W23_SPR100_Lab_7v1

docx

School

Seneca College *

*We aren’t endorsed by this school

Course

100

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

4

Uploaded by ElderLeopardMaster1065

Report
SPR100 Labs Lab 7: Network Security (2%) Overview: In this lab we’ll be looking at foot-printing, scanning and enumeration. We will be scanning one machine, to discover what services are running, then the Security Lab network to discover what machines and the services are running. To do this will be using a tool called Nmap , the “world’s most popular network security scanner”. Finally, you will look at the traffic generated by Nmap to get a sense of how much network communication is involved in a scan. Warning: Do not use Nmap to scan ANY network unless you have explicit permission to scan that network. If you ignore this warning, you might become a subject of a complaint to the Toronto Police Service or the RCMP, because it could be considered "unauthorized access to a computer system", and some scans can lead to a DoS on poorly configured systems. You might be able to argue against this successfully, but it might require the services of a lawyer, and your equipment might be confiscated while the argument takes place. Even without police involvement, you might end up losing the services of your ISP. Consider yourself warned. You have permission to scan: The internal network in the Security Lab. You do not have permission to scan any other networks at Seneca. Note: Part 2 and Part 3: you need to be using the Win10 VM and be connected to the Security Lab network. Part 4: this is to be done on your home workstation/laptop. All screenshots must have your command-line title with name, date and time visible Objective: 1. Demonstrate how to footprint a company. 2. Scanning of a single server. 3. Scanning and enumeration a network. 4. Understanding the cost of a scan. Page 1 of 4
SPR100 Labs The Lab Activities Part 1: Foot-printing (Internet) Foot-printing involves determining the following: The scope of the footprint – an organization, a subnet or a machine. Searching public web sites and databases for organization and network information that may be useful to plan an attack against known vulnerabilities. Network reconnaissance—determining network topology, access points and DNS record information. Steps 1. View the Seneca College website. Look through the website’s various pages . Is there any information that could be used by a potential (hacker) attacker? Be specific. 2. Using a browser, go to whois.cira.ca and conduct a whois search of “senecacollege.ca” on the Canadian Internet Registration Authority. What displayed information could be useful to an attacker? Be specific. 3. No entry is required in your lab report. NB: Any public search engine can be used for foot-printing e.g. Google. Part 2: Scanning a Single Machine (Security Lab) Once a target has been identified and public information exhausted, the next step is to probe the specific target network by using automated tools to scan the workstations for the following information: Which workstations are “online”? IP address of the workstation Ports and services being used by the workstation. Scanning and enumeration are often combined since many of the automated tools perform both tasks simultaneously. This step requires an active connection to the system and directed queries. As such, the attacker must be logged on. The types of information enumerated are generally: Network resources and shares – ports, processes, and shares Users and group accounts\passwords Running applications\OSs and versions Armed with the information gathered the attacker research to find specific vulnerabilities to find “a way in”. It is common for an attacker to spend 3-4 months completing all three steps before launching an attack. This lab will introduce the methodology. Performing automated ‘ping’ sweep to determine which machines are “alive”. The ‘ping’ command is used to test connectivity; however, it can only test one machine at a time. Before you start, using your Window’s 10 VM command line, ‘ping’ the single IP address: 172.16.11.65 (you need to be on the Security Lab network to do this). If you do not know the ‘ping’ command or how to use the ‘command-line’ on your Window’s 10 VM, do some research. Do the following using Nmap (Zenmap) installed on your Window’s 10 VM and targeting the given single IP address. Below this is referred to an “IP”. Page 2 of 4
