GRP1- GRP1 Task 1: Nmap and Wireshark
A. When using Nmap to scan the 192.168.27.0/24 network; I noticed eight connected
hosts. I used Zenmap to view the topology for the network and it is a star topology.
, B. The vulnerabilities and their implications based on my Nmap results were:
Port 21; File Transfer Protocol (FTP). FTP is used for file transfer, but it does not
feature encryption. An attacker can easily launch a man-in-the-middle attack and
eavesdrop during the file transfer. They can also use the man-in-the-middle attack
to modify the data.
o Vulnerable host: 192.168.27.15
Port 22; SSH. It may be convenient for an administrator to connect remotely through
SSH, but SSH can be accessed by unauthorized users. If SSH is not properly secured,
an attacker can brute force login credentials and be successful. This would give the
attacker access to the numerous hosts that have the port activated.
o Vulnerable hosts: 192.168.27.14; 192.168.27.17; 192.168.27.20;
192.168.27.132
Port 23; Telnet. Hackers or malicious actors can see if port 23 is active then
silently sniff the network. Then, worms can be launched to the hosts unknowingly
and expose data to a remote attacker.
o Vulnerable host: 192.168.27.1
Port 80; (HTTP). HTTP is a common port for accessing web pages and
transmitting information in clear text. It is vulnerable to SQL injections, cross-site
request forgeries, cross-site scripting and buffer overruns. (Greer, 2018)
o Vulnerable host: 192.168.27.17
Port 135 and 445; Server Message Block (SMB). Port 139 is used for file and
printer sharing and considered to be a vulnerability. If attackers this port to be
active, they can run the ‘nbtstat’ diagnostic tool. The command can reveal critical
information such as the computer name, list of names resolved by WINS, and IP
addresses. The information gathered from this diagnostic would allow an attacker to
load freeware without the knowledge of the owner. Port 445 an application layer
protocol used for offering shared access to file, printers, and serial ports. Because
SMB is used by Microsoft Windows computers. This port makes it apparent to
attackers that they can launch NetBIOS worms silently and these worms spread
themselves viciously, joining massive “Bot Armies”. (Hemant, 2018)
o Vulnerable hosts: 192.168.27.1; 192.168.27.10
A. When using Nmap to scan the 192.168.27.0/24 network; I noticed eight connected
hosts. I used Zenmap to view the topology for the network and it is a star topology.
, B. The vulnerabilities and their implications based on my Nmap results were:
Port 21; File Transfer Protocol (FTP). FTP is used for file transfer, but it does not
feature encryption. An attacker can easily launch a man-in-the-middle attack and
eavesdrop during the file transfer. They can also use the man-in-the-middle attack
to modify the data.
o Vulnerable host: 192.168.27.15
Port 22; SSH. It may be convenient for an administrator to connect remotely through
SSH, but SSH can be accessed by unauthorized users. If SSH is not properly secured,
an attacker can brute force login credentials and be successful. This would give the
attacker access to the numerous hosts that have the port activated.
o Vulnerable hosts: 192.168.27.14; 192.168.27.17; 192.168.27.20;
192.168.27.132
Port 23; Telnet. Hackers or malicious actors can see if port 23 is active then
silently sniff the network. Then, worms can be launched to the hosts unknowingly
and expose data to a remote attacker.
o Vulnerable host: 192.168.27.1
Port 80; (HTTP). HTTP is a common port for accessing web pages and
transmitting information in clear text. It is vulnerable to SQL injections, cross-site
request forgeries, cross-site scripting and buffer overruns. (Greer, 2018)
o Vulnerable host: 192.168.27.17
Port 135 and 445; Server Message Block (SMB). Port 139 is used for file and
printer sharing and considered to be a vulnerability. If attackers this port to be
active, they can run the ‘nbtstat’ diagnostic tool. The command can reveal critical
information such as the computer name, list of names resolved by WINS, and IP
addresses. The information gathered from this diagnostic would allow an attacker to
load freeware without the knowledge of the owner. Port 445 an application layer
protocol used for offering shared access to file, printers, and serial ports. Because
SMB is used by Microsoft Windows computers. This port makes it apparent to
attackers that they can launch NetBIOS worms silently and these worms spread
themselves viciously, joining massive “Bot Armies”. (Hemant, 2018)
o Vulnerable hosts: 192.168.27.1; 192.168.27.10
