What command would look for endpoints with the port

Reference no: EM133481648

Make sure you are using security tools in a virtual internal network or that you have written permission to do so on the network you are connected to.

you should have downloaded the two Lubuntu virtual machines; the first, named Linx, will be the one from which you will launch different security tools; the second, named Hare, will be used as the target.

For Linx, the username is "herzing" and the password "Herzing2021". You don't need to login into Hare, for all the required tasks will be done remotely.

The IP addresses are 192.168.100.11 for Linx and 192.168.100.12 for Hare, none of them with outside communication to Internet.
It's convenient to work as root, so once you open a command-line terminal, execute "sudo su" to become root. You will be asked for the user's password you logged in with.
Please respond to the following questions:

tcpdump

Try the command "tcpdump -i enp0s3 -c 4 port 80" on Linx. Wait at least for 60 seconds. What is the destination IP of this traffic? What is the filename after the GET command?

What command would you use to see only network traffic related to Hare (supposing there were more endpoints on the network)?

wireshark

Using wireshark and filtering the output of the traffic capture to see only FTP-related traffic, determine the username and password in the communication.

nmap

Execute "nmap 192.168.100.12" on Linx. How many open ports there are and what are the corresponding services?

Execute now "nmap -p25 192.168.100.12". What is different with the smtp service? What does it mean?

What command would look for endpoints with the port 22 open in all the class C network using a TCP SYN scan (hint: use "man nmap" for help)?

nikto

Using nikto against Hare determine the Apache version (hint: use "nikto -h" for help).

What are the allowed HTTP methods?

john

Now that you have credentials to connect by FTP, execute "ftp 192.168.100.12", use them. Then, when in the ftp> prompt is shown, list all files with "ls" or "dir" and download the only available file with "get creds.web".
Use John the Ripper (john filename) to crack the password of the user webadmin. What is this user's password?

Reference no: EM133481648

Questions Cloud

Why is listening a skill that is rarely taught : Identify a social media platform (e.g., Facebook, Instagram, Snapchat, etc.) and describe whether or not listening functions within that platform

Explain normal function of the cardiovascular system : Explain the normal function of the cardiovascular system. Identify tests commonly performed to diagnose disorders of the cardiovascular system.

Social determinants of health to improve conditions : Is there a possibility of changing the behavior or social determinants of health to improve conditions?

Describe the major social determinants of health : Describe the major Social Determinants of Health (click to review) for your population group. Reflect on your clinical experience as a whole.

What command would look for endpoints with the port : What command would look for endpoints with the port 22 open in all the class C network using a TCP SYN scan (hint: use "man nmap" for help)

What chemical concepts will be used to enhance smart city : what they have learned in all other subjects to fulfil their solution or innovative idea implementation of the main topic selected.

How the author claims and borrows authority : Your thesis statement will make a claim about whether the use of ethos in this article is strong or weak, and briefly explain why. You are welcome to connect

Identify the tasks needed to complete the project : Identify the tasks needed to complete the project. Develop a completion schedule. Assign resources to project tasks. Be creative.

Role of community nurses in coordinated care : Community Nurses and case managment. Role of community nurses in coordinated care, advocacy, and empowement.

User Account

All Pages