...Lab #3 – Assessment Worksheet Data Gathering and Footprinting on a Targeted Web Site Student Name: ___Westley Mixon________________________________________________ Lab Due Date: __________January 28, 2015________________________________________ Overview The first phase of hacking is the footprinting phase, which is designed to passively gain information about a target. In this lab, you performed technical research against three Web domains using Internet search tools. You collected public domain information about an organization using the Google search engine to uncover information available on the Internet. Finally, you recorded the information you uncovered in a research paper, describing how this information can make an organization vulnerable to hackers. Lab Assessment Questions & Answers 1 What information can you obtain by using the WHOIS tool contained within Sam Spade? Domain owner, including contact names, numbers, addresses, and the names of associated servers. 2 Besides the WHOIS utility covered in this lab, what other functions did you discover are possible with the Sam Spade utility? That you can Ping, nslookup, Whois, IP Block, Dig, Traceroute, Finger SMTP Verify, Time, Blacklist, and Abuse Lookup. 3 What is the purpose of the tracert command? What useful information does the trace route tool provide? How can this information be used to attack the targeted website? It identify the network path that must be followed to reach one...
Words: 521 - Pages: 3
...9. 10. 9. 10. 1. 2. 3. 4. 5. 6. 7. 8. 1. 2. 3. 4. 5. 6. 7. 8. Lab 3: Exploring Busses Justin Faile October 6, 2014 NT1110 Lab 3: Exploring Busses Justin Faile October 6, 2014 NT1110 Lab 3: Exploring Busses Justin Faile October 6, 2014 NT1110 Lab 3: Exploring Busses Justin Faile October 6, 2014 NT1110 1. MagSafe is a series of proprietary magnetically attached power connectors. 2. Ethernet 3. FireWire 4. Thunderbolt – it’s a hardware interface that allows connection for external displays such as MDP (Mini Display Port) 5. USB 3.0 6. SDXC Card Slot 7. Audio Line In/Out 8. Battery Light Indicator 9. Kensington Lock Slot - (K-Slot) anti theft reinforced metal hole used for attaching lock apparatus. 10. 8XSuper Drive – (Disk Drive) http://designchair.co.uk/wp-content/uploads/2011/11/macbook.jpg http://hothardware.com/articleimages/Item1538/small_MacBook-Pro-right-side-view.jpg http://en.wikipedia.org/wiki/Thunderbolt_%28interface%29 http://en.wikipedia.org/wiki/Kensington_Security_Slot 11. MagSafe is a series of proprietary magnetically attached power connectors. 12. Ethernet 13...
Words: 273 - Pages: 2
...Lab 3 TCP\IP networking communication protocols 1. Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address to a physical machine address that is recognized in the local network. 2. The DHCP is used to distribute the main IP and create subnets for all additional computer connected to the same network. The DHCP server will be connected to the router and switch; it will distribute specific IP address to each individual computer so they can all be identified. 3. The DNS is the service that converts/translates the alphabetical name of a domain in to a numeric number known as an IP address. It can assign a specific IP address for a domain www.website.com or subsite.website.com. 4. FTP stands for file transfer protocol and it allows people to transfer files from a local destination to a remote location. A lot of web developers use this protocol because it is the main source of uploading and downloading data to their server. POP3 is the main email protocol that email programs use to retrieve emails from an email server. POP3 physically downloads the email to the local location and usually does not leave a copy of the remote server; there is an option to allow a copy to be saved on the mail server. 5. Student IP was 192.168.1.1 and the target IP is 192.68.1.52 6. There was 13,535 packets were delivered back to the IP source. 7. The 3-way handshake is used to establish a strong connection. The handshake allows the server and client to agree on...
Words: 348 - Pages: 2
...Objective To implement the Product of Sums (POS) of a Boolean expression. Components ICs: NOT (7404), 2-input AND (7408), 2-input OR (7432) Lab equipment: breadboard, power supply, multimeter. Problem Derive the Product of Sums (POS) expression from the equation provided below. Y = A’B + B’C’D’ + BCD + AB’CD Note that gates with large number of inputs can be constructed from gates with less number of inputs. Introduction The equation Y=A’B+B’C’D’+BCD+AB’CD needs to be rearranged using a Karnaugh map to support the product of sums circuit. The truth table for the previous experiment, Lab 2 SOP Implementation of Boolean Expressions, is used for the Karnaugh map. IC 7408 and 7432 only has 2 inputs for each gate, so an extra pair is needed to be able to manage the amount of OR gates required. Prelab In order to simplify the equation, the truth table needed to be solved for Y = A’B + B’C’D’ + BCD + AB’CD and converted using a Karnaugh map. During simplification, the coordinates at the 0’s that are grouped up horizontally and vertically, in groups of two, and are divided. When searching for the product of sums the 1’s turn to 0’s, and is a commonly missed error. After simplifying the expression, the schematic was drawn to map out the 2 input gate structure of the ICs: 7404, 7408, and 7432. Truth Table for Y = A’B + B’C’D’ + BCD + AB’CD A’ | B’ | C’ | D’ | A | B | C | D | A’B | B’C’D’ | BCD | AB’CD | Y | 1 | 1 | 1 | 1 | 0 | 0 | 0 | 0 | 0 | 1 | 0 | 0 |...
Words: 1506 - Pages: 7
...LAB 3Ex 3.1.1 We would have a harder time making devices that we use every day.so We would to have multiple routers depending on the devices we own and probably would not be able to use internet when anywhere like we do today. Ex 3.1.2 Laptop and Wireless router model is the easiest model to understand because we use them every day. Ex 3.1.3 Hub – physical Switch – Data Link Router – Network Review 3.1 1. It would be insufficient because it would have to include the other important layers like data which is what is being sent. 2. Much of the work on the design of OSI was done by a group at Honeywell Information Systems. This group was chartered with advanced product planning and with the design and development of prototype systems. The main idea in OSI is that the process of communication between two end points in a telecommunication network can be divided into layers, 3. The TCP/IP protocols were initially developed as part of the research network developed by DARPA. It was designed to use a number of protocols that had been adapted from existing technologies Lab 3.2: The OSI Reference Model Ex 3.2.1 1. PHYSICAL (Layer 1) – It describes the electrical/optical and functional interfaces to the physical medium, and carries the signals for all of the higher layers. It provides data encoding. 2. Data Link-The data link layer provides transfer of data frames from one node to another, allowing layers above it to assume virtually error-free transmission...
Words: 584 - Pages: 3
...Lab 3 assessment 1) What is the significance of creating Groups and Users to Groups? Explain Creating groups enables access to specific files rather than giving everyone access to specific files. 2) Given the scenario where there are five database administrators that may periodically need access to a given system. Discuss a concept to better manage these administrators' access permissions. Each administrator will need to have their own password to access the system. 3) The new web administrator's account has been set up and a password provided. What is the process to force a password change upon first long? su -c 'chage -d 0 jtemp' 4) What is the purpose of the "su" command? Explain its significance. su is so that the user can enter superuser mode. 5) Restricting the use of the 'su' command can be configured using what mechanism? Vi /etc/pam.d/su 6) What is the purpose of the login.defs files? Explain the contents and configuration options. The login.defs file contains the maximum number and minimum number of data a password may be used, the minimum acceptable password length, and number of days a warning is given before a password expires. 7) What is the PASS_MIN_DAYS setting? Why would it be a good idea to set the PASS_MIN_DAYS setting? This setting is the minimum number of days allowed between password changes. It's a good idea to set this setting so that the user is always able to change their password. 8) What is the PASS_MAX_DAYS setting? why...
Words: 390 - Pages: 2
...Intro Networking Lab 3 3.1.1 It would be very hard for all devices to communicate with each other. Everyone would have to buy the same brand for the devices to communicate. This would be horrible for businesses and people. Everyone would have to buy the same brand. That would make sure that they can all talk to each other. Businesses would not be able to talk to other departments. Things would not run smoothly. 3.1.2 The OSI model breaks down all the layers. And describes the layers and what they do. This model is used all the time in networking. 3.1.3 Data link, network, transport, and session. 3.1.4 It would be harder to find the problem. If all the layers were to general no one would be able to figure out what layer the problem is on. The problem could fit on multiple layers if it was to general. 3.1 Review 1. It does not give any information. Those layers are very big. Just to have 3 layers would not be able to find out the problem and find a way to fix it. With products changing there would be no way for a standard for communication. 2. Charles Bachman made the OSI model in the late 1970’s. It was made so other devices can talk to each other even if they are a different brand. 3. It was made by the Department of Defense. It was made to protect data integrity. 3.2.1 Physical- cables, modem, router or anything physical or hardware Data Link- how the data is sent Network- managing the network Transport- how the data travels Session-managing communication...
