Chat with us, powered by LiveChat Nova Annandale Campus Port and Vulnerability Scan Data Paper | acewriters
+1(978)310-4246 credencewriters@gmail.com
  

Professor has assigned you the task to review the port and vulnerability scan data recently gathered from a typical system to determine what ports and services are exposed to attackers, and what vulnerabilities exist on that system. Required Resources Access to the Internet Text sheet: Zenmap Intense Scan Results Tasks 1. Analyze the results of the Zenmap scan. Your report must answer the following questions: What are the first five open ports as identified by the Zenmap scan? Include the port number Include the service name include a brief description of how each is used 2. The Nessus scan identified two critical vulnerabilities, identified as ID 32314 and ID 33850. Research the vulnerabilities against the Common Vulnerabilities and Exposure (CVE) database. Include the name and a brief description of each vulnerability. 3. Determine what can be done to protect the system and defend the campus network against attempts to gather data, and to resolve vulnerabilities. Also determine which ports and services likely need to remain open. 4. Write a report targeted at IT management and systems administration staff explaining the vulnerabilities and protection mechanisms that Aim Higher College should adopt, which will be applied to all similar systems at the college. Submission Requirements Format: Microsoft Word (or compatible) Font: Times New Roam, size 12, double-space Citation Style: APALength: 2 to 4 pages
hacking_ts_zenmapscan.pdf

