Paper
Lab #1 Assessment Questions & Answers
1.
Windows Applications
Starts As Service Y/N
Wireshark
N
FIleZilla Server Interface
Y
Nessus Client
N
Tftpd32_SE Admin
N
Nessus Server
N
Nmap Zenmap Gui
M
2.
What was the DHCP allocated source IP host address for the student VM, DHCP Server, and IP default gateway router?
IP Address………….172.30.0.58
Subnet Mask………255.255.255.0
Default Gateway….172.30.0.1
3. Did the targeted IP hosts respond to the ICMP echo-request packet with an ICMP echo-reply packet when you initiated the “ping” command at your DOS PROMPT?
Yes 4 packet responses
4. if you ping the “windowsTarget01” VM server and the UbuntuTarget01” VM, Which Server fields in the ICMP echo / Echo-replies vary?
The TTL on Windows was 128 while on Ubuntu the TTL was 64.
5. What is the command line syntax for running an “Intense Scan” with ZenMap on a target subnet of 172.30.0.0/24?
Nmap –T4 –A –V –PE –PS22, 25, 80 –PA21, 23, 80, 3389 10.96.109.30
6. Name at least 5 different scans that may be performed from the ZenMap GUI and document under what circumstances you would choose to run those particular scans.
1.. Ping Scan
2. Quick Scan
3. Intense Scan
4.. Regular Scan
5. Intense Scan, No Ping
7. How many different tests did your “Intense Scan” definition perform? List them all after reviewing the scan report.
1. 36
2. Nbstat
3. Smb-os-discovery
4. Smbv2-enabled
8. Describe what each of these tests or scripts performs within the ZenMap GUI (Nmap) scan report.
1. Nbstat gets the NetBIOS name, NetBIOS User, and NetBIOS MAC.
2. Smb-os-discovery gets the OS, name and system time.
3. Smbv2-enabled is a protocol that 10.96.109.30 does not support.
How many total IP hosts did ZenMap GUI (Namp) find on the network?
1) 1
10. Based on your Nmap scan results and initial reconnaissance & probing, what next steps would you perform on the VM server farm and VM workstation targets?
1. Intense Scan, No
1.
Windows Applications
Starts As Service Y/N
Wireshark
N
FIleZilla Server Interface
Y
Nessus Client
N
Tftpd32_SE Admin
N
Nessus Server
N
Nmap Zenmap Gui
M
2.
What was the DHCP allocated source IP host address for the student VM, DHCP Server, and IP default gateway router?
IP Address………….172.30.0.58
Subnet Mask………255.255.255.0
Default Gateway….172.30.0.1
3. Did the targeted IP hosts respond to the ICMP echo-request packet with an ICMP echo-reply packet when you initiated the “ping” command at your DOS PROMPT?
Yes 4 packet responses
4. if you ping the “windowsTarget01” VM server and the UbuntuTarget01” VM, Which Server fields in the ICMP echo / Echo-replies vary?
The TTL on Windows was 128 while on Ubuntu the TTL was 64.
5. What is the command line syntax for running an “Intense Scan” with ZenMap on a target subnet of 172.30.0.0/24?
Nmap –T4 –A –V –PE –PS22, 25, 80 –PA21, 23, 80, 3389 10.96.109.30
6. Name at least 5 different scans that may be performed from the ZenMap GUI and document under what circumstances you would choose to run those particular scans.
1.. Ping Scan
2. Quick Scan
3. Intense Scan
4.. Regular Scan
5. Intense Scan, No Ping
7. How many different tests did your “Intense Scan” definition perform? List them all after reviewing the scan report.
1. 36
2. Nbstat
3. Smb-os-discovery
4. Smbv2-enabled
8. Describe what each of these tests or scripts performs within the ZenMap GUI (Nmap) scan report.
1. Nbstat gets the NetBIOS name, NetBIOS User, and NetBIOS MAC.
2. Smb-os-discovery gets the OS, name and system time.
3. Smbv2-enabled is a protocol that 10.96.109.30 does not support.
How many total IP hosts did ZenMap GUI (Namp) find on the network?
1) 1
10. Based on your Nmap scan results and initial reconnaissance & probing, what next steps would you perform on the VM server farm and VM workstation targets?
1. Intense Scan, No