Course Hero Logo

kit711-tutorial-03.pdf - KIT711 Network Security Techniques...

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 1 - 3 out of 11 pages.

1KIT711 Network Security Techniques and TechnologyTutorial 3ObjectiveThis week we continue our exploration of penetration testing, moving into phase two:port scanning.This is the second phase of reconnaissance – we use the limited knowledge that we have of thetarget (just an IP address), to identify a target application to try to attack.ØThis tutorial includes three assessment items that you must complete todemonstrate your understanding of the material. Each is worth 1% of your overallassessment for the unit. Call your tutor when you have completed eachassessment item so that your assessment can be checked and recorded.What is Penetration Testing?Penetration testing can be defined as a legal and authorized attempt to locate and successfullyexploit computer systems for the purpose of making those systems more secure. The processincludes probing for vulnerabilities as well as providing proof of concept (POC) attacks todemonstrate that the vulnerabilities are real. While you won’t be conducting penetration testsagainst real systems in this unit, you will be learning about some of the tools that are used for doingthis.ØThe tools that you will use in these tutorials are to only be used against computersas instructed in this document.The tools that we use are of varying offensiveness to server owners, but they are all seen as beingprecursor activity to an attack, and as such are used with malicious intent. In some countries some ofthe forms of scanning you will do are illegal. You should only use the techniques described here inthe networks labs against the virtual machines set up for this purpose. Do NOT use them on oragainst other university computers as you will be in breach of university policies.ØDo NOT use the tools described in this unit against any other university computers.Doing so is a breach of university policies, and could result in disciplinary or legalaction being taken against you.
KIT711 Network Security Techniques and TechnologyTutorial 32Penetration testing is also known aswhite hat hacking, orethical hacking. The goal is to find securityholes in computer systems that you are authorised to find security holes in. If you are not authorisedto look for security holes you may be breaching telecommunications and other law at both federaland state levels.Penetration Testing Phase 2: Port ScanningIn phase 1 of the penetration test you selected several targets, and then used different methods tolocate information about those targets to enable this second phase to occur. The basic outcome thatyou needed, beyond general information, was a set of IP addresses that relate to the target. In thisweek’s tutorial you will progress from IP addresses to gaining information about the computers thatown them.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 11 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
NoProfessor
Tags
Transmission Control Protocol

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture