cis 76 - lesson 6 - simms-teach.com · cis 76 - lesson 6 10 run and share the image mate program...
TRANSCRIPT
![Page 1: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/1.jpg)
CIS 76 - Lesson 6
Slides and lab posted WB converted from PowerPoint Print out agenda slide and annotate page numbers
Flash cards Properties Page numbers 1st minute quiz Web Calendar summary Web book pages Commands
Lab 5 posted and tested T1 on Canvas for last hour of class Copy T1 steganography file to depot directory
Backup slides, whiteboard slides, CCC info, handouts on flash drive Spare 9v battery for mic Key card for classroom door
1
Rich's lesson module checklist Last updated 10/4/2016
![Page 2: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/2.jpg)
CIS 76 - Lesson 6
CIS 76 Ethical Hacking
2
TCP/IP
Enumeration
Port Scanning
Evading Network Devices
Hacking Web Servers
Hacking Wireless Networks
Scripting and Programming
Footprinting and Social Engineering
Network and Computer Attacks
Cryptography
Embedded Operating Systems
Student Learner Outcomes 1.Defend a computer and a LAN against a variety of different types of
security attacks using a number of hands-on techniques.
2.Defend a computer and a LAN against a variety of different types of security attacks using a number of hands-on techniques.
Desktop and Server Vulnerabilities
![Page 3: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/3.jpg)
CIS 76 - Lesson 6
Introductions and Credits
3
And thanks to: • Steven Bolt at for his WASTC EH training. • Kevin Vaccaro for his CSSIA EH training and Netlab+ pods. • EC-Council for their online self-paced CEH v9 course. • Sam Bowne for his WASTC seminars, textbook recommendation and fantastic
EH website (https://samsclass.info/). • Lisa Bock for her great lynda.com EH course. • John Govsky for many teaching best practices: e.g. the First Minute quizzes,
the online forum, and the point grading system (http://teacherjohn.com/). • Google for everything else!
Rich Simms • HP Alumnus. • Started teaching in 2008 when Jim Griffin went on
sabbatical. • Rich’s site: http://simms-teach.com
![Page 4: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/4.jpg)
CIS 76 - Lesson 6
4
Student checklist for attending class
1. Browse to: http://simms-teach.com
2. Click the CIS 76 link. 3. Click the Calendar link. 4. Locate today’s lesson. 5. Find the Presentation slides for
the lesson and download for easier viewing.
6. Click the Enter virtual classroom link to join CCC Confer.
7. Log into Opus with Putty or ssh command.
Note: Blackboard Collaborate Launcher only needs to be installed once. It has already been downloaded and installed on the classroom PC’s.
![Page 5: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/5.jpg)
CIS 76 - Lesson 6
5
Downloaded PDF of Lesson Slides Google CCC Confer
CIS 76 website Calendar page One or more login
sessions to Opus
Student checklist for suggested screen layout
![Page 6: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/6.jpg)
CIS 76 - Lesson 6
6
2) Click overlapping rectangles icon. If white "Start Sharing" text is present then click it as well.
3) Click OK button.
4) Select "Share desktop" and click Share button.
1) Instructor gives you sharing privileges.
Student checklist for sharing desktop with classmates
![Page 7: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/7.jpg)
CIS 76 - Lesson 6
[ ] Preload White Board
[ ] Connect session to Teleconference
[ ] Is recording on?
[ ] Use teleconferencing, not mic
7
Session now connected to teleconference
Should be grayed out
Red dot means recording
Should change from phone handset icon to little Microphone icon and the Teleconferencing … message displayed
Rich's CCC Confer checklist - setup
![Page 8: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/8.jpg)
CIS 76 - Lesson 6
8 [ ] layout and share apps
foxit for slides chrome
putty vSphere Client
Rich's CCC Confer checklist - screen layout
![Page 9: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/9.jpg)
CIS 76 - Lesson 6
9
[ ] Video (webcam)
[ ] Make Video Follow Moderator Focus
Rich's CCC Confer checklist - webcam setup
![Page 10: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/10.jpg)
CIS 76 - Lesson 6
10
Run and share the Image Mate program just as you would any other app with CCC Confer
Elmo rotated down to view side table
Elmo rotated up to view white board
The "rotate image" button is necessary if you use both the side table and the white board. Quite interesting that they consider you to be an "expert" in order to use this button!
Rotate image button
Rotate image button
Rich's CCC Confer checklist - Elmo
![Page 11: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/11.jpg)
CIS 76 - Lesson 6
11
Universal Fix for CCC Confer: 1) Shrink (500 MB) and delete Java cache 2) Uninstall and reinstall latest Java runtime 3) http://www.cccconfer.org/support/technicalSupport.aspx
Control Panel (small icons) 500MB cache size General Tab > Settings… Delete these
Google Java download
Rich's CCC Confer checklist - universal fixes
![Page 12: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/12.jpg)
CIS 76 - Lesson 6
Start
12
![Page 13: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/13.jpg)
CIS 76 - Lesson 6
Sound Check
13
Students that dial-in should mute their line using *6 to prevent unintended noises distracting the web conference. Instructor can use *96 to mute all student lines.
![Page 14: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/14.jpg)
CIS 76 - Lesson 6
Instructor: Rich Simms Dial-in: 888-886-3951 Passcode: 136690
Karl-Heinz Benji
Jeremy
Michael W. Tim Marcos Jennifer Thomas Wes
Joshua
Email me ([email protected]) a relatively current photo of your face for 3 points extra credit
Brian
Carter
Tess
Luis
Dave R.
Nelli
Takashi
Mike C. Roberto
Ryan
David H. Deryck
Sean
Alex
Jordan
![Page 15: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/15.jpg)
CIS 76 - Lesson 6
Objectives Agenda
• Understand different types of port scans
• Look at port scan tools
• Understand vulnerability scans
• Look at vulnerability scan tools
• Questions
• Housekeeping
• Port Scanning
• Vulnerability scanning
• Assignment
• Wrap up
• Test 1
Scanning
15
![Page 16: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/16.jpg)
CIS 76 - Lesson 6
Admonition
16 Shared from cis76-newModules.pptx
![Page 17: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/17.jpg)
CIS 76 - Lesson 6
17
Unauthorized hacking is a crime.
The hacking methods and activities learned in this course can result in prison terms, large fines and lawsuits if used in an unethical manner. They may only be
used in a lawful manner on equipment you own or where you have explicit permission
from the owner.
Students that engage in any unethical, unauthorized or illegal hacking may be
dropped from the course and will receive no legal protection or help from the
instructor or the college.
![Page 18: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/18.jpg)
CIS 76 - Lesson 6
Questions
18
![Page 19: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/19.jpg)
CIS 76 - Lesson 6
Questions How this course works? Past lesson material? Previous labs?
19
Chinese Proverb
他問一個問題,五分鐘是個傻子,他不問一個問題仍然是一個傻瓜永遠。 He who asks a question is a fool for five minutes; he who does not ask a question remains a fool forever.
![Page 20: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/20.jpg)
CIS 76 - Lesson 6
In the news
20
![Page 21: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/21.jpg)
CIS 76 - Lesson 6
Recent news
1. Catfishing
21
http://www.zdnet.com/article/exclusive-inside-a-million-dollar-amazon-kindle-catfishing-scam/
![Page 22: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/22.jpg)
CIS 76 - Lesson 6
Vulnerability Summary for the Week of September 26, 2016
22 https://www.us-cert.gov/ncas/bulletins/SB16-277
![Page 23: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/23.jpg)
CIS 76 - Lesson 6
Best Practices
23
![Page 24: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/24.jpg)
CIS 76 - Lesson 6
Defense Best Practices
How to detect a phishing email
24
http://blog.inspiredelearning.com/wp-content/uploads/2014/04/phishing-infographic-full.jpg
![Page 25: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/25.jpg)
CIS 76 - Lesson 6
Housekeeping
26
![Page 26: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/26.jpg)
CIS 76 - Lesson 6
No labs due today
Test 1 will become available at 7:30 PM tonight • Open book, open notes, open computer.
• You must work alone and not help or receive help from others.
• Online timed 60 minute test using Canvas
• Online "archive watching" students that work can take it later
today but it must be completed by 11:59 PM.
• Practice test ends 30 minutes before real test starts!
Next week:
• Quiz 5
• Lab 5 is due 27
![Page 27: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/27.jpg)
CIS 76 - Lesson 6
28
Test 1
HONOR CODE: This test is open book, open notes, and open computer. HOWEVER, you must work alone. You may not discuss the test questions or answers with others during the test. You may not ask or receive assistance from anyone other than the instructor when doing this test. Likewise you may not give any assistance to anyone taking the test.
![Page 28: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/28.jpg)
CIS 76 - Lesson 6
29
This is an important source of funding for Cabrillo College. Send me an email stating you completed this Perkins/VTEA survey for three points extra credit!
http://oslab.cis.cabrillo.edu/forum/viewtopic.php?f=121&t=4176
Perkins/VTEA Survey
![Page 29: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/29.jpg)
CIS 76 - Lesson 6
Subscribe by sending an email (no subject or body) to:
• Program information
• Certification information
• Career and job information
• Short-term classes, events, lectures, tours, etc.
• Surveys
• Networking info and links
Cabrillo Networking Program Mailing list
30
![Page 30: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/30.jpg)
CIS 76 - Lesson 6
Microsoft Academic Webstore
• Microsoft software for students registered in a CIS or CS class at Cabrillo
• Available after registration is final (two weeks after first class)
31 To get to this page, go to http://simms-teach.com/resources and click on the appropriate link in the Tools and Software section
![Page 31: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/31.jpg)
CIS 76 - Lesson 6
VMware Academic Webstore
• VMware software for students registered in a CIS or CS class at Cabrillo
• Available after registration is final (two weeks after first class)
32 To get to this page, go to http://simms-teach.com/resources and click on the appropriate link in the Tools and Software section
![Page 32: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/32.jpg)
CIS 76 - Lesson 6
33
Red Pod
Blue Pod
Red and Blue VMs
Red and Blue Pods in Microlab Lab Rack
![Page 33: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/33.jpg)
CIS 76 - Lesson 6
34
Each team has their own private Google Docs document
![Page 34: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/34.jpg)
CIS 76 - Lesson 6
35
Accessing Red and Blue Pods via VLab
Send me an email if you would like to join one of the teams
![Page 35: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/35.jpg)
CIS 76 - Lesson 6
36
Scanning
![Page 36: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/36.jpg)
CIS 76 - Lesson 6
37
EC-Council Five Phases of Hacking
Phase 1 - Reconnaissance Phase 2 - Scanning Phase 3 - Gaining Access Phase 4 - Maintaining Access Phase 5 - Clearing Tracks
http://www.techrepublic.com/blog/it-security/the-five-phases-of-a-successful-network-penetration/
![Page 37: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/37.jpg)
CIS 76 - Lesson 6
38
Scanning
Objectives • Discover all open services on a host server. • Detect firewalls. • Identify vulnerabilities.
Process: • Scan all ports (not just well-know ports) and
make a list of open services. • Record evidence of firewalls (stateful or not
stateful) • Scan open services and identify the products
and versions in use. • Identify vulnerabilities in those products using
vulnerability scans and research.
![Page 38: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/38.jpg)
CIS 76 - Lesson 6
39
nmap
![Page 39: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/39.jpg)
CIS 76 - Lesson 6
40
nmap.org
https://nmap.org/book/man-port-scanning-techniques.html
![Page 40: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/40.jpg)
CIS 76 - Lesson 6
41
SANS Nmap Cheat Sheet
https://pen-testing.sans.org/blog/2013/10/08/nmap-cheat-sheet-1-0
![Page 41: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/41.jpg)
CIS 76 - Lesson 6
42
Connect
Scan
same subnet
no firewall
![Page 42: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/42.jpg)
CIS 76 - Lesson 6
43
Connect Scan
• Completes the three-way handshake • Detectable and can be logged as a TCP connection
(see example below) • Result is one of three states: Open, Closed, and
Filtered
![Page 43: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/43.jpg)
CIS 76 - Lesson 6
44
.126
“Microlab Network” 172.30.10.0/24
EH-Kali EH-Centos Web Server
.160
Target Attacker
![Page 44: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/44.jpg)
CIS 76 - Lesson 6
45
Connect Scan Firewall action = no firewall and Service = Running
[rsimms@EH-Centos ~]$ sudo service iptables status
iptables: Firewall is not running.
[rsimms@EH-Centos ~]$
[root@EH-Centos ~]# service httpd status
httpd (pid 4196) is running...
[root@EH-Centos ~]#
Victim
![Page 45: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/45.jpg)
CIS 76 - Lesson 6
46
Connect Scan Firewall action = no firewall and Service = Running
Attacker resets connection after three-way handshake completes
![Page 46: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/46.jpg)
CIS 76 - Lesson 6
47
Connect Scan Firewall action = no firewall and Service = Stopped
[rsimms@EH-Centos ~]$ sudo service iptables status
iptables: Firewall is not running.
[rsimms@EH-Centos ~]$
[rsimms@EH-Centos ~]$ sudo service httpd status
httpd is stopped
[rsimms@EH-Centos ~]$
Victim
![Page 47: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/47.jpg)
CIS 76 - Lesson 6
48
Connect Scan Firewall action = no firewall and Service = Stopped
Victim resets connection
![Page 48: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/48.jpg)
CIS 76 - Lesson 6
49
Service Firewall Result
Running no firewall Open
Stopped no firewall Closed
Connect Scan
![Page 49: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/49.jpg)
CIS 76 - Lesson 6
50
Connect
Scan
different subnets
firewall on target
![Page 50: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/50.jpg)
CIS 76 - Lesson 6
51
Connect Scan
• Completes the three-way handshake. • Detectable and can be logged as a TCP connection
(see example below). • Scan results:
• If SYN-ACK received: "open". • If RST received: "closed". • If no reply or ICMP error: "filtered".
![Page 51: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/51.jpg)
CIS 76 - Lesson 6
52
EH-Pod-05
EH-pfSense-05 gateway
and firewall
"EH-Pod-05 Network" 10.76.5.0/24
.205
.1
.150
“Microlab Network” 172.30.10.0/24
EH-Kali-05
EH-Centos Web Server
.160
Target
Attacker
![Page 52: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/52.jpg)
CIS 76 - Lesson 6
53
Connect Scan Firewall action = ACCEPT and Service = running
[root@EH-Centos ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
[root@EH-Centos ~]# service httpd status
httpd (pid 4196) is running...
[root@EH-Centos ~]#
![Page 53: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/53.jpg)
CIS 76 - Lesson 6
54
Three-way handshake completes then attacker resets connection
Connect Scan Firewall action = ACCEPT and Service = running
![Page 54: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/54.jpg)
CIS 76 - Lesson 6
55
Connect Scan Firewall action = ACCEPT and Service = stopped
[root@EH-Centos ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
[root@EH-Centos ~]# service httpd status
httpd is stopped
[root@EH-Centos ~]#
![Page 55: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/55.jpg)
CIS 76 - Lesson 6
56
Connect Scan Firewall action = ACCEPT and Service = stopped
Target responds by resetting the connection
![Page 56: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/56.jpg)
CIS 76 - Lesson 6
57
Connect Scan Firewall action = DROP and Service = Running
[root@EH-Centos ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j DROP
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
[root@EH-Centos ~]# service httpd status
httpd (pid 4196) is running...
[root@EH-Centos ~]#
![Page 57: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/57.jpg)
CIS 76 - Lesson 6
58
Connect Scan Firewall action = DROP and Service = Running
Target does not respond and attacker times-out.
![Page 58: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/58.jpg)
CIS 76 - Lesson 6
59
Connect Scan Firewall action = REJECT with error and Service = Running
[root@EH-Centos ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j REJECT --reject-with
icmp-host-prohibited
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
[root@EH-Centos ~]# service httpd status
httpd (pid 4196) is running...
[root@EH-Centos ~]#
![Page 59: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/59.jpg)
CIS 76 - Lesson 6
60
Connect Scan Firewall action = REJECT with error and Service = Running
Target replies with ICMP error
![Page 60: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/60.jpg)
CIS 76 - Lesson 6
61
Service Firewall Result
Running ACCEPT Open
Running DROP Filtered
Running REJECT Filtered
Stopped ACCEPT Closed
Stopped DROP Filtered
Stopped REJECT Filtered
Connect Scan
![Page 61: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/61.jpg)
CIS 76 - Lesson 6
62
Syn
Scan
![Page 62: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/62.jpg)
CIS 76 - Lesson 6
63
Syn Scan
• Attacker resets the connection attempt before three-way handshake can complete.
• Stealthy because connection is never created.
• Scan results: • If SYN-ACK received: "open". • If RST received: "closed". • If no reply or ICMP error: "filtered".
![Page 63: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/63.jpg)
CIS 76 - Lesson 6
64
EH-Pod-05
EH-pfSense-05 gateway
and firewall
"EH-Pod-05 Network" 10.76.5.0/24
.205
.1
.150
“Microlab Network” 172.30.10.0/24
EH-Kali-05
EH-Centos Web Server
.160
Target
Attacker
![Page 64: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/64.jpg)
CIS 76 - Lesson 6
65
Syn Scan Firewall action = ACCEPT and Service = running
[root@EH-Centos ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
[root@EH-Centos ~]# service httpd status
httpd (pid 4196) is running...
