1. Name at least five applications and tools pre-loaded on the TargetWindows01 server desktop, and identify whether that application starts as a service on the system or must be run manually.
Wireshark – manual
Nessus Client – manual
Nessus Server Manager – can be set up to run at Startup
Filezilla Server Interface – starts as a service
Zenmap GUI - manual
2. What was the allocated source IP host address for the TargetWindows01 server, TargetUbuntu01 server, and the IP default gateway router?
TargetWindows01 server – 172.30.0.8
TargetUbuntu01 server – 172.30.0.4
IP default gateway router – 172.30.0.1
3. Did the targeted IP hosts respond to the ICMP echo-request packet with an ICMP echo-reply packet when you initiated the “ping” command at your DOS prompt? If yes, how many ICMP echo-request packets were sent back to the IP source?
Yes, 4 packets were sent, and all four returned.
4. If you ping the TargetWindows01 server and the UbuntuTarget01 server, which fields in the ICMP echo-request/echo-replies vary?
The TTL (Time to Live) fields vary.
5. What is the command line syntax for running an “Intense Scan” with Zenmap on a target subnet of 172.30.0.0/24?
NMAP-T4-A-V-PE-PS22, 25, 80,-PA21, 23, 80, 3389, 172.30.0.0/24
6. Name at least five different scans that may be performed from the Zenmap GUI. Document under what circumstances you would choose to run those particular scans.
Ping Scan – scans if pings work
Quick Scan – quick network scan
Intense Scan – run a deep network scan
Regular Scan – normal (moderate) scan
Quick Traceroute – quickly scans router hops
7. How many different tests (i.e., scripts) did your “Intense Scan” definition perform? List them all after reviewing the scan report. There were 36 scans
8. Describe what each of these tests or scripts performs within the Zenmap GUI (Nmap) scan report.
SYN Stealth Scan
RPC Grind Scan
9. How many total IP hosts (not counting Cisco device interfaces) did Zenmap GUI (Nmap) find on the network?
6 IP hosts were found.
10. Based on your Nmap scan results and initial reconnaissance and probing, what next steps would you perform on the VSCL target machines?
Port Scan and Vulnerability assessment