192.168.1.1

    5. Analyze Service Logs

    Review logs for security analysis:

    HTTP/HTTPS Logs:

    # Apache access log
    sudo tail -f /var/log/apache2/access.log
    Apache error log

    sudo tail -f /var/log/apache2/error.log
    Windows IIS logs

    Location: C:\inetpub\logs\LogFiles\W3SVC1\

    Parse Log for Credentials:

    # Search for POST requests
    grep "POST" /var/log/apache2/access.log
    Extract user agents

    awk '{print $12}' /var/log/apache2/access.log | sort | uniq -c

    Quick Reference

    Essential Ports

    ServicePortProtocol
    HTTP80TCP
    HTTPS443TCP
    SNMP161UDP
    SMB445TCP
    NetBIOS137-139TCP/UDP

    Service Verification Commands

    # Check HTTP
    curl -I http://target
    Check HTTPS

    curl -kI https://target
    Check SNMP

    snmpwalk -c public -v1 target
    Check SMB

    smbclient -L //target -N

    Common Enumeration Tools

    ToolPurpose
    nmapPort scanning and scripts
    niktoWeb vulnerability scanning
    snmpwalkSNMP enumeration
    enum4linuxSMB/NetBIOS enumeration
    smbclientSMB connection
    gobusterDirectory brute forcing

    Constraints

  • Self-signed certificates trigger browser warnings

  • SNMP v1/v2c communities transmit in cleartext

  • Anonymous SMB access is often disabled by default

  • Firewall rules must allow inbound connections

  • Lab environments should be isolated from production

    • Examples

    Example 1: Complete HTTP Lab Setup

    # Install and configure
    sudo apt install apache2
    sudo systemctl start apache2
    Create login page

    cat << 'EOF' | sudo tee /var/www/html/login.html
    <html>
    <body>
    <form method="POST" action="login.php">
    Username: <input type="text" name="user"><br>
    Password: <input type="password" name="pass"><br>
    <input type="submit" value="Login">
    </form>
    </body>
    </html>
    EOF
    Allow through firewall

    sudo ufw allow 80/tcp

    Example 2: SNMP Testing Setup

    # Quick SNMP configuration
    sudo apt install snmpd
    echo "rocommunity public" | sudo tee -a /etc/snmp/snmpd.conf
    sudo systemctl restart snmpd
    Test enumeration

    snmpwalk -c public -v1 localhost

    Example 3: SMB Anonymous Access

    # Configure anonymous share
    sudo apt install samba
    sudo mkdir /srv/samba/anonymous
    sudo chmod 777 /srv/samba/anonymous
    Test access

    smbclient //localhost/anonymous -N

    Troubleshooting

    IssueSolution
    Port not accessibleCheck firewall rules (ufw, iptables, Windows Firewall)
    Service not startingCheck logs with journalctl -u service-name
    SNMP timeoutVerify UDP 161 is open, check community string
    SMB access deniedVerify share permissions and user credentials
    HTTPS certificate errorAccept self-signed cert or add to trusted store
    Cannot connect remotelyBind service to 0.0.0.0 instead of localhost

      Network 101 - Agent Skills