[root@EH-Centos ~]#
![Page 65: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/65.jpg)
CIS 76 - Lesson 6
66
Attacker resets connection rather than completing the three-way handshake
Syn Scan Firewall action = ACCEPT and Service = running
![Page 66: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/66.jpg)
CIS 76 - Lesson 6
67
Syn Scan Firewall action = ACCEPT and Service = stopped
[root@EH-Centos ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
[root@EH-Centos ~]# service httpd status
httpd is stopped
[root@EH-Centos ~]#
![Page 67: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/67.jpg)
CIS 76 - Lesson 6
68
Syn Scan Firewall action = ACCEPT and Service = stopped
Target port responds by resetting the connection
![Page 68: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/68.jpg)
CIS 76 - Lesson 6
69
Syn Scan Firewall action = DROP and Service = Running
[root@EH-Centos ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j DROP
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
[root@EH-Centos ~]# service httpd status
httpd (pid 4196) is running...
[root@EH-Centos ~]#
![Page 69: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/69.jpg)
CIS 76 - Lesson 6
70
Syn Scan Firewall action = DROP and Service = Running
Target does not respond and attacker times-out
![Page 70: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/70.jpg)
CIS 76 - Lesson 6
71
Syn Scan Firewall action = REJECT with error and Service = Running
[root@EH-Centos ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j REJECT --reject-with
icmp-host-prohibited
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
[root@EH-Centos ~]# service httpd status
httpd (pid 4196) is running...
[root@EH-Centos ~]#
![Page 71: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/71.jpg)
CIS 76 - Lesson 6
72
Syn Scan Firewall action = REJECT with error and Service = Running
Target replies with ICMP error
![Page 72: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/72.jpg)
CIS 76 - Lesson 6
73
Service Firewall Result
Running ACCEPT Open
Running DROP Filtered
Running REJECT Filtered
Stopped ACCEPT Closed
Stopped DROP Filtered
Stopped REJECT Filtered
Syn Scan
![Page 73: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/73.jpg)
CIS 76 - Lesson 6
74
Null, XMAS and FIN
Scans
![Page 74: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/74.jpg)
CIS 76 - Lesson 6
75
Null, XMAS, and FIN scans
• These scan types work the same way using different TCP flags.
• Scan results: • If RST received: "closed".
• If no reply: "open or filtered".
• If ICMP unreachable error is received: "filtered".
• These scan types are slightly more stealthy than a SYN
scan and may be able to evade certain non-stateful firewalls and packet filtering routers. However they can be detected by most modern IDS products.
https://nmap.org/book/man-port-scanning-techniques.html
![Page 75: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/75.jpg)
CIS 76 - Lesson 6
76
Null, XMAS, and FIN scans
"The big downside is that not all systems follow RFC 793 to
the letter. A number of systems send RST responses to the
probes regardless of whether the port is open or not. This
causes all of the ports to be labeled closed. Major operating
systems that do this are Microsoft Windows, many Cisco
devices, BSDI, and IBM OS/400. This scan does work
against most Unix-based systems though. Another downside
of these scans is that they can't distinguish open ports from
certain filtered ones, leaving you with the response
open|filtered."
https://nmap.org/book/man-port-scanning-techniques.html
![Page 76: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/76.jpg)
CIS 76 - Lesson 6
77
Null
Scan
(Linux)
![Page 77: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/77.jpg)
CIS 76 - Lesson 6
78
Null Scan
• All TCP flags are off • Result is one of two states: Closed, "Open or Filtered"
Switched to Kali on the same subnet because NULL scans didn't get through pfSense firewall
![Page 78: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/78.jpg)
CIS 76 - Lesson 6
79
.126
“Microlab Network” 172.30.10.0/24
EH-Kali EH-Centos Web Server
.160
Target Attacker
Switched to Kali on the same subnet because NULL scans didn't get through pfSense firewall
![Page 79: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/79.jpg)
CIS 76 - Lesson 6
80
Null Scan Firewall action = no firewall and Service = Running
[rsimms@EH-Centos ~]$ sudo service iptables status
iptables: Firewall is not running.
[rsimms@EH-Centos ~]$
[root@EH-Centos ~]# service httpd status
httpd (pid 4196) is running...
