Every connected device relies on networks — but every network can be attacked.
This module introduces the core concepts of networking and teaches you how to protect both wired and wireless systems.
We’ll explore how data moves across networks, how firewalls and intrusion detection work, and how to safely observe network traffic inside a virtual lab.
💡 Learning Objectives
By the end of this module, you will:
Understand how data travels across networks (IP, TCP, ports).
Configure and explain the function of firewalls.
Differentiate between WPA2 and WPA3 Wi-Fi standards.
Identify how IDS/IPS systems detect threats.
Perform a practical lab: router hardening and packet observation.
1. Networking Basics — How the Internet Works
When you visit a website or send a message, information is broken into packets and sent through multiple layers.
Core Concepts:
| Concept | Description |
|---|---|
| IP (Internet Protocol) | Assigns addresses (like “house numbers”) to devices. |
| Port | A communication channel (e.g., port 80 = HTTP, port 443 = HTTPS). |
| TCP/UDP | Protocols for sending and receiving data packets. |
| LAN/WAN | Local vs. wide area networks — home network vs. the internet. |
| Router/Switch | Devices that direct traffic and connect multiple systems. |
🧩 Analogy: Think of IP addresses as street addresses, ports as apartment numbers, and packets as envelopes.
2. Firewalls — The Gatekeepers
A firewall controls what traffic can enter or leave your system.
Types of Firewalls:
| Type | Where Used | Example |
|---|---|---|
| Host Firewall | On a PC or server | Windows Defender Firewall |
| Network Firewall | On a router/gateway | Cisco, pfSense, FortiGate |
| Next-Gen Firewall (NGFW) | Advanced filtering & application control | Palo Alto, Sophos XG |
Rule Example:
“Allow HTTPS (port 443) outbound; block all inbound except SSH (port 22) from LAN.”
Best Practices:
Deny by default, then allow required ports.
Disable unused services.
Regularly check logs for blocked attempts.
3. Wireless Security (WPA2 vs WPA3)
Your home Wi-Fi can be a major vulnerability if left unsecured.
| Feature | WPA2 | WPA3 |
|---|---|---|
| Encryption | AES-CCMP | SAE (stronger handshake) |
| Password Cracking | Easier (dictionary attacks) | Resistant (individualized encryption) |
| Backward Compatibility | Yes | Partial |
| Recommended? | ⚠️ Outdated | ✅ Modern & Secure |
Wi-Fi Hardening Tips:
Change default SSID and admin credentials.
Use WPA3 if available.
Disable WPS (Wi-Fi Protected Setup).
Update router firmware regularly.
Turn off remote management.
4. Intrusion Detection & Prevention (IDS/IPS)
Even with firewalls, you need visibility into what’s happening on your network.
IDS (Intrusion Detection System):
Monitors network traffic for suspicious activity.
Alerts you but doesn’t block automatically.
Example tools: Snort, Suricata.
IPS (Intrusion Prevention System):
Detects and blocks malicious packets in real time.
Often integrated into enterprise firewalls.
Common Detection Signals:
Multiple failed logins (brute-force attempts)
Large data transfers (exfiltration)
Connections to known malicious IPs
In a lab environment, IDS tools can show how malware communication looks — without causing harm.
5. Practical (Safe) Exercises
Exercise 1 — Router Hardening
Goal: Secure your personal or lab router.
Log in to your router’s admin panel (typically
192.168.1.1).Change default admin credentials.
Update firmware to the latest version.
Set encryption to WPA3 or WPA2-AES (not TKIP).
Disable WPS and remote access.
Save a backup config securely.
🧩 Document each change and note why it improves security.
Exercise 2 — Observe Network Packets (Read-Only)
Tools: Wireshark (free), installed on a virtual machine.
Open Wireshark → choose your active network adapter.
Capture traffic for 1–2 minutes (no sensitive sites).
Stop capture and observe:
Common protocols: TCP, UDP, DNS, ARP
Conversations between your system and known sites
Identify non-sensitive packets and note their function.
⚠️ Safety: Never capture or share others’ data or credentials. Perform this only in a private, non-production environment.
Ethics & Legal Practice
Monitoring or intercepting network traffic without authorization is illegal under IT and privacy laws.
Always:
Capture traffic only on your own networks.
Use lab simulations for educational purposes.
Get written permission before any corporate or external testing.
💡 Quick Tips Box
💡 Tip: Change your Wi-Fi password every 6–12 months.
⚙️ Tip: Set your router to auto-update firmware if supported.
🔍 Tip: Review firewall logs monthly for unusual patterns.
6. Summary & Takeaways
You now understand how networks function — and how to defend them.
✅ Key lessons:
Networking = communication + protocols + addressing.
Firewalls act as traffic filters.
Wi-Fi encryption matters — upgrade to WPA3.
IDS/IPS provide visibility into hidden threats.
Router hardening is your first real defensive action.
🧱 Next Up: Module 4 — Introduction to Malware & Common Attacks →