...Reconnaissance and Probing Using Zenmap GUI (Nmap) LAB #1 – ASSESSMENT WORKSHEET Perform Reconnaissance and Probing Using Zenmap GUI (Nmap) Course Name and Number: Student Name: Instructor Name: Lab Due Date: Overview Hackers typically follow a five-step approach to seek out and destroy targeted hosts. The first step in performing an attack is to plan the attack by identifying the target and learning as much as possible about the target. Hackers usually perform an initial reconnaissance and probing scan to identify IP hosts, open ports, and services enabled on servers and workstations. In this lab, students planned an attack on 172.30.0.0/24 where the VM server farm resides. Using Zenmap GUI, students then performed a “Ping Scan” or “Quick Scan” on the targeted IP subnetwork. Lab Assessment Questions & Answers 1. Name at least five applications and tools pre-loaded on the TargetWindows01 server desktop, and identify whether that application starts as a service on the system or must be run manually. WINDOWS APPLICATION LOADED 1. 2. 3. 4. 5. STARTS AS SERVICE Y/N ❑ Yes ❑ Yes ❑ Yes ❑ Yes ❑ Yes ❑ No ❑ No ❑ No ❑ No ❑ No 2. What was the allocated source IP host address for the TargetWindows01 server, TargetUbuntu01 server, and the IP default gateway router? TargetWindows01 IP 172.30.0.8 Default gateway 172.30.0.1 TargetUbuntu01 IP 172.30.0.4 Default gateway 172.30.0.1 TargetUbuntu01 credentials are not given for this lab, however when clicking on the icon the target...
Words: 786 - Pages: 4
...Unit 3 Assignment 1: Choosing Port Scanning Software In order to test server security your Senior Administrator has assigned you to run port scanning software to analyze servers and security. Search the Internet for and choose port scanning software to implement on your network. Questions: 1. What is port scanning? Answer: The act of systematically scanning a computer's ports. Since a port is a place where information goes into and out of a computer, port scanning identifies open doors to a computer. Port scanning has legitimate uses in managing networks, but port scanning also can be malicious in nature if someone is looking for a weakened access point to break into your computer. (Webopedia, 2013) 2. What is the goal of port scanning? Answer: a. To determine services that a computer is running and shut down services not being used to increase the security of the computer being scanned. b. To determine the vulnerabilities of the services that is being run in the computer being scanned. The vulnerabilities can then be patched once they are identified. 3. Would you prefer an open source or proprietary port scanning software? Answer: Many people in the business world prefer to use proprietary software instead of open source software due to the misconception that proprietary software is better supported than open source software. After several years of supporting both open source software and proprietary software, it becomes clearly evident...
Words: 367 - Pages: 2
...research are Nmap, Nessus, and Chkrootkit. In this paper I’ll go over how they enforce security, what threats these tools are designed to eliminate, and what organization is behind the tool. The first security tool I researched is called Nmap Security Scanner. Nmap stands for “Network Mapper”. It can be downloaded for free and comes with a full source code that you can modify and redistribute. Nmap has been used to scan huge networks of literally hundreds of thousands of machines and also works fine with a single host. Not only is it used for Linux, but it runs on all other major computer operating systems like Windows and Mac OS X. Nmap allows you to explore and audit a network. It uses IP packets to determine what hosts are available on the network, what services those hosts are offering, what operating systems they are running, what type of firewalls are being used, and many other characteristics. Network administrators find it useful for tasks like network inventory, managing service upgrade schedules, and monitoring host or service uptime. In addition to the classic command-line, the Nmap suite includes an advanced GUI called Zenmap. Nmap comes with no warranty and there is no organization behind it. It is supported by a community of developers and users. Another cool thing I found out is that Nmap was seen in eight movies including, The Matrix Reloaded, Die Hard 4, and The Bourne Ultimatum. The next Linux security tool I researched is called Nessus Vulnerability...
Words: 1070 - Pages: 5
...In 2006, a small business was created to provide customers with a close to real-time analysis of their stock portfolios. After months of doing business, several IT Administrators began to notice subtle changes in the corporate network. Shortly after that, the CEO began calling high-level meetings, especially with marketing and finance, to determine why the company’s profits for the last five months (July to December) began to take a downward spiral. Though it seemed that all operations and processes remained unchanged it seemed that the number of new customers registering through their customer portal had dropped drastically over the past last five months. The company has noticed anomalous traffic on port 80 of the Web Server on the DMZ. The edge router’s logs showed that the traffic started six months ago and ended five months later. They noticed five months ago that traffic from the Web servers to the internal application servers decreased each day, although the inbound requests on port 80 remained about the same. Over the last four months, Web server logs contained many http “Post” statements followed by the Website address of one the company’s main competitors. All of the post statements seemed to appear in the logs after new users would click “submit” to register. Based on the information that has been provided it seems that a competitor has been able to compromise the company’s network. This has allowed them to reroute network traffic from users that are attempting to register...
