Preview

Lab #4

Satisfactory Essays
Open Document
Open Document
451 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Lab #4
Lab #4 Compromise and Exploit a Vulnerable Microsoft Workstation
IT Security: Attack & Defense
Course Number: ISSC362

IP address for Windows vulnerable computer: 172.30.0.3
Open Ports on 172.30.0.3:
135/tcp open msrpc Microsoft Windows RPC
139/tcp open netbios-ssn
445/tcp open microsoft-ds Microsoft Windows XP microsoft-ds
1025/tcp open msrpc Microsoft Windows RPC
3389/tcp open microsoft-rdp Microsoft Terminal Service
5000/tcp open upnp Microsoft Windows UPnP
Command syntax from nmap: nmap -p 1-65535 -T4 -A -v -PE -PS22,25,80 -PA21,23,80,3389 172.30.0.3
MS08-067 vulnerability:

Here is the screen capture of the program getting caught up on step 80.

Microsoft Security Bulletin MS08-067

Downloading Windows Service Pack 2 (SP2) will eliminate the MS08-067 threat

Lab Assessment Questions & Answers
1. What are the five steps of a hacking attack?
Foot printing, Port Scanning, Network Mapping, Enumeration, Covering Tracks
2. During the reconnaissance step of the attack, describe what task Zenmap GUI performs to do passive OS fingerprinting.
Zenmap sends discreet packets of data to the host computer and asks for a response. When it gets that response it can hopefully determine what OS is on that computer by the data that was sent back.
3. What step in the hacking attack process uses Zenmap GUI?
Zenmap will be utilized during the Port Scanning phase.
4. What step in the hacking attack process identifies known vulnerabilities and exploits?
During the Enumeration Phase
5. During the scanning step of the hacking attack process, you identified known software vulnerabilities in a Windows XP Professional Workstation. List the name and number of the critical Microsoft vulnerabilities identified. What is vulnerability “MS08-067”?
MS08-067: Vulnerability in Server service could allow remote code execution. This can lead to someone gaining administrative rights who could add and delete

You May Also Find These Documents Helpful

  • Satisfactory Essays

    ISSC362 Week 2

    • 645 Words
    • 3 Pages

    During the reconnaissance step of the attack, describe what task Zenmap GUI performs to do passive OS fingerprinting.…

    • 645 Words
    • 3 Pages
    Satisfactory Essays
  • Satisfactory Essays

    15) Which of the following defines the cycle used to address Windows threats and vulnerabilities? B) Discovery-analysis-remediation…

    • 284 Words
    • 1 Page
    Satisfactory Essays
  • Good Essays

    Lab 4

    • 327 Words
    • 2 Pages

    In this lab, you used group policy objects to create a minimum password length password policy and link it…

    • 327 Words
    • 2 Pages
    Good Essays
  • Good Essays

    is4680 lab #2

    • 630 Words
    • 2 Pages

    Windows Hardening Defense, starts with the basics, Log in with least amount of privileges. Always use Firewall and AV. Monitor channels for security advisories and alerts. Know your system(s). Patch early and patch often, Unpatched Systems are the lowest of low hanging fruit. Have a patch policy documented and stick with it. Review patches as they are released and determine criticality based on the exploit, threat footprint for your system(s), and whether or not there is a POC or fully weapon exploit in the wild. When possible, test patches before rolling out in production on servers. Most clients should have automatic updates enabled for the OS and any application listening on a socket or used with untrusted data (java, adobe, browsers, etc...) Servers should be updated during maintenance windows if possible and depending on criticality (of threat and server).…

    • 630 Words
    • 2 Pages
    Good Essays
  • Good Essays

    lab 4

    • 527 Words
    • 3 Pages

    The shielding also makes the cable heavier and stiffer. Thus, it is more difficult to handle.…

    • 527 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    wk 4 lab 2

    • 403 Words
    • 1 Page

    1. Unauthorized network probing and port scanning. IP router, firewall and network appliance operation system vulnerability.…

    • 403 Words
    • 1 Page
    Satisfactory Essays
  • Satisfactory Essays

    What elements are needed in a workstation domain policy regarding use of anti-virus and malicious…

    • 1020 Words
    • 6 Pages
    Satisfactory Essays
  • Good Essays

    A security breach has been identified within a small Microsoft workgroup LAN. The workgroup consists of three primary workgroups which contain group membership lists of users within the Active Directory infrastructure that currently exists on the SMB Server that is located within the confines of the LAN structure. The security breach, which is defined as any event that results in a violation of any of the CIA (confidentiality, integrity, availability) security principles, was caused by the SMB server being accessed by an unauthorized user due to a security hole that was detected by the server software manufacturer the previous day. The security patch will not be available until possible as long as three days, but hopefully within that timeframe. In addition, the LAN administrator needs at least one week (minimum) to download, test, and install the patch.…

    • 606 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    1. Discuss common forms of attack on Microsoft systems using the text Internet, and/or your job as reference for full credit.…

    • 488 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Lab 4

    • 575 Words
    • 3 Pages

    1.List four cell structures that were common to both plant and animal cells. (4 points)…

    • 575 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    5. Refers to scanning a system for vulnerabilities and reveals information about the target that is needed to access it.…

    • 263 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Given the following list of end-user policy violations and security breaches, select three breaches and identify strategies to control and monitor each event to mitigate risk and minimize exposure.…

    • 564 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Because this is only a test deployment, you will be using a Windows 8 computer to function as the web server. In this exercise, you will install Internet Information Services on your workstation and then configure it to host two websites.…

    • 970 Words
    • 6 Pages
    Good Essays
  • Good Essays

    IS4560

    • 486 Words
    • 2 Pages

    7. Given that Apache and Internet Information Services (IIS) are the two most popular web application servers for Linux and Microsoft Windows platforms, what would you do to identify known software vulnerabilities and exploits?…

    • 486 Words
    • 2 Pages
    Good Essays
  • Powerful Essays

    Net Sec

    • 11860 Words
    • 48 Pages

    6. Name at least five different scans that may be performed from the Zenmap GUI. Document under what circumstances you would choose to run those particular scans.…

    • 11860 Words
    • 48 Pages
    Powerful Essays