Lab 5: Network Vulnerabilities & Threats Exploration for Info Security - Prof. Leszek Lili, Assignments of Computer Science

Lab assignment 5 for the computer security and information assurance course, focusing on network vulnerabilities and threats. Students are required to complete various components, including ip scanning using nmap, researching windows vulnerabilities, using a windows vulnerability scanner, exploiting web servers, investigating windows e-mail vulnerabilities, and studying denial of service attacks and the netbus trojan. Detailed instructions for each component, including estimated time, required tools, and steps to follow. Students must complete the labs in the computer security lab environment and record screenshots for their reports.

Typology: Assignments

Pre 2010

Uploaded on 07/28/2009

koofers-user-igp-1
koofers-user-igp-1 🇺🇸

10 documents

1 / 5

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CS5950: Computer Security and Information Assurance
Spring 2008 – Prof. L. Lilien – Lab TA: L.B. Othmane
Lab Assignment 5
Due date: Monday, March 31, 2008
Notation: CSLM = Computer Security Lab Manual (textbook), Win XP = Windows
XP, Win 2K = Windows 2000 Server, LA = Lab Assignment
LA5 deals with Network Vulnerabilities and Threats:
1. Component Lab 12a: Windows IP Scanning—Nmap,
2. Component Lab 13: Researching Windows Vulnerabilities,
3. Component Lab 14a: Windows Vulnerability Scanner—NeWT,
4. Component Lab 15a: Web Server Exploits—Net command,
5. Component Lab 16c: Windows E-mail Vulnerabilities,
6. Component Lab 17a: Windows Denial of Service SMBDie,
7. Component Lab 18a: Windows Netbus Trojan.
The total estimated time for this LA is 3 hrs 20 min.
Notes:
1. The LAs must be run entirely in the secure environment of the Computer Security
Lab (CEAS C-208). Running LAs in any other environment, including your own
desktop or laptop is prohibited since it may cause security threats to you or
others.
2. Bring your own CSLM textbook to the lab to follow the steps of the labs described in
CSLM.
3. Bring one empty CD-ROM and ask SCST (Student Computer Team) in CEAS C-208
for a copy of the tools that you will use for Lab 5.
The tools on the CD-ROM are:
1. nmap-4.53-setup.exe
2. ethereal-setup-0.10.14.exe
3. TenableNeWT-2.1-setup.exe
4. SMBdie.exe
5. syn_v1.6.exe
6. winpcap-nmap-4.02.exe
7. NB20Pro.exe
Please notice that one of the tools is a Trojan (NB20Pro.exe). Trojans spread
automatically and can harm your environment. So, we remind you that running this
CD-ROM in any environment other than Computer Security Lab (CEAS C-208)
is prohibited.
pf3
pf4
pf5

Partial preview of the text

Download Lab 5: Network Vulnerabilities & Threats Exploration for Info Security - Prof. Leszek Lili and more Assignments Computer Science in PDF only on Docsity!

CS5950: Computer Security and Information Assurance Spring 2008 – Prof. L. Lilien – Lab TA: L.B. Othmane

Lab Assignment 5

Due date: Monday, March 31, 2008

Notation : CSLM = Computer Security Lab Manual (textbook), Win XP = Windows XP, Win 2K = Windows 2000 Server, LA = Lab Assignment

LA5 deals with Network Vulnerabilities and Threats:

  1. Component Lab 12a: Windows IP Scanning— Nmap ,
  2. Component Lab 13: Researching Windows Vulnerabilities,
  3. Component Lab 14a: Windows Vulnerability Scanner— NeWT ,
  4. Component Lab 15a: Web Server Exploits— Net command,
  5. Component Lab 16c: Windows E-mail Vulnerabilities,
  6. Component Lab 17a: Windows Denial of Service SMBDie ,
  7. Component Lab 18a: Windows Netbus Trojan.

The total estimated time for this LA is 3 hrs 20 min.

