IT542 Assignment Unit1 1
Unit 1 Assignment
Part I
1. NMap scans conducted on two Windows Machines.
a. Detecting open ports in Windows 2003
b. Scanning for vulnerabilities in port 445 in Windows 2003.
c. Detecting that MS08-067 system is vulnerable in Window 2003.
d. Detecting open ports in Windows 2008
e. Scanning for vulnerabilities in port 139 in Window 2008.
f. Detecting that Windows 2008 is vulnerable to SMBv2 DOS attacks.
2. ClamWin is used to clean at-risk systems.
a. Virus scan results for TargetWindows01.
b. Shutdown Event Tracker dialog box from TargetWindows02.
c. Virus scan results for TargetWindows02.
3. Vulnerable open ports removed from Windows Server 2003.
a. This screenshot demonstrate that the only port left open is the remote desktop port tcp 3389. All other open ports are been removed from Window 2003.
4. Vulnerable open ports removed from Windows Server 2008.
a. Demonstrate that the enable inbound rule are set for Windows 2008.
b. This screenshot demonstrate that the only two port left open is the remote desktop port tcp 3389, and 80 http. All other open ports are been removed from Window 2008.
Parts II
1. What is the first Nmap command you ran in this lab? Explain the switches used.
The command I ran was NMAP with –O and –v 10.20.100.50. The –O represent the operating system of the IP 10.20.100.50, and –v represent view details of the open ports.
2. What are the open ports when scanning 192.168.3.25 and their service names?
The name of the open ports are 80 Hypertext Transfer Protocol, port 445 Microsoft AD Active Directory Service, 135 MSRPC, and port 139 NetBios.
3. What is the command line syntax for running an SMB vulnerability scan with Nmap against 10.20.100.50?
The command run per the laboratory is nma-p --script=smb-check -vulns -p445 --script=smb-check-vulns -p445.
4. Explain why SMBv2 DoS (CVE-2009-3103) is bad.
Yes, SMBv2 DoS is bad it expose the operating system to the remote execution.
5. What is the operating system of
Part I
1. NMap scans conducted on two Windows Machines.
a. Detecting open ports in Windows 2003
b. Scanning for vulnerabilities in port 445 in Windows 2003.
c. Detecting that MS08-067 system is vulnerable in Window 2003.
d. Detecting open ports in Windows 2008
e. Scanning for vulnerabilities in port 139 in Window 2008.
f. Detecting that Windows 2008 is vulnerable to SMBv2 DOS attacks.
2. ClamWin is used to clean at-risk systems.
a. Virus scan results for TargetWindows01.
b. Shutdown Event Tracker dialog box from TargetWindows02.
c. Virus scan results for TargetWindows02.
3. Vulnerable open ports removed from Windows Server 2003.
a. This screenshot demonstrate that the only port left open is the remote desktop port tcp 3389. All other open ports are been removed from Window 2003.
4. Vulnerable open ports removed from Windows Server 2008.
a. Demonstrate that the enable inbound rule are set for Windows 2008.
b. This screenshot demonstrate that the only two port left open is the remote desktop port tcp 3389, and 80 http. All other open ports are been removed from Window 2008.
Parts II
1. What is the first Nmap command you ran in this lab? Explain the switches used.
The command I ran was NMAP with –O and –v 10.20.100.50. The –O represent the operating system of the IP 10.20.100.50, and –v represent view details of the open ports.
2. What are the open ports when scanning 192.168.3.25 and their service names?
The name of the open ports are 80 Hypertext Transfer Protocol, port 445 Microsoft AD Active Directory Service, 135 MSRPC, and port 139 NetBios.
3. What is the command line syntax for running an SMB vulnerability scan with Nmap against 10.20.100.50?
The command run per the laboratory is nma-p --script=smb-check -vulns -p445 --script=smb-check-vulns -p445.
4. Explain why SMBv2 DoS (CVE-2009-3103) is bad.
Yes, SMBv2 DoS is bad it expose the operating system to the remote execution.
5. What is the operating system of