Chat with us, powered by LiveChat Nova Annandale Campus Port and Vulnerability Scan Data Paper | acewriters

Professor has assigned you the task to review the port and vulnerability scan data recently gathered from a typical system to determine what ports and services are exposed to attackers, and what vulnerabilities exist on that system. Required Resources Access to the Internet Text sheet: Zenmap Intense Scan Results Tasks 1. Analyze the results of the Zenmap scan. Your report must answer the following questions: What are the first five open ports as identified by the Zenmap scan? Include the port number Include the service name include a brief description of how each is used 2. The Nessus scan identified two critical vulnerabilities, identified as ID 32314 and ID 33850. Research the vulnerabilities against the Common Vulnerabilities and Exposure (CVE) database. Include the name and a brief description of each vulnerability. 3. Determine what can be done to protect the system and defend the campus network against attempts to gather data, and to resolve vulnerabilities. Also determine which ports and services likely need to remain open. 4. Write a report targeted at IT management and systems administration staff explaining the vulnerabilities and protection mechanisms that Aim Higher College should adopt, which will be applied to all similar systems at the college. Submission Requirements Format: Microsoft Word (or compatible) Font: Times New Roam, size 12, double-space Citation Style: APALength: 2 to 4 pages

Unformatted Attachment Preview

Zenmap Intense Scan Results
This document is required to complete part of the course-wide project. The following are results of an
Intense Scan performed in Zenmap.
Starting Nmap 6.40 ( ) at 2018-08-04 09:20 Pacific Daylight
NSE: Loaded 110 scripts for scanning.
NSE: Script Pre-scanning.
Initiating ARP Ping Scan at 09:20
Scanning [1 port]
Completed ARP Ping Scan at 09:20, 0.23s elapsed (1 total hosts)
Initiating SYN Stealth Scan at 09:20
Scanning [1000 ports]
Discovered open port 139/tcp on
Discovered open port 53/tcp on
Discovered open port 23/tcp on
Discovered open port 5900/tcp on
Discovered open port 3306/tcp on
Discovered open port 445/tcp on
Discovered open port 80/tcp on
Discovered open port 21/tcp on
Discovered open port 111/tcp on
Discovered open port 22/tcp on
Discovered open port 25/tcp on
Discovered open port 8180/tcp on
Discovered open port 1524/tcp on
Discovered open port 8009/tcp on
Discovered open port 6667/tcp on
Discovered open port 5432/tcp on
Discovered open port 514/tcp on
Discovered open port 1099/tcp on
Discovered open port 6000/tcp on
Discovered open port 2121/tcp on
Discovered open port 2049/tcp on
Discovered open port 513/tcp on
Discovered open port 512/tcp on
Completed SYN Stealth Scan at 09:20, 0.41s elapsed (1000 total ports)
Initiating Service scan at 09:20
Scanning 23 services on
Completed Service scan at 09:20, 11.16s elapsed (23 services on 1 host)
Initiating OS detection (try #1) against
mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is
disabled. Try using –system-dns or specify valid servers with –dns-servers
NSE: Script scanning
Initiating NSE at 09:21
Completed NSE at 09:21, 31.80s elapsed
Nmap scan report for
© 2020 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
Page 1
Zenmap Intense Scan Results
Host is up (0.0022s latency).
Not shown: 977 closed ports
open ftp
vsftpd 2.3.4
|_ftp-anon: Anonymous FTP login allowed (FTP code 230)
open ssh
OpenSSH 4.7p1 Debian 8ubuntu1 (protocol 2.0)
| ssh-hostkey: 1024 60:0f:cf:e1:c0:5f:6a:74:d6:90:24:fa:c4:d5:6c:cd (DSA)
|_2048 56:56:24:0f:21:1d:de:a7:2b:ae:61:b1:24:3d:e8:f3 (RSA)
open telnet
Linux telnetd
open smtp
Postfix smtpd
|_smtp-commands: metasploitable.localdomain, PIPELINING, SIZE 10240000, VRFY,
| ssl-cert: Subject: commonName=ubuntu804base.localdomain/organizationName=OCOSA/stateOrProvinceName=There is no such
