Hello World!

Hello World!  I’m starting my e-portfolio with a blog post.  As I dive deeper into cybersecurity, after passing Security+ and Network+ along with a bootcamp certification that majored in cybersecurity I need to get hands on experience. As I tore through the Internet to figure out what projects to do, and how to apply them on to a website I came up with the idea on using ‘Hack The Box’ and ‘Try Hack Me’ to use not only for my projects but keep my mind fresh on the materials needed succeed in this competitive field. With Just passing Network+ in May 2025 I decided to start with packet capturing via ‘Hack the Box’ and with that came a lot of reading, so in this section I’m going to break down what I learned within the first part of the ‘Network Traffic Analysis’ page of ‘Hack The Box’

The first thing that caught my eye while reading through the page was the TCP Three way handshake, which establishes a connection between two nodes or devices to make sure it is okay to talk to each other and exchange data.  It goes a little something like this.

First step is SYN which is an abbreviation (Synchronize) – the client sends a packet that wants to start a connection with another client/server/webpage, etc. 

Step Two: The client/server receives the request and sends their own request which is called the (SYN-ACK) which is abbreviation for (Synchronized and Acknowledge)

Step Three: The original requesting client sends an ACK packet advising that the (SYN-ACK) was received, and if all that goes well the connection is established.  This happens with TCP connections because it requires a acknowledgement of a connection where as UDP does not.

While continuing with the lesson, I came upon the ‘Required Skills and Knowledge’ section.

Ports and Protocols were a heavy topic on the Network+ because we need to know what type of traffic we are going to see and allow within our networks, or who we are granting access to. The most important thing is knowing the OSI model, form top to bottom and bottom to top, and understanding what each layer does, which will help the troubleshooting process to see where things went wrong if they did go wrong (hopefully they don’t). So let me list these layers.

Layer 1:  Physical Layer – this includes cables used to setup the network, along with fiber cables, and the signal itself that is being transmitted

Layer 2: Data Link Layer – Frames, MAC addresses (the number that identifies the actual computer or device, not to be confused with an IP address)

Layer 3: Networking Layer – IP addresses (address that helps a computer communicate across the network, an IP address will associate itself with a MAC address, which helps communication within a network.)

Layer 4: Transport Layer – TCP segment (Connection) vs. UDP datagram (Connectionless)

Layer 5: Session Layer – Control protocols, tunneling protocols

Layer 6: Presentation Layer – This involves encryption (SSL/TLS) via websites

Layer 7: Application Layer – This can be websites that users see or even file transfer protocols.

After going through the Common Traffic Analysis Tools, I found it interesting on how many tools there are besides the basics that were covered in the Network+ exam, and even though it may be intimidating it is also very intriguing to me that there are so many tools at our disposal to help view and dissect the traffic that comes into our systems.  The ones that were familiar to me were ‘tcpdump’, ‘Wireshark’ and ‘SIEMS’. During my bootcamp I did dabble with Splunk along with Wireshark.

The final thing that jumped out at me was the BPF Syntax, and of course I went down the rabbit hole with the link that ‘Hack the Box’ provided.

It stands for Berkely packet filters, and it is a tool for intrusion detection, and can reduce packet captures by filtering by specific types.

And that is for now! This was my first Hack The Box experience, which brought a refresher from Network+ along with a whole bunch of new tools that I’m excited to learn through out my journey in becoming the best I can be in the cybersecurity field, but in order to do that I must start with the basics.