User Account

All Pages

Nmap as an offensive network security tool

Assignment Help Computer Network Security
Reference no: EM132637363

HS1011 Data Communication and Networks - Holmes Institute

Introduction to Network Security

Hands-On Project 1: Nmap as an Offensive Network Security Tool

Objective: understanding the use of network security tool tofind vulnerability of the network and network operating systems.

Required Tools/Equipment:Zenmap (Nmap, short for Network Mapper, is a very versatile security tool that should be included in every professional's toolkit.) Nmap is an open source utility for network exploration, security scanning and auditing.
Description: In this project, we will use Nmap to find a target host, perform port scanning and OS fingerprinting.

1.Find the target computer:

• Before starting this lab, a target computer has been set up for you. You can use Nmap to scan entire networks to look for potential targets. This can be done by "ping sweeping" with the -sp command. When using this command, Nmap sends in ICMP echo and a TCP ACK flag to each host that it scans. If Nmap receives a response, it notes that IP as being a running host and then continues its scanning process.

• From the command line (START/RUN/cmd) you can scan for all hosts on the local network by typing in the following command:

nmap -sP 10.1.2.* -sP stand for "sweep ping".

• Nmap will return with its scanning results after a short wait. Record the IP address, MAC address and host types( such as HP, cisco, etc) in your report (at the end of this lab) as shown in Figure 1.
Your target computer has an IP of _________________________

[OPTIONAL] : There is also another, more specific, way to ping your targeted computers. In some scenarios, a host may be blocking some sorts of traffic, so specifying a specific port for the scan may be necessary. You can try scanning on port 80 since that is normally open for http traffic. To specify a specific port, the -PT command is used. From the command line, run: nmap -sP -PT80 192.168.1.* NOTE: For Nmap to determine if a host is running, the specified port (in this case 80) does not need to be open.

2. OS Fingerprinting

It is usually important for an attacker to know what OS version is running on the target computer.

This is done by using the -O command, which must be used in conjunction with a port scan (-sT or -sS which will be covered later).
From the command line run:

nmap -O -v <one IP address listed in part 1>

Nmap will scan for specific ports, and then extrapolate the most likely target OS from the open port information. Record the resulting Nmap data in your report as shown in Figure 2.

3. Port Scanning

The most simple port scan is a TCP connect scan. This attempts to complete a normal 3- way handshake with the targeted computer. You can run this scan on a specific IP (ask your instructor what to use, or use the machine identified in 1.1) with the -sT command. From the command line:

nmap -sT<one IP address listed in part 1>

This will scan for open ports on that specific host. The scanning result will as Figure 3.

Note: This type of scan is very easy to detect since the target host will log the connection by the attacker. You can even check in the

4. Stealth Scanning from the GUI

The basic deep scan (using the -sT command) can be detected easily, and there are alternatives to such brute force methods of scanning. Stealth port scanning is used to avoid logs being created of your scanning activity. The targeted computer doesn't log the connection because the 3-way TCP handshake never finishes. Instead of finishing the handshake, the attacker sends an RST (reset command) flag to disconnect the connection instead of acknowledging the connection. Let's try the stealth port scan, but we will use the nmap GUI to make our task easier. Go to Start/nMap/nMap -ZenMap GUI. You should see something that looks like this:

- In the target line, enter the IP address of your target machine.
- In the Profile line select "stealth scan" if it is available.
- IF STEALTH SCAN IS NOT AVAILABLE, type the following into the command line.

nmap -sS -v <one IP address listed in part 1>

NOTE: You can create your own scans and save them as "profiles" - When you are ready hit the SCAN button. After you have run your scan, take a look at the other tabs. What information was disclosed by this scan?

Attachment:- Introduction to Network Security.rar

Reference no: EM132637363

Questions Cloud

What would have been the income before income taxes : Consumer reported income before income taxes of $2070 million. What would have been the income (loss) before income taxes
Determine the internal bending moment : Determine the internal bending moment (in Nm) at a point where r = 0.51 m and ?= 32 degrees. (2 decimals)
Difference in elevation between two ground points : The difference in elevation between two ground points was measured by each of three field parties using different kinds of leveling instruments
Life-cycle costing : Respond to the following prompts: "What do I feel are the most important aspects of my learning in the chapters this week?"
Nmap as an offensive network security tool : Introduction to Network Security - Nmap as an Offensive Network Security Tool - understanding the use of network security tool tofind vulnerability
Determine the axial forces for which the member : Determine the axial forces for which the member CD should be designed given the following service loads: dead load of 1 kip/ft on girder
Draw the mode of shapes of column buckling : Draw the mode of shapes of column buckling with Pcr values.
Summary and purpose of the article of variable costing : Summary and purpose of the article of Variable Costing. Variable Costing has now arrived of a period and is providing to be an exceptionally
What income effects would be reported : On Pine's financial statements for the year ended December 31, 2021, what income effects would be reported from its ownership in Seacrest

Reviews

Write a Review

Computer Network Security Questions & Answers

  Pros and cons to the project using predictive sdlc

Write brief description of the Pros and Cons to approaching the project using the 'Predictive' SDLC, then the Pros and Cons to approaching the project using the 'Adaptive' SDLC.

  Conduct a security analysis baseline

conduct a security analysis baseline of the IT systems, which will include a data-flow diagram of connections and endpoints, and all types of access points

  Explaining asymmetric encryption algorithms

Using only asymmetric encryption algorithms, describe a process that would allow Alice to send a message that can only be read by Bob. You should include any steps taken by Bob that allow him to read the message.

  Program to strip all occurrences

Write a program to strip all occurrences of these characters: '(', ')' and '-'. Also, strip all the leading and trailing whitespace characters. Display the stripped phone number

  Security plan for the network

Utilizing the security mechanisms you have learned design the security plan for the network according to the project manager's requirements

  How do tables track the state and context of exchange packet

What are stateful inspection firewalls and how do the tables track the state and context of each exchanged packet?

  Present a short summary of the arguments for and against

you have been asked to help decide whether to outsource security or keep the security function within the firm. search

  What information items are included in this ticket

When the Server receives the authenticator and the ticket from the client. The server will compare the information items contained in the authenticator and the ticket to authenticate the client user's identity. Please give a detailed answer on how..

  What is phishing and how is it perpetrated

Your assessment task: What is phishing. How is it perpetrated? Why is it successful? Why should organisations be concerned

  Reasonable to compute rsa signature on long message

Would it be reasonable to compute an RSA signature on a long message by first finding what the message equals, mod n, and signing that?

  How would use address the given troublesome trend

How can one protect against virus outbreaks in an organization? What are the common causes of this problems? How would use address this troublesome trend?

  Have you set up your home wireless network

Have you set up your home wireless network to restrict access from unauthorized individuals? Why or why not? What potential problems could arise from someone poaching your bandwidth without your knowledge?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd