[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"skill-69882681-8269-4b22-9e95-6ff38c86be13":3,"$fcShXica1wnw199b8BlmD19y30jXxwu7TPNW64ge24J8":43},{"id":4,"title":5,"description":6,"categoryId":7,"moduleId":8,"tags":9,"prompt":10,"icon":11,"source":12,"sourceUrl":13,"authorId":14,"authorName":15,"isPublic":16,"stars":17,"runs":18,"createdAt":19,"updatedAt":19,"module":20,"category":27,"packages":34},"69882681-8269-4b22-9e95-6ff38c86be13","network-101","配置和测试常见网络服务（HTTP、HTTPS、SNMP、SMB）用于渗透测试实验室环境。启用针对正确配置的目标系统的服务枚举、日志分析和安全测试的动手实践。","cat_life_career","mod_other","sickn33,other","---\nname: network-101\ndescription: \"Configure and test common network services (HTTP, HTTPS, SNMP, SMB) for penetration testing lab environments. Enable hands-on practice with service enumeration, log analysis, and security testing against properly configured target systems.\"\nrisk: unknown\nsource: community\nauthor: zebbern\ndate_added: \"2026-02-27\"\n---\n\n# Network 101\n\n## Purpose\n\nConfigure and test common network services (HTTP, HTTPS, SNMP, SMB) for penetration testing lab environments. Enable hands-on practice with service enumeration, log analysis, and security testing against properly configured target systems.\n\n## Inputs\u002FPrerequisites\n\n- Windows Server or Linux system for hosting services\n- Kali Linux or similar for testing\n- Administrative access to target system\n- Basic networking knowledge (IP addressing, ports)\n- Firewall access for port configuration\n\n## Outputs\u002FDeliverables\n\n- Configured HTTP\u002FHTTPS web server\n- SNMP service with accessible communities\n- SMB file shares with various permission levels\n- Captured logs for analysis\n- Documented enumeration results\n\n## Core Workflow\n\n### 1. Configure HTTP Server (Port 80)\n\nSet up a basic HTTP web server for testing:\n\n**Windows IIS Setup:**\n1. Open IIS Manager (Internet Information Services)\n2. Right-click Sites → Add Website\n3. Configure site name and physical path\n4. Bind to IP address and port 80\n\n**Linux Apache Setup:**\n\n```bash\n# Install Apache\nsudo apt update && sudo apt install apache2\n\n# Start service\nsudo systemctl start apache2\nsudo systemctl enable apache2\n\n# Create test page\necho \"\u003Chtml>\u003Cbody>\u003Ch1>Test Page\u003C\u002Fh1>\u003C\u002Fbody>\u003C\u002Fhtml>\" | sudo tee \u002Fvar\u002Fwww\u002Fhtml\u002Findex.html\n\n# Verify service\ncurl http:\u002F\u002Flocalhost\n```\n\n**Configure Firewall for HTTP:**\n\n```bash\n# Linux (UFW)\nsudo ufw allow 80\u002Ftcp\n\n# Windows PowerShell\nNew-NetFirewallRule -DisplayName \"HTTP\" -Direction Inbound -Protocol TCP -LocalPort 80 -Action Allow\n```\n\n### 2. Configure HTTPS Server (Port 443)\n\nSet up secure HTTPS with SSL\u002FTLS:\n\n**Generate Self-Signed Certificate:**\n\n```bash\n# Linux - Generate certificate\nsudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 \\\n  -keyout \u002Fetc\u002Fssl\u002Fprivate\u002Fapache-selfsigned.key \\\n  -out \u002Fetc\u002Fssl\u002Fcerts\u002Fapache-selfsigned.crt\n\n# Enable SSL module\nsudo a2enmod ssl\nsudo systemctl restart apache2\n```\n\n**Configure Apache for HTTPS:**\n\n```bash\n# Edit SSL virtual host\nsudo nano \u002Fetc\u002Fapache2\u002Fsites-available\u002Fdefault-ssl.conf\n\n# Enable site\nsudo a2ensite default-ssl\nsudo systemctl reload apache2\n```\n\n**Verify HTTPS Setup:**\n\n```bash\n# Check port 443 is open\nnmap -p 443 