Network Security Lab — Cyber Lab UI Kit (Full)

Click to toggle

This interactive lab teaches essential skills to secure a network and detect vulnerabilities using real-world tools.

In this lab, you will learn to:

Scan for open ports and services using Nmap.
Configure firewall rules to block malicious traffic.
Analyze network traffic using Wireshark to detect vulnerabilities and threats.
Implement strategies to defend against attacks like port scanning and DDoS.

Disclaimer: This lab is intended for educational purposes only. Unauthorized use of these techniques on networks you do not own is illegal.

Essential commands

Network Scanning: Type nmap -sP 192.168.1.0/24 to scan the local network for live hosts.
Port Scanning: Use nmap -sT [IP] to scan open ports on a target host.
Service Detection: Run nmap -sV [IP] to detect services running on the open ports.
Firewall Configuration: Create a rule to block incoming connections on port 80 with iptables -A INPUT -p tcp --dport 80 -j DROP.
Packet Sniffing: Use wireshark to start capturing network traffic.
Security Countermeasures: Implement strategies to block port scans and DDoS attacks.

Example commands will be copied to your clipboard. Use the Print button to create a PDF of these instructions.

Complete and earn badges

Complete the short exercises below. Correct answers unlock progress and badges.

Exercise 1 — Live host discovery

Enter the command to scan the network 192.168.1.0/24 for live hosts:

Hint: use nmap and the ping discovery option.

Exercise 2 — Port scan

Which command scans a target IP for TCP ports using a full open connect scan?

Hint: -sT is the TCP connect scan.

Exercise 3 — Firewall rule

Write the iptables command to block incoming TCP traffic to port 80:

Hint: append to INPUT chain and use -j DROP.

Progress saved locally. Complete exercises to unlock badges and track progress.

Run example commands below

$

Tip: Press Enter to run. This is a simulator — no real network activity occurs.

Protect your network

To protect your network from common attacks, consider implementing the following security measures:

Use a Strong Firewall: Configure your firewall to block unauthorized traffic and limit access to sensitive services.
Use Encryption: Encrypt sensitive data both in transit and at rest using standards like TLS/SSL for communication and AES for storage.
Use Intrusion Detection Systems (IDS): Monitor network traffic for abnormal patterns indicative of malicious activity.
Limit Open Ports: Only open the ports necessary for your network operations and close all others.
Implement Network Segmentation: Segment your network to isolate critical systems and limit the damage from breaches.
Regularly Update Systems: Keep all systems, routers, and firewalls up-to-date to patch known vulnerabilities.
Use DDoS Protection: Implement measures to prevent or mitigate Distributed Denial of Service (DDoS) attacks.