thing outside US/countryName=XX
| Issuer: commonName=ubuntu804base.localdomain/organizationName=OCOSA/stateOrProvinceName=There is no such
thing outside US/countryName=XX
| Public Key type: rsa
| Public Key bits: 1024
| Not valid before: 2010-03-17T13:07:45+00:00
| Not valid after: 2010-04-16T13:07:45+00:00
| MD5:
dcd9 ad90 6c8f 2f73 74af 383b 2540 8828
|_SHA-1: ed09 3088 7066 03bf d5dc 2373 99b4 98da 2d4d 31c6
|_ssl-date: 2018-08-04T16:20:12+00:00; -50s from local time.
open domain
ISC BIND 9.4.2
| dns-nsid:
|_ bind.version: 9.4.2
open http
Apache httpd 2.2.8 ((Ubuntu) DAV/2)
|_http-methods: No Allow or Public header in OPTIONS response (status code
|_http-title: Metasploitable2 – Linux
111/tcp open rpcbind
2 (RPC #100000)
| rpcinfo:
program version
port/proto service
100000 2
111/tcp rpcbind
100000 2
111/udp rpcbind
100003 2,3,4
2049/tcp nfs
100003 2,3,4
2049/udp nfs
100005 1,2,3
46502/udp mountd
100005 1,2,3
59389/tcp mountd
100021 1,3,4
42125/tcp nlockmgr
100021 1,3,4
58483/udp nlockmgr
100024 1
37968/tcp status
|_ 100024 1
53793/udp status
139/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
445/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
© 2020 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
Page 2
Zenmap Intense Scan Results
512/tcp open exec
netkit-rsh rexecd
513/tcp open login?
514/tcp open shell?
1099/tcp open java-rmi
Java RMI Registry
1524/tcp open shell
Metasploitable root shell
2049/tcp open nfs
2-4 (RPC #100003)
2121/tcp open ftp
ProFTPD 1.3.1
3306/tcp open mysql
MySQL 5.0.51a-3ubuntu5
| mysql-info: Protocol: 10
| Version: 5.0.51a-3ubuntu5
| Thread ID: 12
| Some Capabilities: Connect with DB, Compress, SSL, Transactions, Secure
| Status: Autocommit
|_Salt: !J1V>q@,XX0(vE
5432/tcp open postgresql PostgreSQL DB 8.3.0 – 8.3.7
5900/tcp open vnc
VNC (protocol 3.3)
| vnc-info:
Protocol version: 3.3
Security types:
Unknown security type (33554432)
6000/tcp open X11
(access denied)
6667/tcp open irc
Unreal ircd
| irc-info:
server: irc.Metasploitable.LAN
version: Unreal3.2.8.1. irc.Metasploitable.LAN
servers: 1
users: 1
lservers: 0
lusers: 1
uptime: 0 days, 0:57:59
source host: A46BC482.A40F3517.714E1E9C.IP
|_ source ident: nmap
8009/tcp open ajp13
Apache Jserv (Protocol v1.3)
|_ajp-methods: Failed to get a valid response for the OPTION request
8180/tcp open http
Apache Tomcat/Coyote JSP engine 1.1
|_http-favicon: Apache Tomcat
|_http-methods: No Allow or Public header in OPTIONS response (status code
|_http-title: Apache Tomcat/5.5
1 service unrecognized despite returning data. If you know the
service/version, please submit the following fingerprint at :
MAC Address: 62:BA:80:38:19:87 (Unknown)
© 2020 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
Page 3
Zenmap Intense Scan Results
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.6
OS details: Linux 2.6.9 – 2.6.33
Uptime guess: 0.037 days (since Aug 4 08:27:52 2018)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=201 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: Hosts: metasploitable.localdomain, localhost,
irc.Metasploitable.LAN; OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel
Host script results:
| nbstat:

x01x02__MSBROWSE__x02<01> Flags:
| smb-os-discovery:
OS: Unix (Samba 3.0.20-Debian)
NetBIOS computer name:
Workgroup: WORKGROUP
|_ System time: 2018-08-04T12:20:12-04:00
2.16 ms
NSE: Script Post-scanning.
Initiating NSE at 09:21
Completed NSE at 09:21, 0.00s elapsed
Read data files from: C:Program Files (x86)Nmap
OS and Service detection performed. Please report any incorrect results at .
Nmap done: 1 IP address (1 host up) scanned in 55.81 seconds
Raw packets sent: 1020 (45.626KB) | Rcvd: 1016 (41.430KB)
© 2020 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
Page 4

Purchase answer to see full

error: Content is protected !!