3.3.1.9 Lab – Detecting Threats and Vulnerabilities Answers

3.3.1.9 Lab – Detecting Threats and Vulnerabilities Answers

Lab – Detecting Threats and Vulnerabilities (Answers Version)

Answers Note: Red font color or gray highlights indicate text that appears in the Answers copy only.

Objectives

Use Nmap, a port scanner and network mapping tool to detect threats and vulnerabilities on a system.

Background / Scenario

Network Mapper, or Nmap, is an open source utility used for network discovery and security auditing. Administrators also use Nmap for monitoring hosts or managing service upgrade schedules. Nmap determines what hosts are available on a network, what services are running, what operating systems are running, and what packet filters or firewalls are running.

Required Resources

  • PC with Ubuntu 16.0.4 LTS installed in a VMware workstation.

Step 1: Open a terminal window in Ubuntu.

  1. Log in to Ubuntu using the following credentials:
    User: cisco
    Password: password
  2. Click on the terminal icon to open a terminal.

Step 2: Run Nmap.

At the command prompt, enter the following command to run a basic scan against this Ubuntu system:

[email protected]:~$ nmap localhost

The results are a scan of the first 1024 TCP ports.

What TCP ports are open?

____________________________________________________________________________________

Ports 22, 23, and 631

Step 3: Use administrative privileges with Nmap.

  1. Type the following command in the terminal to scan the computer’s UDP ports (remember, Ubuntu is case sensitive) and enter the password password when prompted:
    [email protected]:~$ sudo nmap –sU localhostWhat UDP ports are open?____________________________________________________________________________________
    Ports 68, 631, and 5353
  2. Type the following command in the terminal:
    [email protected]:~$ nmap –sV localhostUsing the –sV switch with the nmap command performs a version detection which you can use to research vulnerabilities.

Step 4: Capture SSH keys.

Type the following command in the terminal to initiate a script scan:

[email protected]:~$ nmap –A localhost

You captured the SSH keys for the host system. The command runs a set of scripts built into Nmap to test specific vulnerabilities.

References

Nmap: https://nmap.org/