[root@EH-Centos ~]#
![Page 80: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/80.jpg)
CIS 76 - Lesson 6
81
No response by victim
Null Scan Firewall action = no firewall and Service = Running
![Page 81: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/81.jpg)
CIS 76 - Lesson 6
82
Null Scan Firewall action = no firewall and Service = Stopped
[root@EH-Centos ~]# service iptables status
iptables: Firewall is not running.
[root@EH-Centos ~]#
[root@EH-Centos ~]# service httpd status
httpd is stopped
[root@EH-Centos ~]#
![Page 82: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/82.jpg)
CIS 76 - Lesson 6
83
Victim resets connection
Null Scan Firewall action = no firewall and Service = Stopped
![Page 83: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/83.jpg)
CIS 76 - Lesson 6
84
Service Firewall Result
Running no firewall Open or filtered
Stopped no firewall Closed
Null Scan (Linux)
![Page 84: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/84.jpg)
CIS 76 - Lesson 6
85
Null
Scan
(Windows 7)
![Page 85: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/85.jpg)
CIS 76 - Lesson 6
86
.126
“Microlab Network” 172.30.10.0/24
EH-Kali EH-Win7 Web Server
.162
Target Attacker
Switched to Win 7 target to see how Windows implements RFC 793 (Transmission Control Protocols)
![Page 86: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/86.jpg)
CIS 76 - Lesson 6
87
Null Scan Firewall action = no firewall and Service = Running
Web service running
Firewall off
![Page 87: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/87.jpg)
CIS 76 - Lesson 6
88
Windows 7 sends reset when port is actually open
Null Scan Firewall action = no firewall and Service = Running
![Page 88: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/88.jpg)
CIS 76 - Lesson 6
89
Null Scan Firewall action = no firewall and Service = Stopped
Web service stopped
Firewall off
![Page 89: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/89.jpg)
CIS 76 - Lesson 6
90
Windows sends reset when port is closed
Null Scan Firewall action = no firewall and Service = Stopped
![Page 90: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/90.jpg)
CIS 76 - Lesson 6
91
Service Firewall Result
Running no firewall Closed
Stopped no firewall Closed
Null Scan (Windows 7)
![Page 91: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/91.jpg)
CIS 76 - Lesson 6
92
XMAS
Scan
![Page 92: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/92.jpg)
CIS 76 - Lesson 6
93
XMAS Scan
• All FIN, PSH and URG flags are on • Works like a null scan, closed port responds with reset • Result is one of two states: Closed, "Open or Filtered"
Switched to Kali on the same subnet because XMAS scans didn't get through pfSense firewall
![Page 93: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/93.jpg)
CIS 76 - Lesson 6
94
.126
“Microlab Network” 172.30.10.0/24
EH-Kali EH-Centos Web Server
.160
Target Attacker
Switched to Kali on the same subnet because NULL scans didn't get through pfSense firewall
![Page 94: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/94.jpg)
CIS 76 - Lesson 6
95
XMAS Scan Firewall action = no firewall and Service = Running
[rsimms@EH-Centos ~]$ sudo service iptables status
iptables: Firewall is not running.
[rsimms@EH-Centos ~]$
[root@EH-Centos ~]# service httpd status
httpd (pid 4196) is running...
[root@EH-Centos ~]#
![Page 95: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/95.jpg)
CIS 76 - Lesson 6
96
No response by victim
XMAS Scan Firewall action = no firewall and Service = Running
![Page 96: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/96.jpg)
CIS 76 - Lesson 6
97
XMAS Scan Firewall action = no firewall and Service = Stopped
[root@EH-Centos ~]# service iptables status
iptables: Firewall is not running.
[root@EH-Centos ~]#
[root@EH-Centos ~]# service httpd status
httpd is stopped
[root@EH-Centos ~]#
![Page 97: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/97.jpg)
CIS 76 - Lesson 6
98
Victim resets connection
XMAS Scan Firewall action = no firewall and Service = Stopped
![Page 98: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/98.jpg)
CIS 76 - Lesson 6
99
Service Firewall Result
Running no firewall Open or filtered
Stopped no firewall Closed
XMAS Scan (Linux)
![Page 99: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/99.jpg)
CIS 76 - Lesson 6
100
ACK
Scan
![Page 100: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/100.jpg)
CIS 76 - Lesson 6
101
ACK Scan
• Only the ACK flag is set. • Attempts to determine the presence of a stateful
firewall, not whether a port is open or closed. • A stateful firewall always looks for a SYN to start the
three-way handshake. • If the port responds with a reset (whether open or
closed) then it is considered unfiltered (no firewall or filter was fooled).
