Monday 16 March 2015

Week 7 Lab 12

TASK 1:

In this task we used the nmap command to view the available commands within this command and also used nmap on the command line to view the possible hosts on the network. We used zenmap to have a GUI representation of the scan we performed to view the ports available.

Zenmap showing available hosts/ports



1. Why is nmap useful for people working in the field of Information Assurance?

So the security professionals can see if they are at risk of attacks and patch the possible places for attacks before being attacked

2. What is the best way to find out all of the available switches for nmap?

nmap

3. How can you perform a ping scan to determine alive hosts using nmap?

nmap –sP 10.10.19.*

4. What is the syntax to scan a remote machine for open UDP ports?

nmap –sU 10.10.19.202

5. What is the syntax to scan a remote machine for open TCP ports?

nmap –sT 10.10.19.202


TASK 2:

In this task we used the nessus server to identify holes in our system making them easier to solve when trying to fix them. We checked if the nessus server was available to use then started it up, we then used its scan function to find any vulnerabilities. We then viewed these vulnerabilities within nessus and it gave us information on the current hole and options on how to deal with it.

finished nessus scan report
1. Why do you need to be cautious when initiating a Nessus scan?

It can cause your computer to crash

2. What is the command to start the Nessus server?

/etc/init.d/nessusd start

3. Which command can be used to verify that the Nessus server is running?

netstat -tanp

4. Is it possible to run the Nessus client and server on the same machine?

they don't have to but they can


TASK 3:

In this task we used the metaspoilt command and within that meterpreter to find a possible machine to hack into and add a user within that system from your own command line.

1. What is the command used to show all Windows exploits in Metasploit?

search exploits windows

2. What is the command used to show all Macintosh exploits in Metasploit?

search exploits osx

3. How can you learn more information about a particular exploit?

info windows/dcerpc/ms03_026_dcom

4. Launch msfconsole again. Use the banner command until you are able to get the picture of the cow. Type exit to leave the msfconsole environment.

Cow Banner




Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)