computer security assignment

Part 1

 Use of ping

What can ping achieve? How does it work?

Experiment with the use of ping. The simplest form of the ping command is the following.

ping ip-address

Read the help information and make notes.

man ping

Note that you are unlikely ever to need most of the qualifiers given in the man pages.

Why – in rare circumstances – might it be possible to ping a remote host but be unable to logon to it (assuming you and your machine have authentication authority to do so e.g. username)? Hint: you should be able to find the answer in the man pages.

Use of nmap

Obtain written permission from a colleague to scan his/her computer with the port-scanner nmap. Attach this written permission to your logbook.

Determine whether nmap is installed on your computer. If necessary, install nmap from a rpm file.

Experiment with the use of nmap scanning your own and your colleague’s machine. The simplest form of the nmap command is the following.

nmap ip-address

Read the help information and make notes.

man nmap

Use of the -v qualifier (for verbose output) can be helpful. Use -h or –help for help information.

Here are some questions for you to answer.

(a) What are the potential benefits of nmap?

(b) What are the potential disadvantages?

(c) What can nmap do?

(d) What does nmap do by default for a non-root user?

(e) nmap -sS performs a SYN scan. What is a SYN scan?

(f) Which scans are stealthier than a SYN scan?

(g) What scan type would be useful to determine which of a range of addresses correspond to machines that are up?

(h) What qualifier would show more information on what is running on the open ports?

(i) Which scans might be affected by ICMP rate limiting and thus appear very slow?

(j) Which scan type can deduce whether a port is filtered by a firewall?

(k) What range of ports is scanned by default?

(l) How should a range of ports be specified?

(m) What does nmap -O report?

(n) Use of the -g qualifier in nmap might allow bypassing of the ruleset of a firewall if the firewall is poorly configured. Why?

As always, make thorough notes in your logbook of everything you do and answer all questions.

Part 2 -Use of nessus

Nessus is a vulnerability scanner, rather than simply a port scanner. It can appear to be rather aggressive software. The software operates via a “client-server” mechanism, although often the client and the server are on the same computer.

See http://www.nessus.org/documentation. Read “Nessus User Guide”.

Nessus Installation & Configuration

  1. Within a terminal switch to root.
  2. Open a browser and download the Fedora 19,20 32 bit version of nessus (Nessus-5.2.5-fc16.i386.rpm) from http://www.tenable.com/products/nessus/select-your-operating-system
  3. cd /home/username/Downloads
  4. rpm -ivh Nessus-5.2.5-fc16.i386.rpm
  5. register new user at http://www.tenable.com/products/nessus-home-use your uclan address
  6. systemctl start nessusd.service
  7. then visit https://localhost:8834/
  8. Approve the security of the server to your browser.
  9. you will be prompted to create a user and password and then your registration code, this will be in an email from Tenable by this point.

Obtain written permission from a colleague to scan his/her computer with nessus. Attach this written permission to your logbook.

How does a “vulnerability scanner” differ from a “port scanner”?

Identify the IP Address of your machine.

Give the scan a name and create a the default policy.

1. Scan your computer (locahost). Go to the target-selection tab and enter the IP address of your computer. Make notes in your logbook of everything you do and the responses from nessus. What did you learn about the security of your computer?

2. Scan the computer of a colleague. Be sure to have permission in writing. What did you learn about the security of your colleague’s computer?

3. Compare the results and investigate reasons for any differences.

The reports can be downloaded as HMTL documents for future reference.

Use Browse to review progress of a particular scan then when complete click on the Reports tab.

The report can be reviewed by selecting it then using the Browse button.

Delete these scans from the reports list using the Delete button.

Discuss the tools encountered during this mini assignment and draw some conclusions about your findings.

 

Use the order calculator below and get started! Contact our live support team for any assistance or inquiry.

[order_calculator]