Words: 1289 - Pages: 6
...Certified Ethical Hacker Unit 2 Project Presented By Sandra Grannum To Dr. Pace On December 13, 2011 Table of Contents Abstact………………………………………………………………………………………………………..3 Seven steps of Information gathering…………………………………………………..………..4 Popular Reconnaissance tools……………………………………………………………………….5 Methods to crack passwords on windows linux and Mac…………………………….…..8 Password Cracker downloads…………………………………………………………….………….9 Security Plan……………………………………………………………………………………………….. 9-11 Steps to remove evidence……………………………………………………………………………. 11 References:…………………………………………………………………………………………………..12 Abstract This paper list and describe the seven steps of information gathering and describe some of the most popular reconnaissance tools while explaining the benefits and limitations of each. Included as well is the method to crack passwords on Windows, Linux, and Mac. There is also a password cracker tool that was downloaded on my home computer that describes the steps and outcomes. Least but not last, a security plan is also included in this project and the steps to remove evidence of an attack on a network. Define the seven-step information gathering process • Information gathering is divided into seven steps. These steps include gathering information, determining the network range, identifying active machines, finding open ports and access points, OS fingerprinting, fingerprinting services, and mapping the network. Define footprinting ...
Words: 2645 - Pages: 11
...Name: Institution: Topic: Course: Date: PART A 1.192.168.1.1 Open Ports are 80 (http) 2869(http) 2. Yes ,Nmap is able to identify the operating system that’s running on each system. Yes, there are many techniques that can be used to determine the OS of the host and feature raw IP packets in order to determine the hosts that are available on the network, the services the hosts are offering, the Os they are running on and the type of packets that are in use (Kanclirz & Baskin, 2008). For instance OS fingerprinting technique can be used. In OS finger printing Nmap is used to discover the device type , running operating system, OS details and network distance.. Using the open ports on 192.68.1.1 which are 80 and 2869 the OS is determined from the Zenmap scan as shown below OS CPE: cpe:/h:3com:7760 cpe:/h:netgear:wgt624 cpe:/o:netgear:vxworks:5 OS details: 3Com 7760 WAP, Linksys WRT54G or WRT54G2, or Netgear WGR614 or WPN824v2 wireless broadband router, Netgear WGT624 WAP, Netgear WGR614v7, WGT624v3, or WPN824v2 WAP (VxWorks 5.4.2) The services of the open ports are Port 80 Service(http) Port 2869 Service(http) 3. The host which is more secure is the one which has features that enable it to be protected by default in the background and is less prudent to virus attacks. The system that does not contain such services is not protected by the features that protect it by default and thus it is found to be least secure (Kanclirz & Baskin, 2008)...
Words: 770 - Pages: 4
...: | 9 | High : | 2 | Medium : | 0 | Low : | 19 | | | | Remote host information Operating System : | Linux Kernel 2.6 on Debian 6.0 (squeeze) | NetBIOS name : | | DNS name : | | | | | [^] Back to 172.30.0.1 | Port general (0/icmp) | [-/+] | Nessus Scan Information | Synopsis: Information about the Nessus scan. Description: This script displays, for each tested host, information about the scan itself: - The version of the plugin set - The type of plugin feed (HomeFeed or ProfessionalFeed) - The version of the Nessus Engine - The port scanner(s) used - The port range scanned - The date of the scan - The duration of the scan - The number of hosts scanned in parallel - The number of checks done in parallel Risk factor: None Solution: n/a Plugin output: Information about this scan : Nessus version : 4.2.2 (Build 9129) (Nessus 4.4.1 is available - consider upgrading) Plugin feed version : 201107120935 Type of plugin feed : HomeFeed (Non-commercial use only) ERROR: Your plugin feed has not been updated since 2011/7/12 Performing a scan with an older plugin set will yield out of date results and produce an incomplete audit. Please run nessus-update-plugins to get the newest vulnerability checks from Nessus.org. Scanner IP : 172.30.0.2 Port scanner(s) : nessus_syn_scanner Port range : default Thorough tests :...
Words: 29098 - Pages: 117
...Major Milestones of the Telecommunications Industry 1837 Samuel Morse invents the telegraph - The information age began with the telegraph, which was invented by Samuel F.B. Morse in 1837. This was the first instrument to transform information into electrical form and transmit it reliably over long distances. The earliest form of electrical communication, the original Morse telegraph of 1837 did not use a key and sounder. Instead it was a device designed to print patterns at a distance. 1858 Transoceanic telegraph cable is laid – The transoceanic telegraph cable is an undersea cable running under the Atlantic Ocean used for telegraph communications. The first communications occurred August 16, 1858, reducing the communication time between North America and Europe from ten days, the time it took to deliver a message by ship, to a matter of minutes. 1876 Alexander Graham Bell invents the telephone - The telegraph was followed by Alexander Graham Bell's invention of the telephone in 1876. The magneto-telephone was one of the first telephones on which both transmission and reception were done with the same instrument. 1885 - Incorporation of the American Telephone and Telegraph company (AT&T). After its incorporation in 1885, the American Telephone and Telegraph company dominated the telecommunications market. 1888 - Heinrich Hertz discovers the electromagnetic wave 1895 - Marconi begins experimenting with wireless telegraph 1901 Guglielmo Marconi invented the radio—the...
