__Rocking your Network_

docx

School

University of Texas, San Antonio *

*We aren’t endorsed by this school

Course

UTSA-VIRT-

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

4

Uploaded by AmbassadorIbex3880

Report
Cybersecurity Networking Challenge Submission File Networking Fundamentals: Rocking your Network Make a copy of this document to work in. For each phase, add the solution below the prompt. Save and submit this completed file as your Challenge deliverable. Phase 1: “I’d like to Teach the World to ping 1. Command(s) used to run ping against the IP ranges: ping 15.199.95.91 Packets: Sent = 4, Received = 0, Lost = 4 (100% loss) ping 15.199.94.91 Packets: Sent = 4, Received = 0, Lost = 4 (100% loss) ping 203.0.113.32 Packets: Sent = 4, Received = 0, Lost = 4 (100% loss) ping 161.35.96.20 Packets: Sent = 4, Received = 4, Lost = 0 (0% loss) ping 192.0.2.0 Packets: Sent = 4, Received = 0, Lost = 4 (100% loss) 2. Summarize the results of the ping command(s): ping 15.199.95.91 = not accepting connection Packets: Sent = 4, Received = 0, Lost = 4 (100% loss) ping 15.199.94.91 = not accepting connection Packets: Sent = 4, Received = 0, Lost = 4 (100% loss) ping 203.0.113.32 = not accepting connection Packets: Sent = 4, Received = 0, Lost = 4 (100% loss) ping 161.35.96.20 = accepting connection Packets: Sent = 4, Received = 4, Lost = 0 (0% loss) ping 192.0.2.0 = not accepting connection Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)
3. List of IPs responding to echo requests: 161.35.96.20 4. Explain which OSI layer(s) your findings involve: Our findings involve the use of layer 3 of the OSI model, the Networking Layer. Ping uses an ICMP echo request to confirm whether an IP is accepting connections or not. 5. Mitigation recommendations (if needed): RockStar Corp must stop IP 161.35.96.20 from accepting any connections, even if the server is up. Phase 2: “Some SYN for Nothin’” 1. Which ports are open on the RockStar Corp server? 161.35.93.20 PORT STATE SERVICE 22/tcp open ssh 2. Which OSI layer do SYN scans run on? a. OSI layer: Layer 4 b. Explain how you determined which layer: Layer 4 is the transport layer and is responsible for the end to end transmission of segments from services of the network layer to the application layer. A port is a transport layer address and since a SYN scan determines which ports are open it is working in the transport layer. 3. Mitigation suggestions (if needed):
Ports need to be closed, perhaps using a firewall to block incoming traffic. Phase 3: “I Feel a DNS Change Comin’ On” 1. Summarize your findings about why access to rollingstone.com is not working as expected from the RockStar Corp Hollywood office: Found “98.137.246.8 rollingstone.com” in the DNS hosts file (etc/hosts) this is redirecting traffic from rollingstone.com to 98.137.246.8 2. Command used to query Domain Name System records: nslookup 98.137.246.8 3. Domain name findings: unknown.yahoo.com 4. Explain what OSI layer DNS runs on: DNS is an application layer protocol, layer 7 of the OSI model. Layer is where the end-user interacts the most. Applications like web browsers and email clients use the Application layer to work and since the DNS protocol works with web browser domains, this is where it lives. 5. Mitigation suggestions (if needed): Restore rollingstone.com back to its correct and original IP address in the hosts file (etc/hosts.) The correct IP is 192.0.66.114 Phase 4: “ShARP Dressed Man” 1. Name of file containing packets: packetcaptureinfo.txt
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
2. ARP findings identifying the hacker’s MAC address: 00:0c:29:1d:b3:b1 3. HTTP findings, including the message from the hacker: Fount an HTTP POST with a message from the hacker - "Hi Got The Blues Corp! This is a hacker that works at Rock Star Corp. Rock Star has left port 22, SSH open if you want to hack in. For 1 Milliion Dollars I will provide you the user and password!" 4. Explain the OSI layers for HTTP and ARP. a. Layer used for HTTP: HTTP is an application protocol, layer 7. HTTP is used to transfer data between devices connected to the internet. b. Layer used for ARP: ARP is a data link protocol, layer 2. The ARP connects an IP address to the physical machine's MAC address. It operates within the LAN. 5. Mitigation suggestions (if needed): Close port 22 using a firewall and trace the MAC address back to its physical machine to find the hacker working to exploit the company. © 2023 edX Boot Camps LLC. Confidential and Proprietary. All Rights Reserved.

Related Documents

Business Systems Week 4.docx
Business Systems Week 1.docx
Windows Registry Forensics.docx
_Aaron Benavides__In a Network Far, Far Away!_.docx
combine.py
Unit Lesson Plan Project.docx.pdf
AB Web Development Challenge.docx
JLane Week 6 Forensic Report.doc
Week 6 Assignment- Kambra Corbett.docx
Brandon Pina M12 Challenge Submission File.pdf
AB__Assessing Security Culture_.docx
AFs _ M15 Challenge Submission File.docx