Tuesday, April 2, 2019
Probing Using Zenmap Gui
Probing victimization Zenmap GuiHackers traditionally follow a 5-step approach to seek bulge out and destroy targeted hosts. The basic step in performing an attack is to final cause the attack by identifying your target and learning as much as possible about the target. Hackers traditionally perform an initial reconnaissance probe s faecal matter to identify IP hosts, open user interfaces, and portions enabled on legions and whole workstations. In this lab, students will plan an attack on 172.30.0.0/24 where the VM server work resides. Using ZenMap graphical user interface, students will thus perform a come off into take or Quick play out on the targeted IP sub interlock.Lab estimate Questions Answers scream at least five applications and tools pre-loaded on the Windows 2003 Server address VM (VM Name WindowsTarget01) and identify whether that application starts as a service on the clay or must be run manually?local area network routingRun manuallyNatRun manuallyV pnStart as a serviceTerminal servicesStart as a serviceStreaming serverRun manuallyWhat was the DHCP allocated source IP host address for the Student VM, DHCP Server, and IP default gateway router?DHCP allocated the adjacent IP addressesSource IP host address is 192.168.1.6DHCP server address 192.168.1.1 scorn gateway router address is 192.168.1.1Did the targeted IP hosts respond to the ICMP echo-request packet with an ICMP echo-reply packet when you initiated the strike hard command at your DOS prompt? If yes, how many a(prenominal) ICMP echo-request packets were sent sanction to the IP source?Yes, four ICMP echo-request packets sent when I initiate a rap command from the DOS promptDetails of these packets are as followsPing statistics for 192.168.1.6Packets sent=4, Received=4, Lost=0 (0% loss)Approximate attack trip times in milli-secondsMinimum=0ms, Maximum=131ms, Average= 43msIf you ping the WindowsTarget01 VM server and the UbuntuTarget01 VM server, which fields in the IC MP echo-request / echo-replies vary?When I ping the WindowsTarget01 VM server and the UbuntuTarget01 VM server, ICMP echo-request / echo-replies of Windows Target01 VM server varies like 8ms, 131ms, 33ms and What is the command line syntax for running an brutal Scan with ZenMap on a target subnet of 172.30.0.0/24?nmap -T4 -A -v 192.30.0.0/24Name at least 5 different grazes that may be performed from the ZenMap GUI and document under what circumstances you would choose to run those particular scans. wicked Scan overlook = nmap -T4 -A -vIntense Scan is to comprehensive scan the network and all the data processors in the network. The benefit is that you can check all the vulnerabilities in the network where you are connected with.Ping scanCommand = nmap -snPing scan only point outs either target/targets are up or not. It does not scan the ports of that particular target/targets.Quick scanCommand = nmap -T4 -FIt is faster than the normal scan because it scans the fewer ports and use s the aggressive timing guideQuick scan plusCommand = nmap -sV -T4 -O -F version-lightIt detects the Operating system as well as the version of OS.Quick tracerouteCommand = nmap -sn tracerouteIt does not do the port scanning it just watch the negotiate record hop where from you can connect with the computer.Regular scanCommand = nmapA basic port scan with no extra options.How many different tests (i.e., scripts) did your Intense Scan definition perform? List them all after reviewing the scan report.It performs the following testsPort examineOS detectionVersion detectionvane Distancetransmission control protocol age predictionTrace route draw what each of these tests or scripts performs within the ZenMap GUI (Nmap) scan report.Port ScanningA port scan is mostly what its name suggests, a scan of all the ports open upon a system. The way a port-scanner typically works is to attempt to connect to each port upon a host, in turn, and then report the results.For example a scanner coul d connect toport 1 to see if tcpmux is running.port 7 to see if echo is running.port 22 to see if openssh is available.port 25 to see if smtp is available.OS Detection angiotensin-converting enzyme(a) of Nmaps best-known features is remote OS detection using TCP/IP stackfingerprinting. Nmap sends a series of TCP and UDP packets to the remote host and examines a good deal every bit in the responses.Version DetectionTwo all-important(a) fields that version detection can discover are operate system and device reference. These are also reported on the value Info line. We use two techniques here. One is application exclusivity. If we identify a service as Microsoft Exchange, we know the operating system is Windows since Exchange doesnt run on anything else. The other technique is to persuade more portable applications to let out the platform information. Many servers (especially web servers) require very little coaxing. This type of OS detection is intended to complement Nmaps OS detection system (-O) and can sometimes report differing results. For example, consider a Microsoft Exchange server hidden behind a port-forwarding UNIX firewall.Network DistanceIt detects how many hops are involved in the way to reach to the targeted computer.TCP range predictionNmap sends a couple of resets first to the open port, then sends sise packets with just SYN set (the normal method for opening a TCP connection), followed each time with a reset (a TCP header with reset and ACK flags set, which aborts the connection). The date numbers in packets sent increase incrementally by one each time this is abnormal behavior but is characteristic of sequence number collectors. Nmap collects the initial sequence numbers received from the target and looks for a pattern in the way they are incremented. This is called a TCP sequence prediction.TracerouteNmap does not perform a full trace to every host, so necessarily it must make assumptions about the hops that it has not probed. The first and most fundamental of these is that, in tracing a host, we find an intermediate hop that has already been seen in tracing another host, we may make bold that it and all it parents hops are shared between the two hosts.How many total IP hosts (not counting Cisco device interfaces) did ZenMap GUI (Nmap) find on the network?Two (2) up hosts are found in my network.Based on your Nmap scan results and initial reconnaissance probing, what next move would you perform on the VM server farm and VM workstation targets?In Nmap scanning weve been find the vulnerabilities of network or targeted computer. After the reconnaissance weve to check where weve to enter into the computer for the specific purpose i.e. if we want to check the web services on the targeted computer then weve to enter form the port 80.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment