Lab 1

In: Computers and Technology

Submitted By tay282013
Words 442
Pages 2
1. Name at least five applications and tools pre-loaded on the TargetWindows01 server desktop, and identify whether that application starts as a service on the system or must be run manually.
Windows application loaded sTarTs as service Y/n
1. q Yes q No adobe reader
2. q Yes Wireshark q No
3. q Yes q No Nessus
4. q Yes q No Firefox
5. q Yes Nmap q No
2. What was the allocated source IP host address for the TargetWindows01 server, TargetUbuntu01 server, and the IP default gateway router? IP default 172.30.0.8 server 14147
LAb #1 – ASSESSMENT WORKSHEET
1 1
Assessment Worksheet 15
38351_LB01_Pass4.indd 15 23/04/13 10:02 PM
3. Did the targeted IP hosts respond to the ICMP echo-request packet with an ICMP echo-reply packet when you initiated the “ping” command at your DOS prompt? If yes, how many ICMP echo-request packets were sent back to the IP source? Yes it did I got four back
4. If you ping the TargetWindows01 server and the UbuntuTarget01 server, which fields in the ICMP echo-request/echo-replies vary? The TTL changes from 64 to 128
5. What is the command line syntax for running an “Intense Scan” with Zenmap on a target subnet of 172.30.0.0/24? nmap -T4 -A -v -PE -PS22,25,80 -PA21,23,80,3389 172.30.0.0/24
6. Name at least five different scans that may be performed from the Zenmap GUI. Document under what circumstances you would choose to run those particular scans.
Intense Scan-Complete Nmap report about all of the host discovered on the network including open ports and operating system type and network distance covered.
Ping Scan-Host Availability and mac address.
Quick Scan-
Regular Scan-
Slow comprehensive Scan-
16 Lab #1 | Perform Reconnaissance and Probing Using Zenmap GUI (Nmap)
38351_LB01_Pass4.indd 16 23/04/13 10:02 PM
Perform Reconnaissance and Probing Using Zenmap GUI (Nmap)
7. How many different…...

Similar Documents

Lab 1

...NT1430 Linux Administration LAB 4 vi -- again On your linux server enter the following in the command line: root@servername: cd /opt root@servername: ls -la 1) Write what files exist in your directory. root@servername: touch sysinfo root@servername: ls -la 2) Write what files exist in your directory. 3) What are the permissions on the file you have just created? root@servername: chmod 755 sysinfo root@servername: ls -la 4) What are the permissions on the file you have just created? 5) What have you just done? Practical Mysystem root@servername: vi mysystem Now to enter into insert mode (edit mode) hit [i] to exit back into command mode hit [Esc] Now while you are in INSERT MODE type the following, be careful of all characters and typos. #!/bin/bash clear printf "This is information provided by mysystem.sh. Program starts now.\n" printf "Hello, $USER.\n\n" printf "Today's date is `date`, this is week `date +"%V"`.\n\n" printf "These users are currently connected:\n" w | cut -d " " -f 1 - | grep -v USER | sort -u printf "\n" printf "This is `uname -s` running on a `uname -m` processor.\n\n" printf "This is the uptime information:\n" uptime printf "\n" printf "That's all folks!\n" To end and save the file enter the following: [Esc] [:] You will exit Insert Mode and enter into Command Mode then save and exit vi: wq [Enter] Now run the script. root@servername: chmod 755 mysystem root@servername: ./mysystem Print a screen shot of the results. sysinfo...