Words: 727 - Pages: 3
...Unit 1 Research 1 PT1420 In the 1970s the programming language that was most popular was Pascal. Pascal was designed in 1968-69 but published in 1970. Niklaus Wirth created the Pascal language to “1) make available a language suitable for teaching programming as a systematic discipline based on fundamental concepts clearly by the language, and 2) to define a language whose implementations could be both reliable and efficient on then-available computers. In 1972 the C programming language was developed by Dennis Ritchie. C was created to work with the system Unix. “Unix gives C such advanced features as dynamic variables, multitasking, interrupt handling, forking, and strong, low-level, input-output. Because of this, C is very commonly used to program operating systems such as Unix, Windows, the MacOS, and Linux.” In the 1980s the popular programming language was C++. C++ was developed at Bell Laboratories. C++ is a general purpose multi-paradigm spanning compiled language that has both high-level and low-level languages’ features. It was started as an enhancement to the C programming language, Bjarne Stroustrup in 1979. In the 1990s Java was the popular programming language. It was created in 1991 developed by James Gosling at Sun Microsystems and release in 1995. In the 2000s Visual Basic (VB) was popular in the programming world. VB was developed from BASIC which was originally developed in 1964 by John Kemeny and Thomas Kurts. VB is a Microsoft programing language and software...
Words: 261 - Pages: 2
...2/16/2014 Intellectual Property creation witnessing steady growth in India: Report - Economic Times You are here: Home > Collections > India RELATED ARTICLES Budget 2012: Relax corporate tax and surcharges to boost... March 5, 2012 Intellectual Property creation witnessing steady growth in India: Report PTI Jun 26, 2013, 06.43PM IST Bharti Airtel gives IP contract to Alcatel Lucent India June 1, 2012 Tags: Texas Instruments general motors | Mercedes-Benz | investments | intellectual property | Intel | Hewlett-Packard | | gdp | Alstom | Alcatel Lucent Alcatel-Lucent launches IP Transformation Center Septemb er 8, 2009 IN-DEPTH COVERAGE India Intellectual Property Alcatel-lucent Alstom NEW DELHI: The country's contribution to Intellectual Property (IP) creation is witnessing a steady growth, however, investments in R&D and patent activities in the country are still relatively slow when compared to developed nations, a report says. According to globalisation and market expansion advisory firm Zinnov's study 'Enhancing the IP Quotient in MNC R&D centres', IP creation is witnessing steady growth in MNC R&D centres, but investments in R&D and patent activities in India are still relatively slow. (A sector-wise analysis…) The study further said India spends just 1 per cent of its GDP on R&D, while countries like Israel spends 4.2 per cent, Japan 3.7 per cent, US 2.7 per cent and China 2.0 per cent...
Words: 815 - Pages: 4
...Electronics rely heavily on electronic switching and amplification to generate and capture the various signals which allow them to operate. A controllable valve that allows a small signal to control a much larger signal does this, and could be related to a controllable valve used in the control of water flow. This was once done by a device known as vacuum tube but was later brought down to a much lower production scale for a variety of industrial, economical and business related reasons. Bell Laboratories, the research arm of telecommunications company American Telephone and Telegraph’s (AT&T) director Mervin Kelly put together the first team of researchers and scientists placed on the task of research and development of a solid state-semiconductor later called a transistor that would supersede vacuum tubes and provide numerous advantages. The success of this development would prove to change the computing, electronics and telecommunications systems altogether. Up until the invention of the transistor a vacuum tube was used in the control, amplification and generation of electrical signals. Vacuum tubes are tubes usually made from glass and designed in an airtight manner as to keep the flow of “cathode rays” from external disturbance as they pass from each terminal and laid the foundation for numerous technical innovations, such as the light bulb discovered by Thomas Edison (fig. 1). Joseph John Thomson further made a vacuum tube and placed a third terminal to attain a grasp...
