devices. They need to find and close as many vulnerabilities as possible, as soon as possible. Hackers traditionally follow a five-step approach to seek out and compromise targeted hosts: reconnaissance, scanning, vulnerability analysis (enumeration), exploitation (the actual attack), and post- attack activities, including remediation of the vulnerabilities. The first step, reconnaissance, begins with identifying the target and learning as much as possible about the target. During the reconnaissance phase, hackers scan a network to identify IP hosts, open ports, and services enabled on servers and workstations. In this lab, you will explore the common tools available in the virtual lab environment. You will use Wireshark to capture and analyze network traffic, use Nessus to scan the network, review a sample collection of data using NetWitness Investigator, connect to a remote Windows machine and explore two file transfer applications, FileZilla and Tftpd64. You will use PuTTY to connect to a Linux machine and run several Cisco commands to display statistics for the network interfaces. Finally, you will use Zenmap to perform a scan of the network and create a network topology chart. Learning Objectives Upon completing this lab, you will be able to: 1. Explore common network scanning and analysis tools
2/4/2019 Lab Guide for Performing Reconnaissance and Probing Using Common Tools 3/54 2. Perform network reconnaissance and probing on the machines in the Virtual Security Cloud Lab (VSCL) 3. Use Zenmap to perform an Intense scan on an entire subnetwork (172.30.0.0/24) 4. Create a Fisheye Bubble chart to explain the relationships between devices on a network 5. Explain how attackers use common network scanning and analysis tools to compromisenetworks 1. In the first part of the lab, you will explore the tools used within the virtual lab environment. 2. In the second part of the lab, you will use PuTTY to connect to a Linux server and perform several Cisco IOS operations. 3. In the third part of the lab, you will use Zenmap to perform a basic reconnaissance of the targeted machine. SECTION 2 of this lab allows you to apply what you learned in SECTION 1 with less guidance and different deliverables, as well as some expanded tasks and alternative methods. Finally, if assigned by your instructor, you will explore the virtual environment on your own in SECTION 3 of this lab to answer a set of questions and challenges that allow you to use the skills you learned in the lab to conduct independent, unguided work, similar to what you will encounter in a real-world situation.
You've reached the end of your free preview.
Want to read all 54 pages?
- Spring '15
- IP address