Perform Reconnaissance and Probing Assignment 1 Essay

1242 Words Sep 2nd, 2013 5 Pages
Perform Reconnaissance and Probing Using Zenmap GUI (Nmap)

Course Name and Number | IA 5010 Foundations of Information Assurance | Student Name | Vishal Gori | Instructor Name | Prof. Themis Papageorge | Lab Due Date | 19th Sept. 2013 |

Lab Assessment Questions & Answers

1. Name at least five applications and tools pre-loaded on the TargetWindows01 server desktop, and identify whether that application starts as a service on the system or must be run manually. WINDOWS APPLICATION LOADED | STARTS AS SERVICE Y/N | Filezilla | Y | Nessus Server Manager | N | NetWitness Investigator | N | The Wireshark Network Analyzer | N | Zenmap | N |

2. What was the allocated source IP host address for the
…show more content…
Based on your Nmap scan results and initial reconnaissance and probing, what next steps would you perform on the VSCL target machines?
>> Two major steps after the initial reconnaissance and probing are: 1. Listing and investigating vulnerabilities
NMAP scan and Nessus Server Manager scan reports can be used together to list out all possibilities in the target system.
These vulnerabilities are of 3 types: a. High
Consider below example of a high/critical vulnerability generated using Nessus scan:

In this the Admin/root password of the system is weak as it has not been changed from the default password. Now that one knows the password, one can easily access all information available on the server.
One can also access other servers as root of same domain through this server which might be connected using LDAP, NIS, etc. Thus, exposing the entire system. b. Medium
Few examples of medium risks are as below:

c. Low
An example of low risk vulnerabilities are as below:

2. Exploitation of vulnerabilities a. Gain superuser privileges on the host b. Modify logs and install a suitable backdoor to retain access to the host c. Compromise sensitive data

Related Documents