Words: 1450 - Pages: 6

Lab 1

...Assessment Worksheet 15 1 Perform Reconnaissance and Probing Using Zenmap GUI (Nmap) Using Zenmap GUI (Nmap) LAb #1 – ASSESSMENT WORKSHEET Perform Reconnaissance and Probing Using Zenmap GUI (Nmap) Course Name and Number: student Name: Instructor Name: Lab due date: Overview Hackers typically follow a five-step approach to seek out and destroy targeted hosts. The first step in performing an attack is to plan the attack by identifying the target and learning as much as possible about it. Hackers usually perform an initial reconnaissance and probing scan to identify IP hosts, open ports, and services enabled on servers and workstations. In this lab, you will explore the Virtual Security Cloud Lab (VSCL). You will learn how to access several different applications, including PuTTY and the Zenmap Graphical User Interface (GUI) for the Nmap Security Scanner application. You will use the data you uncover to plan an attack on 172.30.0.0/24 where the VM server farm resides. Lab Assessment Questions & Answers 1. Name at least five applications and tools pre-loaded on the TargetWindows01 server desktop, and identify whether that application starts as a service on the system or must be run manually. windows applicaTion loaded 1. 2. 3. 4. 5. sTarTs as service Y/n q Yes q Yes q Yes q Yes q Yes q No q No q No q No q No 2. What was the allocated source IP host address for the TargetWindows01 server, LAN Switch 1, LAN Switch 2, and the IP default...

Words: 489 - Pages: 2

Lab 1

...1. Name at least five applications and tools pre-loaded on the TargetWindows01 server desktop, and identify whether that application starts as a service on the system or must be run manually. Windows application loaded sTarTs as service Y/n 1. q Yes q No adobe reader 2. q Yes Wireshark q No 3. q Yes q No Nessus 4. q Yes q No Firefox 5. q Yes Nmap q No 2. What was the allocated source IP host address for the TargetWindows01 server, TargetUbuntu01 server, and the IP default gateway router? IP default 172.30.0.8 server 14147 LAb #1 – ASSESSMENT WORKSHEET 1 1 Assessment Worksheet 15 38351_LB01_Pass4.indd 15 23/04/13 10:02 PM 3. Did the targeted IP hosts respond to the ICMP echo-request packet with an ICMP echo-reply packet when you initiated the “ping” command at your DOS prompt? If yes, how many ICMP echo-request packets were sent back to the IP source? Yes it did I got four back 4. If you ping the TargetWindows01 server and the UbuntuTarget01 server, which fields in the ICMP echo-request/echo-replies vary? The TTL changes from 64 to 128 5. What is the command line syntax for running an “Intense Scan” with Zenmap on a target subnet of 172.30.0.0/24? nmap -T4 -A -v -PE -PS22,25,80 -PA21,23,80,3389 172.30.0.0/24 6. Name at least five different scans that may be performed from the Zenmap GUI. Document under what circumstances you would choose to run those particular scans. Intense Scan-Complete Nmap report about all of the host discovered...

Words: 442 - Pages: 2

Lab 1

...Assessment Worksheet 15 1 Perform Reconnaissance and Probing Using Zenmap GUI (Nmap) Using Zenmap GUI (Nmap) LAb #1 – ASSESSMENT WORKSHEET Perform Reconnaissance and Probing Using Zenmap GUI (Nmap) Course Name and Number: Student Name: Instructor Name: Lab due date: Overview Hackers typically follow a five-step approach to seek out and destroy targeted hosts. The first step in performing an attack is to plan the attack by identifying the target and learning as much as possible about it. Hackers usually perform an initial reconnaissance and probing scan to identify IP hosts, open ports, and services enabled on servers and workstations. In this lab, you planned an attack on 172.30.0.0/24 where the VM server farm resides, and used the Zenmap GUI to perform an “Intense Scan” on the targeted IP subnetwork. Note: These forms have been formatted to allow you to complete the form online and save it using Adobe Reader. You may experience problems with either or both of these actions if you are using any other software program. Lab Assessment Questions & Answers 1. Name at least five applications and tools pre-loaded on the TargetWindows01 server desktop, and identify whether that application starts as a service on the system or must be run manually. windows applicaTion loaded 1. 2. 3. 4. 5. sTarTs as service Y/n q Yes q Yes q Yes q Yes q Yes q No q No q No q No q No 16 Lab #1 | Perform Reconnaissance and Probing Using Zenmap GUI (Nmap) 2...

