NT 2580
1. Name at least five applications and tools pre-loaded on the Windows 2008 Server Target VM (VM Name: “Windows Target02”) and identify whether that application starts as a service on the system or must be ran manually?
a.
Windows Applications Loaded
Starts as a Service Y/N
ZenMap
N
Wireshark
N
Nessus Client
N
Tftp32
N
Putty
N
Filezilla
Y
2. What was the DHCP allocated source IP host address for the student VM, DHCP Server, and IP default gateway router?
a. 172.30.0.1 But I couldn’t get this to work while on my network so I change my VM’s to Bridged so each got their own IP and then ran the software. Before that change I was having major problems trying to get them all to both send and receive the pings to all the other machines.
3. Did the targeted IP hosts respond to the ICMP echo-request packet with an ICMP echo-reply packet when you initiated the “ping” command at your DOS prompt? If yes, how many ICMP echo-request packets were sent back to the IP source?
a. Yes it did
b. Four
4. If you ping the “WindowsTarget02” VM server and the “UbuntuTarget01” VM server, which fields in the ICMP echo-request / echo-replies vary?
a. There is no variations
5. What is the command line syntax for running an “Intense Scan” with ZenMap on a target subnet of 172.30.0.0/24?
a. nmap-T4-A-v192.168.1.0/24 because I used my VM’s and home network
6. Name at least 5 different scans that may be performed from the ZenMap GUI and document under what circumstances you would choose to run those particular scans.
a. Ping, Quick, Regular, Intense, Slow Comprehensive
b. The different scans all work hand and hand with each other. Ping will give you all the machines on the network while all the other scans give you more specific details of the scan depending on what you want to check or identify as far as vulnerabilities.
7. How many different tests (i.e. scripts) did your “Intense Scan” definition perform? List them all after reviewing the scan report.
a.
a.
Windows Applications Loaded
Starts as a Service Y/N
ZenMap
N
Wireshark
N
Nessus Client
N
Tftp32
N
Putty
N
Filezilla
Y
2. What was the DHCP allocated source IP host address for the student VM, DHCP Server, and IP default gateway router?
a. 172.30.0.1 But I couldn’t get this to work while on my network so I change my VM’s to Bridged so each got their own IP and then ran the software. Before that change I was having major problems trying to get them all to both send and receive the pings to all the other machines.
3. Did the targeted IP hosts respond to the ICMP echo-request packet with an ICMP echo-reply packet when you initiated the “ping” command at your DOS prompt? If yes, how many ICMP echo-request packets were sent back to the IP source?
a. Yes it did
b. Four
4. If you ping the “WindowsTarget02” VM server and the “UbuntuTarget01” VM server, which fields in the ICMP echo-request / echo-replies vary?
a. There is no variations
5. What is the command line syntax for running an “Intense Scan” with ZenMap on a target subnet of 172.30.0.0/24?
a. nmap-T4-A-v192.168.1.0/24 because I used my VM’s and home network
6. Name at least 5 different scans that may be performed from the ZenMap GUI and document under what circumstances you would choose to run those particular scans.
a. Ping, Quick, Regular, Intense, Slow Comprehensive
b. The different scans all work hand and hand with each other. Ping will give you all the machines on the network while all the other scans give you more specific details of the scan depending on what you want to check or identify as far as vulnerabilities.
7. How many different tests (i.e. scripts) did your “Intense Scan” definition perform? List them all after reviewing the scan report.
a.