• If there is no response or an ICMP error message is returned then the port is considered filtered (whether open or closed).
![Page 101: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/101.jpg)
CIS 76 - Lesson 6
102
.126
“Microlab Network” 172.30.10.0/24
EH-Kali EH-Centos Web Server
.160
Target Attacker
Does EH-Centos have an active stateful firewall?
![Page 102: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/102.jpg)
CIS 76 - Lesson 6
103
ACK Scan Firewall action = no firewall and Service = Running
[root@EH-Centos ~]# service iptables status
iptables: Firewall is not running.
[root@EH-Centos ~]#
[root@EH-Centos ~]# service httpd status
httpd (pid 9055) is running...
[root@EH-Centos ~]#
![Page 103: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/103.jpg)
CIS 76 - Lesson 6
104
A reset from the victim indicates there is no stateful firewall
ACK Scan Firewall action = no firewall and Service = Running
![Page 104: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/104.jpg)
CIS 76 - Lesson 6
105
ACK Scan Firewall action = REJECT and Service = Running
[root@EH-Centos-80RunRej ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j REJECT --
reject-with icmp-host-prohibited
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
[root@EH-Centos-80RunRej ~]#
[root@EH-Centos-80RunRej ~]# service httpd status
httpd (pid 1940) is running...
[root@EH-Centos-80RunRej ~]#
![Page 105: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/105.jpg)
CIS 76 - Lesson 6
106
Getting the ICMP error implies victim has a firewall
ACK Scan Firewall action = REJECT and Service = Running
![Page 106: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/106.jpg)
CIS 76 - Lesson 6
107
ACK Scan Firewall action = ACCEPT and Service = Running
[root@EH-Centos-80RunAcc ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
[root@EH-Centos-80RunAcc ~]#
[root@EH-Centos-80RunAcc ~]# service httpd status
httpd (pid 1938) is running...
[root@EH-Centos-80RunAcc ~]#
![Page 107: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/107.jpg)
CIS 76 - Lesson 6
108
Victim has firewall that was fooled, packet made it to the open port
ACK Scan Firewall action = ACCEPT and Service = Running
![Page 108: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/108.jpg)
CIS 76 - Lesson 6
109
hping3
![Page 110: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/110.jpg)
CIS 76 - Lesson 6
111 http://www.hping.org/
hping3
"hping is a command-line oriented TCP/IP packet
assembler/analyzer. The interface is inspired to the
ping(8) unix command, but hping isn't only able to
send ICMP echo requests. It supports TCP, UDP,
ICMP and RAW-IP protocols, has a traceroute mode,
the ability to send files between a covered channel,
and many other features."
-- hping3 website
![Page 111: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/111.jpg)
CIS 76 - Lesson 6
112
hping3
![Page 112: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/112.jpg)
CIS 76 - Lesson 6
113
hping3
![Page 113: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/113.jpg)
CIS 76 - Lesson 6
114
EH-Pod-05
"EH-Pod-05 Network" 10.76.5.0/24
.150
EH-Kali-05
EH-OWASP-05 Web Server
Attacker
.101
Victim
![Page 114: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/114.jpg)
CIS 76 - Lesson 6
115
hping3
hping3 -c 2 10.76.5.101
This does two null scans of port 0 on 10.76.5.1
![Page 115: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/115.jpg)
CIS 76 - Lesson 6
116
hping3
hping3 --scan 79-84 -S 10.76.5.101
This does a SYN scan of ports 79-84
![Page 116: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/116.jpg)
CIS 76 - Lesson 6
117
hping3
hping3 --udp --rand-source --data 20 -c 5 10.76.5.101
This sends 5 UDP packets from random IP addresses (spoofing) with 20 bytes of data to eh-owasp-05
![Page 117: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/117.jpg)
CIS 76 - Lesson 6
118
hping3
hping3 -S -p 80 -c 3 10.76.5.101
This does 3 SYN scans of port 80 on eh-owasp-05. Note the connection is never completed.
![Page 118: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/118.jpg)
CIS 76 - Lesson 6
119
hping3
time hping3 -V -p 80 --rand-source --flood 10.76.5.101
This command sent 351,972 spoofed packets in three and a half seconds! --flood is "fast as you can", -V is verbose.