Words: 467 - Pages: 2

Lab 1

...Lab 1 1. Reconnaissance, Scanning, Gaining Access, Maintaining Access, and Covering Tracks 2. You need to do a lot of reconnaissance like network scanning, social engineering, and dumpster diving. 3. A hacker can use tools like Netcraft and PCHels to report on your domain, IP number, and operating system, tools such as NMap identify your host systems and services, tools like LANguard Network Scanner identify system vulnerabilities, and tools such as AET Network Scanner 10, FPort 1.33, and Super Scan 3 scan your devices to determine ports that are open and can be exploited. 4. A social engineer is a person who smooth-talks people into revealing information such as unlisted phone numbers, passwords, and other sensitive information. 5. Enumeration is a process to gather the information about user names, machine names, network resources, shares and services. 6. Once the attack is done the hacker will cover his tracks by modifying the log files, using Trojans to destroy system logs or replace system binaries at the same time, and other techniques like steganography and tunneling. 7. When covering up their tracks a hacker can use rootkits that can disable logging altogether and discard all existing logs making it a lot easier to do it again. 8. You should continue testing and report your findings when you finish. 9. NIST Special Publication 800-115 10. Planning, Discovery, Attack, and Reporting 11. To find out if they are vulnerable to attack before they actually get......

Words: 276 - Pages: 2

Lab 1

...Lab #1 1. List the five (5) steps of the Hacking process. Reconnaissance, Scanning, Gaining Access, Maintaining Access, Covering Tracks 2. In order to exploit or attack the targeted systems, what can you do as an initial first step to collect as much information as possible about the targets prior to devising an attack and penetration test plan? The first step would be the reconnaissance or footprinting step of the hacking process. 3. What applications and tools can be used to perform this initial reconnaissance and probing step? Whois query, ping sweeps, Nmap, etc 4. How can social engineering be used to gather information or data about the organization’s IT infrastructure? Social engineering is being used to by tricking people into giving out information that is not normally publicly available. 5. What does the enumeration step of the five (5) step hacking process entail and how is it vital to the hacker’s objective? Enumeration is used to extract more-detailed and useful information from a victim’s system. 6. Explain how an attacker will avoid being detected following a successful penetration attack? Attacker would avoid detection by covering tracks step of the hacking process where they cover up their tracks in the system they hacked into. 7. What method does an attacker use to regain access to an already penetrated system? The hacker will use a backdoor into the system 8. As a security professional, you...

Words: 581 - Pages: 3

Lab 1

...Lab Report 1: Pipettes and Std Curve Ingrid Simons University of Texas at El Paso June 12, 2014 Introduction: Procedures that require very small volumes of DNA and reagents are performed with instruments such as, micropipettes and pipettes. These instruments are used when scientists need to accurately and precisely deliver small volumes of a liquid. Molecular biologists use very small volumes of liquid at times they are as small as 0.1 µL, in order to do these measurements the use micropipettes. The function of the micropipettes is to act as a plunger when the depressed by the thumb and by its release liquid is drawn into a disposable plastic tip. The liquid is released when the plunger is pressed again (The University of QueensLand). The tip is an important part of the micropipette, each tip is disposable and come in different sizes depending of the micropipette being used. There is three standard micropipettes, the P20 which measures 0.5-20μL, P200 that measures 20-200 μL, and P1000 that measures 100 μL to 1 mL. An important part of this laboratory was learning how to read the meniscus curve. A meniscus is a curve that is formed at the surface of a molecular substance, such as water, when it touches another material (USGS). Meniscus is caused by adhesion, a result of water’s high surface tension. The glass beaker attracts water molecules, and water molecules stay together, as a result many molecules gather to touch the glass. They will accumulate along...

Words: 886 - Pages: 4

Lab 1

...Laboratory #1 Lab #1: Evaluate Business World Transformation – Impact of the Internet and WWW Learning Objectives and Outcomes Upon completing this lab, students will be able to complete the following tasks: * Identify the security challenges on the web as they relate to various business models and the impact that is made in e-Commerce and Internet-based deployments * Extract various businesses’ personal identifiable information (PII) that is collected and stored from Internet users by a business in a web application * Distinguish among the different reasons for the attacks on web sites and determine exactly what the attackers are after when they target your WWW presence * Evaluate the current state of security on a LAMP server using Telnet, Skipfish and TCPdump to identify whether the proper tools are installed for a security evaluation of the server * Install and use Firefox Web Browser with the Live HTTP Headers plug-in Lab #1 – Compromised Business Application Impact Analysis Course Name & Number: ______________________________________________________________ Student Name: _______________________________________________________________________ Instructor Name: _____________________________________________________________________ Lab Due Date: _______________________________________________________________________ Overview The threats of the Internet go way beyond an attacker defacing your website. An attack can include...