SPR100 Labs Steps 1. Scan the IP using the Ping scan setting. What sort of information are you getting – look at the Nmap output tab? 2. Repeat Step 1 for a Quick scan and Intense Scan. What is the difference between the information you are getting for the Ping, Quick and Intense scan? Be specific. 3. After the Intense scan look at all the other tabs such as ‘Ports/Hosts’. How does the information differ from the “Nmap output” tab? 4. Write up the results of (2) to (4) and insert it into your report under the heading of “ Nmap and the 172.16.11.65 server ”. Ensure your formatting aids the reader in reading what you have written. Part 3: Scanning and Enumeration of a Network (Security Lab) If we are to learn about what is happening on our network, rather than just one computer, we should be familiar with the basic protocols, and service identification. You should understand the significance of port numbers, so you should know which port numbers are associated with these commonly used services: HTTP & HTTPS DNS DHCP (bootp) SSH TELNET FTP SMTP NetBIOS Microsoft-DS Look up any port numbers that show up on your Nmap scans, this will give you an idea of what they do. Before you use Nmap, read and understand the nmap man page . If you do not take the time to understand the output of Nmap, you will end up wasting lots of time. A Short History of Nmap Zenmap Zenmap User’s Guide 32 Useful Nmap Commands Using Nmap, scan the Security Lab network: 172.16.11.0/26 (you need to be on the Security Lab network to do this) and discover hosts that are listening. You need a quick and simple scan to discover hosts, and more complex scans to find out information about each host discovered. Please note, this scan can take a while, so be patient! What is the number of IP addresses in this range? Look over the resources mentioned at the start of the lab. Decide on some other interesting scans to try on the servers you have discovered. Questions: 1. How many hosts are available on the scanned network? 2. How many hosts are running the following services? Give their IPs: ftp Write up the results of (1) and (2) and insert it into your report under the heading of “ Nmap and the Security Lab Network ” with appropriate subheadings. Ensure your formatting aids the reader in reading what you have written. Page 3 of 4
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
SPR100 Labs Part 4: Determining the cost of a scan (Home) Doing a scan of a network and host on the network might seem the obvious and easiest thing to do. Such scans generate traffic. Let’s capture that traffic and see how much there is. Note: There is only general guidance given for this part of the lab. You are expected to do research etc. to find out any information you don’t know. You’ll be using Kali Linux and Windows 10 for this lab. Before you start: Download Kali (if you have not already done so) Steps 1. Set-up a private LAN connection between Kali and Windows 10 2. Verify that both your VMs are on the network by pinging the Kali VM from the Win10 VM 3. Start Wireshark on your Win10 VM and begin Capture. 4. Using the command-line on Kali, use Nmap to do an intense scan of your Win10 VM 5. Stop your Wireshark capture on Win10 VM once the Nmap scan is complete. 6. Review your Wireshark capture to see the volume of traffic an ‘uncontrolled’ scan can generate. 7. Under a heading “ Scan Costs” in your report, take the following screenshots and insert them under the appropriate sub-headings that show the following: The Win10 VM IP’s address The Kali VM’s IP address Kali’s desktop with the command-line window visible and some of Nmap results visible. Make sure the Nmap command you used is visible in the screenshot. Wireshark open showing the: Start of the Win10 VM scan’s capture – make sure it is clear that there is no scan in the first half of the Wireshark output and then scan in the second half of the Wireshark output in the image. Mid-section of the Win10 VM scan’s capture – nearly all packets should be between the Win 10 VM and the Kali VM. End of the Win10 VM scan’s capture – make sure it is clear that there is a scan if the first half of the Wireshark output and then no scan in the second half of the Wireshark output in the image. 8. Answer the following questions and insert them into your report. What did you have to do to set up the private LAN Segment and get the computers connected? What sort of protocols were used in the attack from Kali? Report Submission Now that you have filled out the Lab report, you need to submit it along with your elog book. This is done through the submission link given with Lab 7 on Blackboard. Page 4 of 4

Related Documents

Summary sheet for PRECEDE.NA.related to grant..docx
test 3.docx
Assignment 2 (ch. 2).pdf
Unit 2 Assignment Homeland Security Certificate (1).docx
W23 SPR100_Lab_9v3 (1).docx
W23 SPR100 W1 Lab 1 v1.docx
test 2.docx
Unit 3 Assignment FEMA Certificate.docx
MD5 Assgn1_White_A.doc
U2L3 Culture.docx
INTL 440 W1 FORUM.docx
Haleigh Duguay IT 200 Module 3-2 Activity.docx