Words: 1787 - Pages: 8
...Fall 2015 Analytical Chemistry I Quantitative Analysis Chem 341WI 4 Credit Hrs | Instruction Mode: L (lab) and P (class) Professor Andrew Holder holdera@umkc.edu • SCB 113 • 816-235-2293 • 913-543-3709 (fax) Office Hours: T/Th 1:00-4:00, 5:00 – 7:30 Lecture: T/Th 4PM | Labs: T/Th 1PM (AFT), 5PM (EVE) Credit: Lab + Lecture = 4 credits | Format: Lab + Lecture (P) Lecture / Class Policies and Procedures Correspondence with UMKC Student Learning Outcomes Scientific Reasoning & Quantitative Analysis * Apply principles/methods of sciencea, mathb, statisticsc and logicd to solve problems and draw logical inferences. * Chpt 3: Experimental Error (c) * Chpt 4: Statistics (c) * Chpt 6: Chemical Equilibrium (a, b, d, e, f) * Chpt 7: Activity & Systematic Trtmnt, (a, d, e, h) * Chpt 8: Monoprotic Acid-Base Equil., * Chpt 9: Polyprotic Acid-Base Equil. (a, d, e, g, h) * Develop quantitative literacy enabling comprehensione and evaluationf of info in broad contexts. * Chpt 3: Experimental Error, Chpt 4: Statistics (f) * Chpt 5: Quality Assurance and Calibration Methods (c) * Understand methodsg/principlesh of scientific discovery and their application * Sxn 0-2: The Analytical Chemist’s Job (g, h) * Sxn 0-3: General Stages in a Chemical Analysis (g, h) * Chpt 2: Tools of the Trade (g) * Carrying out laboratory analyses (g, h) ...
Words: 4091 - Pages: 17
...Blogging is popular among the people in today’s society, especially amongst teenagers. In fact, the number of blogs is exploding, with about 14 million existing blogs. On average, the number of blogs is doubling every five months. There are many advantages of blogging. Firstly, people can use as an online dairy, using it to share the day’s happening in her life with other visitors on the net. Furthermore, if the blogger (author of the blog) has met up with certain incidents in her life, he can share it on the blog and others can console or praise him, by giving comments or leaving a message in the blog’s tag board, depending on the incident. Blogging can also be a good way to relieve stress as some way wants to use their blog to vent out their frustration or pour out their woes when stress becomes too much for them. Some bloggers even use their blogs to flaunt their literati skills by posting poems about themselves or things around them. Secondly, bloggers can also use their blogs to inform others on a certain topic which happens to be his niche, thus allowing others who are interested in the topic to learn some tricks from the blog, they are also post questions to the blogger if they meet up with problems. Even Mr. Donald Trump is doing so, he launched the Trump Blog last month to share his insights into and answer questions about corporation ethics, personal success and business dilemmas. Other organizations are also using blogs to make announcements to...
Words: 663 - Pages: 3
...fornia, start-up, Shockley Semiconduc tor Laboratory. Shockley had been part of the Bell Labs team that invented the transistor. He had quit his job and come west to start his own company, telling people his goal was to make a million dollars. Everyone thought he was crazy. Shockley knew he wasn't. Unlike a lot of the people at Bell Labs, he knew the transistor was going to be big. Shockley had an idea about how to make transistors c heaply. He wa s going to f abric a te them out of si li con. He had come to this valley, south of San Francisco, to start production. He felt like hewas on the cusp of history, in the right place at the right time. All that he needed was the right people. Shockleywas leaving nothingto c hance. Tod a y's in ter vi ew wa s J i m Gibb ons . Hewa s a young guy, earl y twenti es . He already had a Stanford Ph.D. He had s tudied a t Cambridgetoo - on a Fulbri ght sc holars hip he'dwon. Gibbons was si tting in front of hi m ri ght now, in Shockley's Quonset hut of fice. Shockley picked up his s topwa tch. In Augus t 1957 William Shockleywas recrui ting s taff for hisPalo Alto, Cali fornia, start-up, Shockley Semiconduc tor Laboratory. Shockley had been part of the Bell Labs team that invented the transistor. He had quit his job and come west to start his...
Words: 447 - Pages: 2
...the company obtains a high performance network for a reasonable price. Project description MK Institute of Higher Learning is purposing a project with the description to network a classroom based floor. This floor will consist of three wings. Each wing accommodates one distribution closet, which must be interconnected to one another. Each wing also has eight classrooms and one computer lab. Classrooms will need 2 drops and the computer labs will need 44 drops, resulting in 60 drops in all per wing. The ISP connection will be entering from the north wing’s distribution room. The institute will also be requiring that a wireless access coverage to the central lobby area, allowing 100 users simultaneously, to be made possible. Also noting that the central lobby area consists of three solid supports, holding a 25’ ceiling. Major Deliverables * The networking of the MK Institute of Higher Learning. * Placing needed hardware. * Wiring the hardware and network. * Interconnecting distribution rooms. * 3 wings, each consisting of 8 classrooms = 16 drops, one computer lab = 44, and one distribution room. * Wireless central lobby allowing 100+ users simultaneously. * Fully functional Networking...
Words: 607 - Pages: 3
