Topology Analysis in penetration

Some time ago, we made a goal to solve the Administrator's machine in the Intranet. Of course, we can get a lot of information and passwords in a network administrator's machine, fortunately, the topology of their network is also found, which is useful for controlling an intranet. Many companies use this topology to manage the network.

It-team is his employee user working group, which includes web maintenance development, code development, and resource management. This part can be connected to the Internet after ids behavior monitoring, but usually only some commonly used ports can come out, such as 80,443, 25.
There is a monitoring room on the it-team, that is, the monitor-room. The monitoring room is connected to the monitoring server through it-kvm, which mainly implements traffic, web and http behavior methods, wireless Network Monitoring.
The top right is op-team, which is mainly a management system of their intranet. The management of the Intranet system is in that management room.
The middle of the backbone cisco ws-c3550-48 is a cisco backbone switch, which is attached to the small switches and routes of each department. the backbone switch is connected to an ids intrusion detection system, which is a 10 m leased line connected to the office section below.
There are two 8 m adsl access on the top left, and they are connected to their email server through the firewall and dmz. The email server also has an email backup sub-server, which is in the intranet and has an Internet ip address.
The second adsl is followed by an ftp server, the file server, which has an Internet ip address and is connected to a wireless network. The wireless network is connected to the following marketing group, that is, the marketing group, the ftp server is used only for storing commonly used files or software.
The Marketing Group is a test server and an important server. Only op group management is allowed.
This network is only an internal office network, and the management group uses a 10 m leased line to manage the internet.

In the process of intrusion penetration, we should not only master scripts and other technologies, but also give us a clear idea about social engineering and network topology, it helps us find our goals and what we want.