Unformatted Attachment Preview

Zenmap Intense Scan Results
This document is required to complete part of the course-wide project. The following are results of an
Intense Scan performed in Zenmap.
Starting Nmap 6.40 ( http://nmap.org ) at 2018-08-04 09:20 Pacific Daylight
Time
NSE: Loaded 110 scripts for scanning.
NSE: Script Pre-scanning.
Initiating ARP Ping Scan at 09:20
Scanning 172.30.0.30 [1 port]
Completed ARP Ping Scan at 09:20, 0.23s elapsed (1 total hosts)
Initiating SYN Stealth Scan at 09:20
Scanning 172.30.0.30 [1000 ports]
Discovered open port 139/tcp on 172.30.0.30
Discovered open port 53/tcp on 172.30.0.30
Discovered open port 23/tcp on 172.30.0.30
Discovered open port 5900/tcp on 172.30.0.30
Discovered open port 3306/tcp on 172.30.0.30
Discovered open port 445/tcp on 172.30.0.30
Discovered open port 80/tcp on 172.30.0.30
Discovered open port 21/tcp on 172.30.0.30
Discovered open port 111/tcp on 172.30.0.30
Discovered open port 22/tcp on 172.30.0.30
Discovered open port 25/tcp on 172.30.0.30
Discovered open port 8180/tcp on 172.30.0.30
Discovered open port 1524/tcp on 172.30.0.30
Discovered open port 8009/tcp on 172.30.0.30
Discovered open port 6667/tcp on 172.30.0.30
Discovered open port 5432/tcp on 172.30.0.30
Discovered open port 514/tcp on 172.30.0.30
Discovered open port 1099/tcp on 172.30.0.30
Discovered open port 6000/tcp on 172.30.0.30
Discovered open port 2121/tcp on 172.30.0.30
Discovered open port 2049/tcp on 172.30.0.30
Discovered open port 513/tcp on 172.30.0.30
Discovered open port 512/tcp on 172.30.0.30
Completed SYN Stealth Scan at 09:20, 0.41s elapsed (1000 total ports)
Initiating Service scan at 09:20
Scanning 23 services on 172.30.0.30
Completed Service scan at 09:20, 11.16s elapsed (23 services on 1 host)
Initiating OS detection (try #1) against 172.30.0.30
mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is
disabled. Try using –system-dns or specify valid servers with –dns-servers
NSE: Script scanning 172.30.0.30.
Initiating NSE at 09:21
Completed NSE at 09:21, 31.80s elapsed
Nmap scan report for 172.30.0.30
© 2020 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com
Page 1
Zenmap Intense Scan Results
Host is up (0.0022s latency).
Not shown: 977 closed ports
PORT
STATE SERVICE
VERSION
21/tcp
open ftp
vsftpd 2.3.4
|_ftp-anon: Anonymous FTP login allowed (FTP code 230)
22/tcp
open ssh
OpenSSH 4.7p1 Debian 8ubuntu1 (protocol 2.0)
| ssh-hostkey: 1024 60:0f:cf:e1:c0:5f:6a:74:d6:90:24:fa:c4:d5:6c:cd (DSA)
|_2048 56:56:24:0f:21:1d:de:a7:2b:ae:61:b1:24:3d:e8:f3 (RSA)
23/tcp
open telnet
Linux telnetd
25/tcp
open smtp
Postfix smtpd
|_smtp-commands: metasploitable.localdomain, PIPELINING, SIZE 10240000, VRFY,
ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN,
| ssl-cert: Subject: commonName=ubuntu804base.localdomain/organizationName=OCOSA/stateOrProvinceName=There is no such
thing outside US/countryName=XX
| Issuer: commonName=ubuntu804base.localdomain/organizationName=OCOSA/stateOrProvinceName=There is no such
thing outside US/countryName=XX
| Public Key type: rsa
| Public Key bits: 1024
| Not valid before: 2010-03-17T13:07:45+00:00
| Not valid after: 2010-04-16T13:07:45+00:00
| MD5:
dcd9 ad90 6c8f 2f73 74af 383b 2540 8828
|_SHA-1: ed09 3088 7066 03bf d5dc 2373 99b4 98da 2d4d 31c6
|_ssl-date: 2018-08-04T16:20:12+00:00; -50s from local time.
53/tcp
open domain
ISC BIND 9.4.2
| dns-nsid:
|_ bind.version: 9.4.2
80/tcp
open http
Apache httpd 2.2.8 ((Ubuntu) DAV/2)
|_http-methods: No Allow or Public header in OPTIONS response (status code
200)
|_http-title: Metasploitable2 – Linux
111/tcp open rpcbind
2 (RPC #100000)
| rpcinfo:
|
program version
port/proto service
|
100000 2
111/tcp rpcbind
|
100000 2
111/udp rpcbind
|
100003 2,3,4
2049/tcp nfs
|
100003 2,3,4
2049/udp nfs
|
100005 1,2,3
46502/udp mountd
|
100005 1,2,3
59389/tcp mountd
|
100021 1,3,4
42125/tcp nlockmgr
|
100021 1,3,4
58483/udp nlockmgr
|
100024 1
37968/tcp status
|_ 100024 1
53793/udp status
139/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
445/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP)
© 2020 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com
Page 2
Zenmap Intense Scan Results
512/tcp open exec
netkit-rsh rexecd
513/tcp open login?
514/tcp open shell?
1099/tcp open java-rmi
Java RMI Registry
1524/tcp open shell
Metasploitable root shell
2049/tcp open nfs
2-4 (RPC #100003)
2121/tcp open ftp
ProFTPD 1.3.1
3306/tcp open mysql
MySQL 5.0.51a-3ubuntu5
| mysql-info: Protocol: 10
| Version: 5.0.51a-3ubuntu5
| Thread ID: 12
| Some Capabilities: Connect with DB, Compress, SSL, Transactions, Secure
Connection
| Status: Autocommit
|_Salt: !J1V>q@,XX0(vE
5432/tcp open postgresql PostgreSQL DB 8.3.0 – 8.3.7
5900/tcp open vnc
VNC (protocol 3.3)
| vnc-info:
|
Protocol version: 3.3
|
Security types:
|_
Unknown security type (33554432)
6000/tcp open X11
(access denied)
6667/tcp open irc
Unreal ircd
| irc-info:
|
server: irc.Metasploitable.LAN
|
version: Unreal3.2.8.1. irc.Metasploitable.LAN
|
servers: 1
|
users: 1
|
lservers: 0
|
lusers: 1
|
uptime: 0 days, 0:57:59
|
source host: A46BC482.A40F3517.714E1E9C.IP
|_ source ident: nmap
8009/tcp open ajp13
Apache Jserv (Protocol v1.3)
|_ajp-methods: Failed to get a valid response for the OPTION request
8180/tcp open http
Apache Tomcat/Coyote JSP engine 1.1
|_http-favicon: Apache Tomcat
|_http-methods: No Allow or Public header in OPTIONS response (status code
200)
|_http-title: Apache Tomcat/5.5
1 service unrecognized despite returning data. If you know the
service/version, please submit the following fingerprint at
http://www.insecure.org/cgi-bin/servicefp-submit.cgi :
SF-Port514-TCP:V=6.40%I=7%D=8/13%Time=53EB9060%P=i686-pc-windows-windows%r
SF:(NULL,33,”x01getnameinfo:x20Temporaryx20failurex20inx20namex20res
SF:olutionn”);
MAC Address: 62:BA:80:38:19:87 (Unknown)
© 2020 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com
Page 3
Zenmap Intense Scan Results
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.6
OS details: Linux 2.6.9 – 2.6.33
Uptime guess: 0.037 days (since Aug 4 08:27:52 2018)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=201 (Good luck!)
IP ID Sequence Generation: All zeros
Service Info: Hosts: metasploitable.localdomain, localhost,
irc.Metasploitable.LAN; OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel
Host script results:
| nbstat:
|
NetBIOS name: METASPLOITABLE, NetBIOS user: , NetBIOS MAC:

|
Names
|
METASPLOITABLE<00>
Flags:
|
METASPLOITABLE<03>
Flags:
|
METASPLOITABLE<20>
Flags:
|
x01x02__MSBROWSE__x02<01> Flags:
|
WORKGROUP<00>
Flags:
|
WORKGROUP<1d>
Flags:
|_
WORKGROUP<1e>
Flags:
| smb-os-discovery:
|
OS: Unix (Samba 3.0.20-Debian)
|
NetBIOS computer name:
|
Workgroup: WORKGROUP
|_ System time: 2018-08-04T12:20:12-04:00
TRACEROUTE
HOP RTT
ADDRESS
1
2.16 ms 172.30.0.30
NSE: Script Post-scanning.
Initiating NSE at 09:21
Completed NSE at 09:21, 0.00s elapsed
Read data files from: C:Program Files (x86)Nmap
OS and Service detection performed. Please report any incorrect results at
http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 55.81 seconds
Raw packets sent: 1020 (45.626KB) | Rcvd: 1016 (41.430KB)
© 2020 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com
Page 4

Purchase answer to see full
attachment

error: Content is protected !!