Words: 643 - Pages: 3
...Lab 3—Effect of Bentonite and Barite on Filtration Properties Drilling and Production Engineering Lab PE 4331-008 Group D February 26, 2016 Eric Ohman David Farrier Lucas Fischer David Hernandez Academic Integrity Statement On my honor, I affirm that I have neither given nor received inappropriate aid in the completion of this exercise. Name: Eric Ohman _ Date: 02/26/2016 Name: David Farrier _______Date: 02/26/2016 Name: Lucas Fischer ______ Date: 02/26/2016 Name: David Hernandez Date: 02/26/2016 ABSTRACT Several experiments were conducted on various drilling fluid samples, chiefly relating to the effects of viscosifiers (Bentonite), weighting agents (Barite, and salt on the filtration properties of these muds. Clear knowledge of the filtration properties of drilling fluids is of great importance to the drilling engineer as excessive filtration can cause both damage to the formation both from fine particles and from water infiltration. There are many negative effects of excessive filtration, including the loss of expensive drilling fluid, damage to the formation, and stuck pipe caused by large amounts of filter cake. In this experiment, using mud cakes were formed from mud samples of varying composition using a filter press. These results were then analyzed in fluid loss vs. square root of time...
Words: 2486 - Pages: 10
...fadi sitto lab 3 1. The purpose of the Risk Management Plan is to define how risks will be managed, monitored and controlled throughout the project. 2.The challenge of protecting critical business information has never been greater. Extensive requirements originating from multiple governing bodies, coupled with rising costs and financial penalties for failure, makes governing the operations of the organization an increasing challenge. Furthermore, increased competition for limited budgets and resources requires that organizations allocate available funding toward their highest-priority information security investments. LogicManager’s risk based approach helps you to objectively prioritize which business areas require focus and allocation of critical resources. 3.Risk Planning is developing and documenting organized, comprehensive, and interactive strategies and methods for identifying risks. It is also used for performing risk assessments to establish risk handling priorities, developing risk handling plans, monitoring the status of risk handling actions, determining and obtaining the resources to implement the risk management strategies. Risk planning is used in the development and implementation of required training and communicating risk information up and down the project stakeholder organization. 4.The First step in Composite Risk Management process is Planning Risk Management. This is where you will plan how you will handle all the Risks faced by...
Words: 725 - Pages: 3
...through software development lifecycle; there still remains security holes that arise when an application is deployed and interacts with other processes and different operating systems (Cobb, 2014). Another reason that penetration test is critical is many Payment Card Industry Data Security Standard (PCI DSS) mandate internal and external penetration test (Cobb,2014). 2. What is a cross-site scripting attack? Explain in your own words. Cross-site scripting is when an attacker exploits the controls of a trusted website and injects malicious code with the intent of spreading it to other end users. For example, an attacker injects a browser script on a website, so that other users will click on it and compromise sensitive information. 3. What is a reflective cross-site scripting attack? A reflective cross-site scripting attack is when the injected script is reflected off the web server, much like an error message or search results. This type of attack is mostly carried out by e-mail messages in which the user is tricked by clicking on a malicious link and then the injected code travels to the vulnerable website and reflects the attack back to the user’s browser (OWASP, 2013). 4. What common method of obfuscation is used in most real-world SQL attacks? These methods include character scrambling, repeating character masking, numeric variance, nulling, artificial data generation, truncating, encoding, and aggregating. These methods rely on an array of built in SQL server...
Words: 283 - Pages: 2
...command to become root. Fstab is your operating system’s file system table. If you want a review of file systems, be sure to check out our other article, HTG Explains: Which Linux File System Should You Choose? In the old days, it was the primary way that the system mounted files automatically. Nowadays, you can plug in a USB drive of any kind and it’ll just pop up in Nautilus like it does in Windows and Mac OS, but once upon a time, you had to manually mount those disks to a specific folder using the “mount” command. This held true for DVDs, CDs, and even floppies (remember those?). 2. Which fstab option would allow customers to view PDF files without being able to modify the files? "evince file.pdf" "You can use either rw or ro" 3. In the /etc/fstab file, what is the meaning of the defaults parameter? 4. Describe the process to create a quota hard drive limit of 2G for a user. "Enable quota check on filesystemb.Initial quota check on Linux filesystem using quotacheckc. Assign disk quota to a user using edquota commandd. Report the disk quota usage for users and group requotae. Add quotacheck to daily cron job" 5. What command enables you to initialize quotas on a...
