CIS 403L week 2 Performance

.docx

School

ECPI University *

*We aren’t endorsed by this school

Course

403L

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

6

Uploaded by kitapatel4923

Report
Week Two Lab: Scanning & Enumeration In this Performance Assessment, you will perform the tasks you have completed through the Guided Practices (iLabs content from EC Council). You may use the textbook, any notes you have, and your prior labs as resources. You may not give or receive help from other students. You may ask your instructor for help, but it may cost you points. How does this practical lab apply in the real world? Understanding how to identify devices within a network infrastructure for troubleshooting or pen testing is critical for all individuals associated with information technology. For example, if a user in your network uses a tremendous amount of bandwidth, you, as the network administrator, must show why and if it is necessary. In many instances, this could be an indicator of an infected machine or a user who is abusing the use of the network through streaming services instead of working. Open ports or services not working can also indicate that a user is trying to use a service within the organization and that the particular port is blocked using various tools identified in the material. Scanning and enumeration will help not only to determine the security stance of the network but also contribute to ensuring uninterrupted network operations. Resources Needed This lab assessment covers Modules 3 and 4 from your EC-Council lab content. Thus, all resources you will need will be from your labs, your text, and any research that you might have. Feel free to do a web search to lookup NMAP commands as well as Metasploit Scripts. Parrot OS 1. Nmap Level of Difficulty Moderate Important Please note the following guidance : Complete this assessment in the VCASTLE Pod. Any screenshots here are for general reference, and machines and IP addresses will vary to ensure academic integrity. When completing the questions below, answer each question thoroughly with a complete paragraph, which must include 3-5 sentences. Instructions Windows 10 Netlab Steps 1. Create a text file on your Parrot machine using the tool “nano”. Add the three 172.X.X.X subnets to the file and save it as yourstudentID .txt. ***take screen shot of file creation with nano
2. Open Nmap and perform a host discovery scan. Use the -iL option to point to the file you created instead of manually typing the IP addresses. Use the -oA to save the output of the scan. Name the output file with your student ID “ yourstudentID -hosts” ***take screen shot of Nmap command and scan. 3. Once the scan is complete, use the command: grep Up yourstudentID -hosts.gnmap | cut -d “ “ - f 2 (the | is the pipe command, not a 1 or L) ***take screen shot of grep output.
Q: Describe in complete detail what grep does. Grep is a powerful and flexible text search and filtering tool that provides broad capability through regular expressions and a variety of options to meet diverse search needs. 4. Copy and paste the output from the previous command to a new file using nano, name the file yourstudentID -up-hosts.txt. Use the yourstudentID -up-hosts.txt file to complete the following: 5. Perform a Nmap port scan. ***take screen shot of Nmap command and scan 6. Perform a Nmap services discovery scan. ***take screen shot of Nmap command and scan
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
7. Perform a Nmap OS Discover scan. ***take screen shot of Nmap command and scan Example Below for each machine IP address Identified. For each machine identified, please complete a chart as depicted below in Figure 1-C. There should be a total of 6 charts when this assignment is completed. **Example Chart Only** IP Address: 192.168.1.2 Ports 22,23,80,443 Services SSH, telnet, http, https OS Linux Figure 1-C IP Address: 172.20.241.22 Ports 80 Services https OS Linux 4.4 IP Address: 172.20.240.2 Ports 80,135,139,445,2179 Services https, msrps,netbois- ssn,Microsoft-ds,vmrdp OS Windows Server 2016 IP Addr ess: 172.20.240.3 Ports
53,80,88,135,139,389,445,464,515,593,636,3268,3269,49152,49153,49154,491 55,49157,49158,49159,49167,4917 Servi ces Domain,http,Kerberos-sec,msrpc,netbios-ssn,ldap,miscrosoft- ds,kpasswd5,printer,http-rpc-sepmap,ldapssl,globalcatLDAP,globalcatLDAPss OS Windows Server 2012 IP Address: 172.20.242.11 Ports 135,139,445 Services Msroc,netbios- ssn,Microdoft-ds OS IP Address: 172.20.242.12 Ports 135,139,445,5357 Services Msrpc,netbios- ssn,Mircrosoft-ds,wsdapi OS IP Address: 172.20.242.16 Ports 5555 Services freeciv OS 1. Research NSE scripts for SMB Q: What script checks for SMB signing? smb2-security-mode.nse Q: Is having SMB disabled a vulnerability? If so how/why? 2. Run Nmap with the NSE script to check for SMB signing against identified hosts. ***take screen shot of Nmap command and scan Yes, having with SMB disabled is a vulnerability because having it disabled can expose your network to attacks. 3. Research NSE scripts for SNMP. Q: What script performs checks against SNMP Snmp-brute.nse Q: What does SNMP stand for and what type of information can be gained from it? SNMP delivers information about network changes and the status of networked devices.
4. Run Nmap with the NSE script to check for SNMP against identified hosts. ***take screen shot of Nmap command and scan
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help