NMap assignment

Assignment Type

This is for individuals. You must do the work yourself – copying results from another student is a violation of university policy.

Background

  • Using the RLES VM network, you will use nmap to interrogate known computers on the RLES network
  • DO NOT try to run nmap against ANY OTHER devices/ computers
  • You will also analyze a wireshark network trace of an NMAP Config scan

Basic Instructions

  • If you do not have an RLES VM, then you will need to create one. See instructions in RLES slides
  • Once logged in to your RLES Win 10 VM
  • Download and install nmap from nmap.org
    • NOTE: Do not install the USB plugin
  • Download and install Wireshark from wireshark.org
  • Read the nmap and wireshark tutorials from each site to familiarize yourself with the tools
    • DO NOT RANDOMLY RUN Nmap commands!
    • Only run NMAP against the target machines (below) on the RLES NAT (You can can get your IP address blocked and angry admins may descend upon you!)
  • Using nmap, run network scans (details below) to do the following:
    • Find open ports on the defined computers
    • Find vulnerabilities on the computers
  • Use wireshark to capture network traces as you run the nmap commands, so you can understand and explain what each nmap scan is doing, to identify or extract the resulting information

Part 1:

NMAP Scanning Instructions

Nmap commands to use
You will use the following nmap commands against the specified IP addresses to discover information about the target machines.
NMAP Command 1: Purpose: To find open ports (This command lists the top 20, for example):
nmap –top-ports 20 <IP Address>
NMAP Command 2: Purpose: To find configuration information:
nmap -A -T4 <IP Address>
NMAP Command 3: Purpose: To uncover vulnerabilities:
nmap -Pn –script vuln <IP Address>

IP Addresses to use (Don’t use any others!)
192.168.201.11; 192.168.199.212; 192.168.192.146

Run the all 3 commands against all 3 IP addresses

Output Requirements/ Document Format for NMAP Scans

Create an MS WORD document summarizing your results. Your write up should include at least these sections (for each nmap scan)

Purpose

<Your information here>

Scan Command used

<Your information here>

Result of scan

<Your information here>
(Results will be different depending on the scan and scan results)

  • Device type found (OS, version, …)
  • Ports found and state of ports
  • Vulnerabilities

Scan mechanisms used by nmap (e.g. FIN, NULL, SYN etc)

<Your information here>

Part 2:

Wireshark Trace: Configuration Scan

Load the supplied file nmap-probeConfig_192.168.206.67.pcapng into wireshark, and answer the questions below ( add them to your MS Word document)

  • Look at line 2076
    • What type of protocol request is being performed ?
    • Which line shows the response?
    • What is the domain?
    • What is the server name?
  • Look at line 2488
    • What is the command issued?
    • Which line# is the response? What is the response?
    • What is the purpose of this type of scan? (Need to think/ analyse/ speculate about what attackers might be trying to do)

Run a config. scan to IP 192.168.199.212 with wireshark running to monitor the packets

  • Use wireshark to do the following
    • Find the domain
    • Find the server name
    • List the wireshark line numbers to confirm the request and response that show the server name and domain
      Repeat the exercise with IP 192.168.192.146

Submission

Submit your document to the appropriate myCourses assignment folder

Grading (50 points total)

NMAP Scans
Command 1: 10 points (all 3 devices)
Command 2: 10 points (all 3 devices)
Command 3: 10 points (all 3 devices)

Configuration Scan analysis: 20 points

Maximum points for clear, complete and accurate analysis