192.168.1.1\n\n# Test SSL connection\nopenssl s_client -connect 192.168.1.1:443\n\n# Check certificate\ncurl -kv https:\u002F\u002F192.168.1.1\n```\n\n### 3. Configure SNMP Service (Port 161)\n\nSet up SNMP for enumeration practice:\n\n**Linux SNMP Setup:**\n\n```bash\n# Install SNMP daemon\nsudo apt install snmpd snmp\n\n# Configure community strings\nsudo nano \u002Fetc\u002Fsnmp\u002Fsnmpd.conf\n\n# Add these lines:\n# rocommunity public\n# rwcommunity private\n\n# Restart service\nsudo systemctl restart snmpd\n```\n\n**Windows SNMP Setup:**\n1. Open Server Manager → Add Features\n2. Select SNMP Service\n3. Configure community strings in Services → SNMP Service → Properties\n\n**SNMP Enumeration Commands:**\n\n```bash\n# Basic SNMP walk\nsnmpwalk -c public -v1 192.168.1.1\n\n# Enumerate system info\nsnmpwalk -c public -v1 192.168.1.1 1.3.6.1.2.1.1\n\n# Get running processes\nsnmpwalk -c public -v1 192.168.1.1 1.3.6.1.2.1.25.4.2.1.2\n\n# SNMP check tool\nsnmp-check 192.168.1.1 -c public\n\n# Brute force community strings\nonesixtyone -c \u002Fusr\u002Fshare\u002Fseclists\u002FDiscovery\u002FSNMP\u002Fcommon-snmp-community-strings.txt 192.168.1.1\n```\n\n### 4. Configure SMB Service (Port 445)\n\nSet up SMB file shares for enumeration:\n\n**Windows SMB Share:**\n1. Create folder to share\n2. Right-click → Properties → Sharing → Advanced Sharing\n3. Enable sharing and set permissions\n4. Configure NTFS permissions\n\n**Linux Samba Setup:**\n\n```bash\n# Install Samba\nsudo apt install samba\n\n# Create share directory\nsudo mkdir -p \u002Fsrv\u002Fsamba\u002Fshare\nsudo chmod 777 \u002Fsrv\u002Fsamba\u002Fshare\n\n# Configure Samba\nsudo nano \u002Fetc\u002Fsamba\u002Fsmb.conf\n\n# Add share:\n# [public]\n#    path = \u002Fsrv\u002Fsamba\u002Fshare\n#    browsable = yes\n#    guest ok = yes\n#    read only = no\n\n# Restart service\nsudo systemctl restart smbd\n```\n\n**SMB Enumeration Commands:**\n\n```bash\n# List shares anonymously\nsmbclient -L \u002F\u002F192.168.1.1 -N\n\n# Connect to share\nsmbclient \u002F\u002F192.168.1.1\u002Fshare -N\n\n# Enumerate with smbmap\nsmbmap -H 192.168.1.1\n\n# Full enumeration\nenum4linux -a 192.168.1.1\n\n# Check for vulnerabilities\nnmap --script smb-vuln* 192.168.1.1\n```\n\n### 5. Analyze Service Logs\n\nReview logs for security analysis:\n\n**HTTP\u002FHTTPS Logs:**\n\n```bash\n# Apache access log\nsudo tail -f \u002Fvar\u002Flog\u002Fapache2\u002Faccess.log\n\n# Apache error log\nsudo tail -f \u002Fvar\u002Flog\u002Fapache2\u002Ferror.log\n\n# Windows IIS logs\n# Location: C:\\inetpub\\logs\\LogFiles\\W3SVC1\\\n```\n\n**Parse Log for Credentials:**\n\n```bash\n# Search for POST requests\ngrep \"POST\" \u002Fvar\u002Flog\u002Fapache2\u002Faccess.log\n\n# Extract user agents\nawk '{print $12}' \u002Fvar\u002Flog\u002Fapache2\u002Faccess.log | sort | uniq -c\n```\n\n## Quick Reference\n\n### Essential Ports\n\n| Service | Port | Protocol |\n|---------|------|----------|\n| HTTP | 80 | TCP |\n| HTTPS | 443 | TCP |\n| SNMP | 161 | UDP |\n| SMB | 445 | TCP |\n| NetBIOS | 137-139 | TCP\u002FUDP |\n\n### Service Verification Commands\n\n```bash\n# Check HTTP\ncurl -I http:\u002F\u002Ftarget\n\n# Check HTTPS\ncurl -kI https:\u002F\u002Ftarget\n\n# Check SNMP\nsnmpwalk -c public -v1 target\n\n# Check SMB\nsmbclient -L \u002F\u002Ftarget -N\n```\n\n### Common Enumeration Tools\n\n| Tool | Purpose |\n|------|---------|\n| nmap | Port