a when using nmap to scan the 19216827024 network i noticed eight connected hosts i
Written for
Western Governors University
C 844
All documents for this subject (3)
Seller
Follow
StudyConnect
Reviews received
Content preview
GRP1- GRP1 Task 1: Nmap and Wireshark
A. When using Nmap to scan the 192.168.27.0/24 network; I noticed eight connected
hosts. I used Zenmap to view the topology for the network and it is a star topology.
, B. The vulnerabilities and their implications based on my Nmap results were:
Port 21; File Transfer Protocol (FTP). FTP is used for file transfer, but it does not
feature encryption. An attacker can easily launch a man-in-the-middle attack and
eavesdrop during the file transfer. They can also use the man-in-the-middle attack
to modify the data.
o Vulnerable host: 192.168.27.15
Port 22; SSH. It may be convenient for an administrator to connect remotely through
SSH, but SSH can be accessed by unauthorized users. If SSH is not properly secured,
an attacker can brute force login credentials and be successful. This would give the
attacker access to the numerous hosts that have the port activated.
o Vulnerable hosts: 192.168.27.14; 192.168.27.17; 192.168.27.20;
192.168.27.132
Port 23; Telnet. Hackers or malicious actors can see if port 23 is active then
silently sniff the network. Then, worms can be launched to the hosts unknowingly
and expose data to a remote attacker.
o Vulnerable host: 192.168.27.1
Port 80; (HTTP). HTTP is a common port for accessing web pages and
transmitting information in clear text. It is vulnerable to SQL injections, cross-site
request forgeries, cross-site scripting and buffer overruns. (Greer, 2018)
o Vulnerable host: 192.168.27.17
Port 135 and 445; Server Message Block (SMB). Port 139 is used for file and
printer sharing and considered to be a vulnerability. If attackers this port to be
active, they can run the ‘nbtstat’ diagnostic tool. The command can reveal critical
information such as the computer name, list of names resolved by WINS, and IP
addresses. The information gathered from this diagnostic would allow an attacker to
load freeware without the knowledge of the owner. Port 445 an application layer
protocol used for offering shared access to file, printers, and serial ports. Because
SMB is used by Microsoft Windows computers. This port makes it apparent to
attackers that they can launch NetBIOS worms silently and these worms spread
themselves viciously, joining massive “Bot Armies”. (Hemant, 2018)
o Vulnerable hosts: 192.168.27.1; 192.168.27.10
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller StudyConnect. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.49. You're not tied to anything after your purchase.