Words: 849 - Pages: 4

Lab 1

...© Jones & Bartlett Learning, LLC. NOT FOR SALE OR DISTRIBUTION Lab #1 - Assessment Worksheet Performing Network Reconnaissance using Common Tools Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview In this lab, you explored the common tools available in the virtual lab environment. You used Wireshark to capture and analyze network traffic, OpenVAS to scan the network, reviewed a sample collection of data using NetWitness Investigator, connected to a remote Windows machine and explored two file transfer applications, FileZilla and Tftpd64. You used PuTTY to connect to a Linux machine and ran several Cisco commands to display statistics for the network interfaces. Finally, you used Zenmap to perform a scan of the network and created a network topology chart. Lab Assessment Questions & Answers 1. Name at least five applications and tools used in the lab. 2. What is promiscuous mode? 3. How does Wireshark differ from NetWitness Investigator? 4. Why is it important to select the student interface in the Wireshark? 5. What is the command line syntax for running an Intense Scan with Zenmap on a target subnet of 172.30.0.0/24? 6. Name at least five different scans that may be performed with......

Words: 258 - Pages: 2

Lab 1

...CIS 333 Networking Security Fundamentals Jessica Sykes Professor Arend Clayborn January 18, 2015 1. Name at least 5 applications and tools used in lab. a. Wireshark b. Putty.exe c. Nmap-Zenmap d. OpenVAS e. NetWitness Investigator 2. What is promiscuous code? It allows an application to listen to all traffic on a subnet or VLAN. . 3. How does Wireshark differ from NetWitness Investigator? Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education and NetWitness is an interactive threat analysis application of the NetWitness NextGen product suite. Wireshark captures live traffic and displays results at the packet level. NetWitness Investigator provides an aggregated overview of previously captured traffic which can be used to spot anomalies, compliance issues, and attacks. 4. Why is it important to select the student interface in the wireshark? So that you are in the student lab environment while work and choosing the Public network will prevent Wireshark from seeing traffic that is related to the lab. 5. What is the command line syntax for running an Intense Scan with Zenmap on a target subnet of 172.30.0.0/24? Nmap -T4 -A -v 172.30.0.0/24 6. Name at least five different scans that may be performed with Zenmap. Intense scan, Intense scan plus UDP, Intense scan all TCP ports...

Words: 386 - Pages: 2

Lab 1

...1. What patterns do you observe based on the information in Table 4? The greater amount of Dissolved Oxygen (ppm), the greater number of fish observed. 2. Develop a hypothesis relating to the amount of dissolved oxygen measured in the water sample and the number of fish observed in the body of water. When there is more Dissolved Oxygen (ppm) in the water, the number of fish observed increases. 3. What would your experimental approach be to test this hypothesis? My experimental approach would be to replicate at least 5 “ponds” using aquatic tanks. Each tank would contain a thermometer to track the temperature and ensure all tanks maintain the same temperature. Each tank would also contain the same amount of fish to begin with (per say, 50 minnows). I would then have each tank contain a different amount of Dissolved Oxygen to test the hypothesis. I would track daily the amount of fish that remain in the tank, removing dead fish as they pass. Once each tank reaches a steady number of fish for three consecutive days, I will conclude the experiment documenting the amount of living fish that remain. This would become my data for the experiment. 4. What would be the independent and dependent variables? The independent variable (what changes) would be the amount of Dissolved Oxygen (ppm). The dependent variable (the effect of the independent variable) is the amount of fish observed. 5. What would be your control? The most important control in this experiment would...