Words: 502 - Pages: 3
...1. The three major categories used to provide authentication of an individual are something you are, something you have, and something you know. 2. Authorization is how an organization will assign and enforce access control rights. It is aligned with Identification and Authentication because it limits users who have a legitimate need for resources and it requires a strong password policy. 3. Three examples of Network Architecture Controls that help enforce data access policies at the LAN-to-WAN Domain level are SSO(Single Sign On), TKIP(Temporal Key Integrity Protocol), and SSID(Service Set Identifier). 4. LLC (Logical Link Control) and MAC(Media Access Control) 5. A NAC System, or Network Access Control system, is a policy where limited access to resources is granted to a computer that was just connected to the network. Once everything is scanned and checked, the NAC will grant the appropriate level of access. 6. A Public Key Infrastructure is a framework that consists of programs, procedures, and security policies that employ public key cryptography. In order to implement it, you would need to verify MAC addresses in the table. 7. PKI provides the capabilities of digital signatures and encryption to implement 8. The X.509 standard is for managing public keys through a PKI. X.509 certificates, where public keys are maintained, are digital documents that bind a user’s identity to a public key. 9. Regarding Biometric Access Controls, Identification...
Words: 274 - Pages: 2
...history of humanity, beginning with the Paleolithic Era. Distinct from the history of Planet Earth (which includes early geologic history and prehuman biological eras), world history comprises the study of archeological and written records, from ancient times on. Ancient recorded history begins with the invention of writing.[1][2] However, the roots of civilization reach back to the period before the invention of writing. Prehistory begins in the Paleolithic Era, or "Early Stone Age," which is followed by the Neolithic Era, or New Stone Age, and the Agricultural Revolution (between 8000 and 5000 BCE) in the Fertile Crescent. The Neolithic Revolution marked a change in human history, as humans began the systematic husbandry of plants and animals.[3][4][5] Agriculture advanced, and most humans transitioned from a nomadic to a settled lifestyle as farmers in permanent settlements. Nomadism continued in some locations, especially in isolated regions with few domesticable plant species;[6] but the relative security and increased productivity provided by farming allowed human communities to expand into increasingly larger units, fostered by advances in transportation. World population[7] from 10,000 BCE to 2,000 CE. The vertical (population) scale is logarithmic. As farming developed, grain agriculture became more sophisticated and prompted a division of labor to store food between growing seasons. Labor divisions then led to the rise of a leisured upper class and the development of cities...
Words: 3787 - Pages: 16
...Unit 3 Lab 3 In order to find your IP address, press your window key and R key to bring up the search box. Type CMD to bring up command prompt, then type ipconfig to get your IP address, Subnet mask and default gateway. For this computer I got, • IP Address : 10.61.108.40 • Subnet Mask : 255.255.252.0 • Default Gateway : 10.61.110.1 Everyone is assigned an IP address, it’s like you house address you need it in order to surf the web your IP address is tied to you and to be able to create a routing table ,that enables faster communication. When you open a web browser and type in a domain, it’s going to take you to that domain. Once again a domain name is like your house address but using words to get there. There are 2 ways you can put in a domain name, you can type www.whatever.com or whatever.com. In the 90’s when internet was introduced to the public, you had to type www in order to get to a website now you don’t have to use www it will automatically fill it in when you press the enter key. When you use the address bar you will see http (Hyper Text Transfer Protocol) or https, the “S” stands for secure socket layer, a secured page mainly for payments online or credit card information. Open Application is the process of accessing the physical layer to tell the OS to start the application. It’s one of many hidden system folders containing important files and documents that help Windows operating systems to run. This will establish a connection...
Words: 290 - Pages: 2
...ICND1 Skill Builders Part 1: Navigation and Administration Lab 3: Switch CLI Configuration Process II Overview This lab guides you through the process of entering configuration mode and through the configuration of a couple of commonly used configuration commands: description and enable secret. Topology S1 Gi0/1 PC1 R1 Fa0/0 Fa0/3 SW1 Fa0/2 Fa0/1 PC2 Figure 1 Network Topology for This Lab This lab uses only the switch (SW1) with no activities on the other devices. Detailed Lab Steps Step 1. Connect to SW1’s console port using the simulator. The window will look like a terminal emulator with a cursor at the bottom of the screen and the center of the screen mostly blank. Step 2. From the simulator’s terminal-emulator screen, press Enter. page 1 © 2009 Pearson Education, Inc. All rights reserved. This publication is protected by copyright. Step 3. Enter privileged mode using the enable command. Are you prompted for a password? No Step 4. Enter configuration mode using the configure terminal command. What does the command prompt look like after this command? What CLI mode does the prompt imply? Switch(config)# Config exec Step 5. Enter interface configuration mode for interface FastEthernet 0/1 using the interface fastethernet 0/1 command. What does the command prompt look like after this command? What CLI mode does the prompt imply? Switch(config-if)# Config Sub Exec Step 6. Use the description...
Words: 552 - Pages: 3