Fall 2013: Computer Science 347
Keywords: backtrack, fingerprinting/footprinting, network discovery
-
- Perform the following exercises on the localhost (ie. your cslinux account).
- Your goal is to find out as much information as possible about the red hat and backtrack VMs
-
Localhost info gathering
- uname -a: Determine system information, hostname, kernel version
- uptime: how long has the system been up
- hostname: Determine name of current system
- ifconfig: configure network interface. Displays IPs and mac addresses for current system.
- who: Users on current system. Useful for identifying unusual
activity (e.g. activity by newly created accounts or inactive accounts)
- last [-n] : Show last N users on system. Useful for identifying unusual activity in recent past.
- lsof: display currently open files, which process has them open and the processes owner.
- ps aux: see all processes running and who owns them.
- Untar backtrack VM into your directory in /virtual and start it
- Load RedHat VM
-
Recording network traffic
- (Start Wireshark (type wireshark in a terminal or find it in the applications menu)
- Go to Capture -> Interfaces -> Click on start across eth0
- Open up a new terminal and ping the red hat vm ip
- What protocol does ping utility use?
- What about traceroute? How does traceroute work?
-
nmap
- Execute the following commands from the backtrack (You can run them in zenmap or nmap)
- nmap -sP [RED_HAT IP]
- nmap -sT [RED_HAT IP]
- nmap -O [RED_HAT IP]
- nmap -sV [RED_HAT_IP]
- nmap -A [RED_HAT_IP]
- nmap -sV -T5 -A -p0-65000 [RED_HAT_IP]
- Q: What is a port number
- Q: What are the port ranges on a standard computer?
- Task: Figure out what the commands above do
- Task: List all services+versions running on the Red Hat VM
- Task: List all opened ports on the Red Hat VM