TermPaperWarehouse.com - Free Term Papers, Essays and Research Documents

The Research Paper Factory

Free Essay

Css 200 Ip2-Lab

In:

Submitted By thegil007
Words 1306
Pages 6
CSS200-1401B-01
Principals of Network Security
Instructor: Gregory Roby
Phase 2, Individual Project
Date: March 08, 2014
By: Gil Palacio

Lab #3
Overview:
In this Lab I am learning how to use the Zenmap Graphical User Interface (GUI) for the free Nmap Security Scanner application. This application is an open source tool that automates network exploration to perform several different types of security audit scans of large IP networks (LAB 3, CTU. 2014). SO here is what I gather while doing this Lab:
I added several IPs to putty in order to build information or to give information to the GUI that I am looking into. I copy pasted the two interfaces that are up,up in the 1st question from the Lab Assessment sheet of the putty profile created:
Interface Ethernet0/0 "", is up, line protocol is up Hardware is 88E6095, BW 100 Mbps Auto-Duplex(Full-duplex), Auto-Speed(100 Mbps) Available but not configured via nameif MAC address c84c.7556.de9e, MTU not set IP address unassigned 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 L2 decode drops 0 switch ingress policy drops 0 packets output, 0 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 babbles, 0 late collisions, 0 deferred 0 lost carrier, 0 no carrier 0 rate limit drops 0 switch egress policy drops
Interface Ethernet0/1 "", is up, line protocol is up Hardware is 88E6095, BW 100 Mbps Auto-Duplex(Full-duplex), Auto-Speed(100 Mbps) Available but not configured via nameif MAC address c84c.7556.de9f, MTU not set IP address unassigned 2054 packets input, 152961 bytes, 0 no buffer Received 4 broadcasts, 0 runts, 0 giants 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 L2 decode drops 2050 switch ingress policy drops 1 packets output, 64 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 babbles, 0 late collisions, 0 deferred 0 lost carrier, 0 no carrier 0 rate limit drops 0 switch egress policy drops
The rest are down, down.
The 2nd question asks:
Explain both the information system security practitioner and hacker perspective of using a security scanning application such as Zenmap GUI (Nmap)?
Answer: the GUI gives you an advantage to look into ports that may be open, which can be a security breach and also an open door to hackers. BY checking if ports are open, the admin can close them and make sure security is restored. Here is how it would show in the GUI table: * PORT 22 TCP OPEN SSH OPEN SSH.5 . SP5 Debian (Protocol)
Question 3: how many test did your Intense Scan Definition Performed? List them all after reviewing the Scan Report?
The Intense Scan I took performed 5 Scans, from 36 Scripts that it loaded. Here is a Snap Picture:

Question 4: Describe what each of these test display within the Zenmap GUI (Nmap) scan report:
Each test performed against the IP I allocated. 172.30.0.1. the test shows what ports are open and the status of the interface.
Question 5: How many total IP Host (NOT counting Cisco device interfaces) did Zenmap GUI (Nmap) find on the network? This can be found in the topology icon and will give a bubble view of the hosts. In my topology, I have 6 host.
Lab # 4
Overview:
In this Lab, I will performed vulnerability assessments using Nessus, which is an application built specifically for network discovery of devices and the operating system and software running on them. Nessus performs remote scans and audits of UNIX, Windows, and network infrastructure and can perform a network discovery of devices, operating systems, applications, databases, and services running on those devices. Nessus detects any noncompliant host running applications such as peer-to-peer, spyware, or malware (worms, Trojan, etc..) are detected and identified, and is capable of scanning all ports on every device and issuing remediation strategy suggestions as require. 1. What is the purpose of defining a policy definition as a first step in performing a Nessus vulnerability scan? Nessus is an application built for network discovery of devices and the operating systems and software running on them. This is the policy definition of it. It is a free program that can be downloaded, but donations are accepted. It is also an open source program so people are constantly improving it. It has many features, but for this assignment, we will have it as a Lab to test out the IP 172.30.0.0/24

2. What 5 things can you configure as part of a vulnerability scan? You can configure audits, Data leakage, compliance priority, users, scan options and even plugins. We can also go with the main tabs: General, Credentials and Preferences. (I already wrote Plugins).

3. Explain how a security scanning application such as Nessus can be used by both the information systems security practitioner and hacker? Vulnerability scans performed from external hosted servers give the same perspective as an attacker. There are also terms used for these two types of people. “White Hats,” which are individuals that used their abilities to find vulnerabilities in systems and networks and then report them to the owner of the system so that they can be fixed. “Black Hats,” are the opposite. They are individuals that break into systems or networks that they are not authorized to use. They use Scanners and programs just like this one to maneuver and find ways to attack. Weaknesses and backdoors in order to penetrate.

4. How many test does the Nessus Lab #4 Nessus Scan performed? I had 6 IPs that were being scan. With a total amount of test of 261. Here is a Snap Shot :

5. Describe what each of these test display within the scan report details? The tests include the severity from high, medium or low. Scans and test also include, parameters that control technical aspects, timeouts, number of host, type of port scanner, policy checks, service detection scan settings, UNIX compliances and many other checks that can give vulnerabilities.

6. Briefly describe the process for identifying solutions to vulnerabilities uncover by Nessus scan. Answer: Shows details including, technical descriptions, references, solutions, details of risk factors, etc.. 7. How many total IP host (not counting Cisco device interfaces) did you find on the server farm Vlan using the Nessus Lab #4 Nessus Scan? 261 8. Fill in the following network documentation chart on the next page for Lab#4—Perform a Software Vulnerability Scan and Assessment with Nessus. Server farm Host Device | Type of Server | O/S & Version | Identified Vulnerability | Suggested Remediation | 172.30.0.1 | Linux Kernel on Debian 6.0 | | Defult password for root account | Get strong password or disable it. | 172.30.0.2 | Microsoft server 2003 | Nessus version : 4.2.2 (Build 9129) | Version needs to be update. | Update version to PHP 5.3.6 | 172.30.0.4 | Linux server on Ubunto 10.04 | Nessus version : 4.2.2 (Build 9129 | Update also. | Anything greater than or equal to 5.3.6 | 172.30.0.8 | Microsoft server 2003 service pack 2 | Nessus version : 4.2.2 (Build 9129) | ERROR: Your plugin feed has not been updated since 2011/7/12 | N/A | 172.30.0.9 | Linux server 2.6. Ibunto 10.4 (Lucid) | Nessus version : 4.2.2 (Build 9129) | ERROR: Your plugin feed has not been updated since 2011/7/12 | Need to updae | 172.30.0.200 | Linux server 2.6. Debian 6.0 (Squeeze) | Nessus version : 4.2.2 (Build 9129) | Host has password as “password” | Need stronger password. | Here are Screenshots to some of the Lab that I created successfully.

Similar Documents

Popular Essays

Student Essay
Factors Affecting Women Shoppers’ Toward... Essay
Jet2 Task 5 Essay
Lab 1 Essay
Art as an Expression and Communication Essay
Vancie Essay