Notes:

  1. The LAs must be run entirely in the secure environment of the Computer Security Lab (CEAS C-208). Running LAs in any other environment, including your own desktop or laptop is prohibited since it may cause security threats to you or others.
  2. Bring your own CSLM textbook to the lab to follow the steps of the labs described in CSLM.
  3. Bring one empty CD-ROM and ask SCST (Student Computer Team) in CEAS C- for a copy of the tools that you will use for Lab 5. The tools on the CD-ROM are: 1. nmap-4.53-setup.exe 2. ethereal-setup-0.10.14.exe 3. TenableNeWT-2.1-setup.exe 4. SMBdie.exe 5. syn_v1.6.exe 6. winpcap-nmap-4.02.exe 7. NB20Pro.exe Please notice that one of the tools is a Trojan (NB20Pro.exe). Trojans spread automatically and can harm your environment. So, we remind you that running this CD-ROM in any environment other than Computer Security Lab (CEAS C-208) is prohibited.
  1. Bring one empty CD-ROM for recording output of commands, tools and/or screen snapshots in the lab (to be used for your report). You will probably save indicated output and screenshots on a CD-ROM. Remember to check your CD-ROM with an anti-virus scanner in the security lab and later on your other computer. Information from the CD-ROM will be used for your report.

Lab 12a: Windows IP Scanning - Nmap (Estimated time 30’)

Run Lab 12a from CSLM.

Record onto the CD-ROM the following window shots (later include them as a single appendix of the Lab Report; call it: “Appendix: IP Scanning Windows”):

  1. The window shot of the captured session as mentioned in the CSLM – Step 3 (cf. Fig. 4.1).
  2. The window shot of the captured session as mentioned in the CSLM – Step 4 (cf. Fig. 4.2).
  3. The window shot of the captured session as mentioned in the CSLM – Step 6 using Filter ( tcp ). Also circle the connection establishment phase from the ethereal tcp shot.
  4. The window shot of the stealth scan using Nmap as mentioned in the CSLM – Step 7.

Lab 13: Researching System Vulnerabilities (Estimated Time 25’)

Look for various resources online for possible vulnerabilities that can exist on a machine.

  1. Mention some of the utilities that you found, to test for vulnerabilities of a Windows machine.

Lab 14a: Windows Vulnerability Scanner - NeWT (Estimated time 70’)

Run Lab 14a from CSLM.

Record onto the CD-ROM the following window shots (later include them as a single appendix of the Lab Report; call it: “Appendix: Windows Vulnerability Scanner”):

  1. The window shot of the captured session as mentioned in the CSLM – Step 4 (cf. Fig. 4.7).
  2. Mention the open ports and also the number of holes.
  3. What is the first hole that is listed and which plug-in discovered this hole?

Lab 15a: Web Server Exploits (Estimated time 30’)

Run Lab 15a from CSLM.

  1. Mention the port that netbus is using to connect to the target computer.
  2. The window shot of the captured session (capturing keystrokes with netbus ) as mentioned in the CSLM – Step 4 (cf. Fig. 5.10).

Requirements for Report and Demonstration for Lab Assignment 5

Your report must follow these requirements:

  1. Remember to check the CD-ROM with an anti-virus scanner in the security lab and later again on your other computer (on which you prepare report), before using data for the Lab Report.
  2. There should have a separate section in the report for each lab component of this LA. Each section might be just 1-2 paragraphs long, as long as all contents requirements are satisfied.
  3. For each component include the following: a) The actual time taken for running it (at the beginning of its section). b) What you have learned in the component. Report this in the order of the steps of the component, and indicate step number clearly. c) If you were able to achieve all expected results as specified by the CSLM scenario for the component (You might just say: “Achieved all expected results.”). If you were unable to achieve some expected results indicate this clearly. Also describe any difficulties that you have experienced. Report this in the order of the steps of the component, and indicate step number clearly. d) All required appendices for the component will follow the body of the report. Make sure that the appendices are in the order of the components. If two or more appendices are needed for a component, make sure that they appear in the order of the steps of the component to which they correspond (e.g., the appendix for Step 2 will precede the appendix for Step 3).
  4. Lab Report must be provided as a soft copy emailed in the PDF format to the Lab TA.

Note : Some students, chosen at random, might be asked to demonstrate this LA (or its portions) to the lab TA. You will be notified (most probably via email) if chosen for a demo.