Words: 382 - Pages: 2

Lab 1

...(1) In addition, a new National Defense University and Defense Intelligence Agency (DIA) have been established (Pg. #8) (2) IT dependence in the United States is evolving into a strategic center of gravity. (Pg. #9) (3) Seasoned observers, such as military analyst Anthony H. Cordesman writing on cyber warfare and related matters, point out the need for calm reflection and accurate calibration of the problem before allocating scarce tax dollars to critical infrastructure protection. (Pg. #11) (4) Cyber attacks occur on a frequent basis and in a near-instantaneous manner; as the world becomes more connected, more machines and more people will be affected by an attack (Pg. #14) (5) Trillions of dollars in financial transactions and commerce move over a medium with minimal protection and only sporadic law enforcement—a structure the most complex the world has ever known. (Pg. #19) (6) Those who take part in information war are not all soldiers. Anybody who understands computers may become a ‘fighter’ in the network. (Pg. #29) (7) PLA senior Colonel Wang Baocun, a Chinese cyber warfare strategy expert, states that cyber warfare strategy reinforces the notion of Sun Tzu's “subduing the enemy without battle. (Pg. #30) (8) Hacker organizations may also have received help from the Chinese government in developing software, viruses, and methods to attack various computer networks. A number of recent Internet worms including Lion, Adore, and...

Words: 408 - Pages: 2

Lab 1

...Lab #1 – Assessment Worksheet Performing Reconnaissance and Probing Using Common Tools Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview In this lab, you explored the common tools available in the virtual lab environment. You used Wireshark to capture and analyze network traffic and OpenVAS to scan the network. You reviewed a sample collection of data using NetWitness Investigator, connected to a remote Windows machine, and explored two file transfer applications, FileZilla and Tftpd64. You used PuTTY to connect to a Linux machine and ran several Cisco commands to display statistics for the network interfaces. Finally, you used Zenmap to perform a scan of the network and created a network topology chart. Lab Assessment Questions & Answers 1. Name at least five applications and tools used in the lab. FileZilla, NetWitness Investigator, OpenVAS, PuTTY, and Wireshark. 2. What is promiscuous mode? This mode allows Wireshark to capture packets destine to any host on the subnet. 3. How does Wireshark differ from NetWitness Investigator? Wireshark looks at individual packets and is a up close detailed view. NetWitness Investigator give a overview of all the packets captured. 4. Why is...

Words: 365 - Pages: 2

Lab 1

...Assessment Worksheet Performing Reconnaissance and Probing Using Common Tools Introduction to Computer Security CSS150 Course Name and Number: _____________________________________________________ Student Name: ________________________________________________________________ Instructor Name: ______________________________________________________________ Lab Due Date: ________________________________________________________________ Overview In this lab, you explored the common tools available in the virtual lab environment. You used Wireshark to capture and analyze network traffic and OpenVAS to scan the network. You reviewed a sample collection of data using NetWitness Investigator, connected to a remote Windows machine, and explored two file transfer applications, FileZilla and Tftpd64. You used PuTTY to connect to a Linux machine and ran several Cisco commands to display statistics for the network interfaces. Finally, you used Zenmap to perform a scan of the network and created a network topology chart. Lab Assessment Questions & Answers 1. Name at least five applications and tools used in the lab. Putty, Wireshark, Zenmap, FileZilla, Tftpd64, OpenVAS, NetWitness Investigator 2. What is promiscuous mode? Promiscuous mode is a network interface mode in which the NIC (network interface card) reports every packet that it sees on the same subnet or VLAN. Does not assume that this mode means you will see all traffic on you network mode but for purposes...

Words: 531 - Pages: 3

Lab 1

...Post-Lab Questions 1. What were your controls for this experiment? What did they demonstrate? Why was saliva included in this experiment? This experiment is looking for amylase in-particular. The first control was a negative control, Water ,this would show there is no Amylase present. The second control would be a Positive control ,the starch solution this would show the presence of the enzyme amylase. The negative control water does not contain starch. Saliva contains Amylase this is why it is included in the experiment. The saliva is a positive because it turned yellow, this shows no starch left because the amylase broke it all down. 2. What is the function of amylase? What does amylase do to starch? The function of amylase is to start the digestion proses. Amylase function is to break down starch to sugar. 3. Which of the foods that you tested contained amylase? Which did not? What experimental evidence supports your claim? The cooked rice contained Amylase and the starch solution contained amylase. The water the Apple contained no starch. 4. Saliva does not contain amylase until babies are two months old. How could this affect an infant’s digestive requirements? Usual babies do not start eating food until three months. The reason there saliva does not contain amylase is because there bodies have not started producing it yet. For there digestion it means they will not break down any starch foods and just pass them trough there...

Words: 630 - Pages: 3