Only used to see how long it takes to send the packets
![Page 119: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/119.jpg)
CIS 76 - Lesson 6
120
Vulnerability
Scans
![Page 120: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/120.jpg)
CIS 76 - Lesson 6
121
Nessus
![Page 122: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/122.jpg)
CIS 76 - Lesson 6
123
nessus
https://www.tenable.com/products
"Nessus, the industry-leading vulnerability scanner,
has been adopted by millions of users worldwide.
Nessus discovers all assets on your network -- even
hard-to-find assets like containers, VMs, mobile and
guest devices – and informs you clearly and
accurately about their vulnerabilities and prioritizes
what you need to fix first. Nessus is available as
both a cloud and on-premises vulnerability scanning
and management solution."
-- Tenable website
![Page 123: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/123.jpg)
CIS 76 - Lesson 6
124
nessus
https://store.tenable.com/index.php?main_page=product_info&cPath=1&products_id=94
![Page 124: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/124.jpg)
CIS 76 - Lesson 6
125
nessus
https://www.tenable.com/products/nessus-home
![Page 125: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/125.jpg)
CIS 76 - Lesson 6
126
Nikto
![Page 126: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/126.jpg)
CIS 76 - Lesson 6
127
Nikto
https://cirt.net/nikto2
"Nikto is an Open Source (GPL) web server scanner which
performs comprehensive tests against web servers for multiple
items, including over 6700 potentially dangerous
files/programs, checks for outdated versions of over 1250
servers, and version specific problems on over 270 servers. It
also checks for server configuration items such as the presence
of multiple index files, HTTP server options, and will attempt
to identify installed web servers and software. Scan items and
plugins are frequently updated and can be automatically
updated."
- Nikto website
![Page 127: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/127.jpg)
CIS 76 - Lesson 6
128
OpenVAS
![Page 129: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/129.jpg)
CIS 76 - Lesson 6
130
OpenVAS
Doesn't come with Kali, use apt-get install openvas
![Page 134: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/134.jpg)
CIS 76 - Lesson 6
Assignment
135
![Page 135: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/135.jpg)
CIS 76 - Lesson 6
136
Lab 5 due next week
![Page 136: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/136.jpg)
CIS 76 - Lesson 6
Wrap up
138
![Page 137: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/137.jpg)
CIS 76 - Lesson 6
Next Class
Assignment: Check the Calendar Page on the web site to see what is due next week. Quiz questions for next class: Insure the apache2 service is running on your OWASP VM: • From your pod Kali, do a SYN scan of your OWASP VM, what is
the status of port 80?
• From your pod Kali, do a ACK scan on port 80 on your OWASP VM. Is a stateful firewall present?
• From your pod Kali, do a NULL scan on port 25 of your OWASP VM. Is an SMTP service running?
139
![Page 138: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/138.jpg)
CIS 76 - Lesson 6
Test 1
140
![Page 139: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/139.jpg)
CIS 76 - Lesson 6
141
[ ] Schedule end of practice test on Canvas [T-30]
[ ] Remove password on real test on Canvas [T-0]
[ ] Add Steganography file to /home/cis76/depot
cp ~/cis76/test01/bryce-76.jpg /home/cis76/depot [at job T-0]
[ ] Schedule end of real test on Canvas [at splashdown-1]
Notes to instructor
![Page 140: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/140.jpg)
CIS 76 - Lesson 6
142
![Page 141: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/141.jpg)
CIS 76 - Lesson 6
Backup
143
![Page 142: CIS 76 - Lesson 6 - simms-teach.com · CIS 76 - Lesson 6 10 Run and share the Image Mate program just as you would any other app with CCC Confer Elmo rotated down to view side table](https://reader036.vdocuments.site/reader036/viewer/2022062917/5ed7ba05498700329150e59e/html5/thumbnails/142.jpg)
CIS 76 - Lesson 6
144
Internet
EH-Pod-05
EH-pfSense-05 gateway
and firewall
"EH-Pod-05 Network" 10.76.5.0/24
.205 .1
.1
.150 “Microlab Network”
172.30.10.0/24
Opus
“Server Network” 172.30.5.0/24
NoSweat gateway
and firewall .1
EH-IRC IRC Server
.20
.163
EH-Pod-12
EH-pfSense-12 gateway
and firewall
"EH-Pod-05 Network" 10.76.12.0/24
.212 .1 .150
EH-Kali-05
EH-Kali-12
EH-Centos IRC Server
.160