scanning and scripts |\n| nikto | Web vulnerability scanning |\n| snmpwalk | SNMP enumeration |\n| enum4linux | SMB\u002FNetBIOS enumeration |\n| smbclient | SMB connection |\n| gobuster | Directory brute forcing |\n\n## Constraints\n\n- Self-signed certificates trigger browser warnings\n- SNMP v1\u002Fv2c communities transmit in cleartext\n- Anonymous SMB access is often disabled by default\n- Firewall rules must allow inbound connections\n- Lab environments should be isolated from production\n\n## Examples\n\n### Example 1: Complete HTTP Lab Setup\n\n```bash\n# Install and configure\nsudo apt install apache2\nsudo systemctl start apache2\n\n# Create login page\ncat \u003C\u003C 'EOF' | sudo tee \u002Fvar\u002Fwww\u002Fhtml\u002Flogin.html\n\u003Chtml>\n\u003Cbody>\n\u003Cform method=\"POST\" action=\"login.php\">\nUsername: \u003Cinput type=\"text\" name=\"user\">\u003Cbr>\nPassword: \u003Cinput type=\"password\" name=\"pass\">\u003Cbr>\n\u003Cinput type=\"submit\" value=\"Login\">\n\u003C\u002Fform>\n\u003C\u002Fbody>\n\u003C\u002Fhtml>\nEOF\n\n# Allow through firewall\nsudo ufw allow 80\u002Ftcp\n```\n\n### Example 2: SNMP Testing Setup\n\n```bash\n# Quick SNMP configuration\nsudo apt install snmpd\necho \"rocommunity public\" | sudo tee -a \u002Fetc\u002Fsnmp\u002Fsnmpd.conf\nsudo systemctl restart snmpd\n\n# Test enumeration\nsnmpwalk -c public -v1 localhost\n```\n\n### Example 3: SMB Anonymous Access\n\n```bash\n# Configure anonymous share\nsudo apt install samba\nsudo mkdir \u002Fsrv\u002Fsamba\u002Fanonymous\nsudo chmod 777 \u002Fsrv\u002Fsamba\u002Fanonymous\n\n# Test access\nsmbclient \u002F\u002Flocalhost\u002Fanonymous -N\n```\n\n## Troubleshooting\n\n| Issue | Solution |\n|-------|----------|\n| Port not accessible | Check firewall rules (ufw, iptables, Windows Firewall) |\n| Service not starting | Check logs with `journalctl -u service-name` |\n| SNMP timeout | Verify UDP 161 is open, check community string |\n| SMB access denied | Verify share permissions and user credentials |\n| HTTPS certificate error | Accept self-signed cert or add to trusted store |\n| Cannot connect remotely | Bind service to 0.0.0.0 instead of localhost |\n\n## When to Use\nThis skill is applicable to execute the workflow or actions described in the overview.\n","","imported","https:\u002F\u002Fgithub.com\u002Fsickn33\u002Fantigravity-awesome-skills","user_system_seed","SkillOPIC",true,148,2070,"2026-05-16 13:30:47",{"id":8,"name":21,"slug":22,"icon":23,"description":24,"sort":25,"createdAt":26},"其他","other","mdi-page-next-outline","其他类型Skill",5,"2026-05-16 12:53:40",{"id":7,"name":28,"slug":29,"icon":30,"description":31,"moduleId":8,"sort":32,"skillCount":33,"createdAt":26},"职场发展","career","mdi-briefcase-outline","面试准备、简历优化、职业规划",4,575,[35],{"id":36,"skillId":4,"version":37,"fileName":38,"fileSize":39,"filePath":40,"fileHash":41,"manifest":42,"createdAt":19},"25537cc4-050c-4fc2-9af7-71b92cb296cb","1.0.0","network-101.zip",3090,"uploads\u002Fskills\u002F69882681-8269-4b22-9e95-6ff38c86be13\u002Fnetwork-101.zip","ddc616c56df99cb6462dd194219cda46bd4fb8ac1f0c2e5d079370864b8e7bd4","[{\"path\":\"SKILL.md\",\"isDirectory\":false,\"size\":7586}]",{"code":44,"message":45,"data":46},200,"success",{"items":47,"stats":48,"page":51},[],{"averageRating":49,"totalRatings":49,"ratingCounts":50},0,[49,49,49,49,49],{"limit":52,"offset":49,"hasMore":53,"nextOffset":52,"ratedOnly":16},15,false]