ALICIA G.LAB2

pdf

School

George Mason University *

*We aren’t endorsed by this school

Course

420

Subject

Information Systems

Date

Feb 20, 2024

Type

pdf

Pages

7

Uploaded by ProfCatMaster1062

Report
MIS 420 Term: Fall 2022 © 2021 Virginia Cyber Range. Created by R. Eric Kiser. (CC BY-NC-SA 4.0) 1 Laboratory Exercise 2 Overview of Penetration Name: Alicia Garcia G01468985 Due Date: 08/29/2022 Points Possible: 1 1. Overview For this lesson students will review Nmap scanning techniques with an emphasis on a penetration methodology. 2. Resources required This exercise requires a Kali Linux VM running in the Cyber Range. 3. Initial Setup For this exercise, you will log in to your Cyber Range account and select the Kali Linux with Metasploitable (2020.09) environment, then click “start” to start your environment and “join” to get to your Linux desktop. 4. Tasks Task 1: Nmap Scanning Review For this course you should already be familiar with Nmap and the switches. This lesson will cover a quick review of the Nmap scanning methodology. Complete the following: 1. The first step to an internal penetration test is to find live systems. We do not need to perform a port scan to find the host, b ut we do need to scan the entire subnet. Remember that your IP address will be different than mine. Open a terminal and a t the command prompt, complete the following: View the subnet ip addr show Scan for live systems
MIS 420 Term: Fall 2022 © 2021 Virginia Cyber Range. Created by R. Eric Kiser. (CC BY-NC-SA 4.0) 2 nmap -sn <IP/20> In my case: nmap -sn 10.1.143.6/20 In my case, four hosts were found . You may have found more or less hosts than I did. For now, I want you to understand that finding live systems is the first step to an internal penetration test. 2. The second step is to see what doors are open on these hosts. This will greatly narrow the amount of systems we enumerate, as many hosts will be filtered. Let’s scan for open ports. Either -sS or -sT will work. Using - sS is a half open scan and will prevent the scan from getting logged. Whereas sT is a full connect and will be logged. In order to execute the nmap command with these options, you must be root. You can sudo <command> or you can sudo su to switch the user to root in that terminal. So, at the command prompt, type sudo su to become root. Next, type the following: nmap -T4 -sS <IP/20>
MIS 420 Term: Fall 2022 © 2021 Virginia Cyber Range. Created by R. Eric Kiser. (CC BY-NC-SA 4.0) 3 In picture below: nmap -T4 -sS 10.1.143.6/20 There will be a lot of information printed to the screen. Scroll down until you find results that look like the screenshot below. There should only be one machine with several ports open (excluding your IP address). 3. Now we need to find the service versions. At the command prompt, type the following: nmap -T4 -sV <IP Address of Host> In my case: nmap -T4 -sV 10.1.133.250 Your results should be similar to the screenshot below.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
MIS 420 Term: Fall 2022 © 2021 Virginia Cyber Range. Created by R. Eric Kiser. (CC BY-NC-SA 4.0) 4 4. Now we complete OS detection (enumeration) . At the command prompt, type the following: nmap -T4 -A <IP Address of Host> In my case: nmap -T4 -A 10.1.133.250
MIS 420 Term: Fall 2022 © 2021 Virginia Cyber Range. Created by R. Eric Kiser. (CC BY-NC-SA 4.0) 5 5. Now we will look at Nmap reports. Briefly, the nmap output formats are as follows: -oN - Normal Nmap output -oX - XML format -oS - Script kiddie output -oG - Grepable format -oA - All 3 formats For more information on these types of nmap outputs, please read about them here . a. First we need to navigate to the Nmap directory; this way the script will work properly. In the root terminal, type the following: cd /usr/share/nmap/ b. We will complete an XML format output. At the command prompt, type the following: nmap -sS -sV -A <IP Address of Host> -oX serviceversionOS.xml --webxml In my case: nmap -sS -sV -A 10.1.133.250 -oX serviceversionOS.xml -- webxml c. This scan will reveal what ports, services, and operating systems are running on the host that we discovere d. Once the nmap scan is complete, do the following: Click on the File menu in the terminal window and click Open Tab . Navigate to the nmap folder by typ ing cd /usr/share/nmap and press enter. To open the xml file, type xdg-open . and pr ess enter. Double click on the file “serviceversionOS.xml” to view the output.
MIS 420 Term: Fall 2022 © 2021 Virginia Cyber Range. Created by R. Eric Kiser. (CC BY-NC-SA 4.0) 6 Remember, in a real penetration test you would scan all 65535 ports. We only scanned the top 1000 ports due to the time it takes to complete a full scan of all the ports. This is also only the scanning phase of a penetration test. We will discuss more penetration steps and how to speed up the scanning process in later modules. 5. References: https://nmap.org/book/man-output.html KSAs Addressed F rom ( https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-181.pdf) Knowledge: K0001: Knowledge of computer networking concepts and protocols, and network security methodologies. K0005: Knowledge of cyber threats and vulnerabilities. K0177 : Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks). K0398: Knowledge of concepts related to websites (e.g., web servers/pages, hosting, DNS, registration, web languages such as HTML). Skills: S0051: Skill in the use of penetration testing tools and techniques. S0081: Skill in using network analysis tools to identify vulnerabilities. (e.g., fuzzing, nmap, etc.). Abilities: A0160 : Ability to translate, track, and prioritize information needs and intelligence collection requirements across the extended enterprise Tasks: T0591: Perform analysis for target infrastructure exploitation activities.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
MIS 420 Term: Fall 2022 © 2021 Virginia Cyber Range. Created by R. Eric Kiser. (CC BY-NC-SA 4.0) 7 NSA/DHS CAE Knowledge Units: https://www.iad.gov/NIETP/documents/Requirements/CAE- CD_2019_Knowledge_Units.pdf (you may need to accept an invalid iag.gov SSL certificate to reach this PDF) Basic Cyber Operations (BCO) Penetration Testing (PTT)

Related Documents

Ex. 2.5 Import Data.docx
Ex. 2.4 Create database and table using SQL.docx
Ex. 2.2 Create database.docx
Procurement ICE.docx
PracticeQuestions_Information Security Overview Pt1.docx
Spd556 T1DQ1.docx
BIOS255 Lab Week5.docx
CYB 250 7-1 Final Project David Obi.docx
Getting to know the Cyber Range LessonExercise_Fall2020.docx
CYB 250 5-3 Final Project Milestone David Obi.docx
Assignment3.docx
NDT Assignment 4.docx