H 5: Nmap (15 pts + 25 pts extra credit)

What You Need for This Project

Starting the Virtual Machines

As you did in the previous projects, start both the Linux and Windows Server 2016 virtual machines.

Log in to with:

Log in to Windows with:

Testing Windows Networking

On your Windows Server 2016 desktop, at the lower left, click the magnifying glass icon. In the Search box, type CMD.

"Command Prompt" is found, as shown below.

Click "Command Prompt".

In the Command Prompt window, execute this command, as shown below.

ping google.com
You should see replies, as shown below. If you do not, perform the "Troubleshooting" steps in the box below.

Turning Off Windows Firewall

At the lower left of the Windows desktop, click the magnifying glass icon.

Type FIREWALL.

In the Search results, click "Windows Firewall", the second result in the image below.

In the Windows Firewall box, on the left side, click "Turn Windows Firewall on or off".

Check both of the boxes labelled "Turn off Windows Firewall (not recommended)", as shown below.

Click OK.

Testing Networking Between the Machines

On your Windows Server 2016 desktop, in the Command Prompt window, execute this command, as shown below.
ipconfig
Find your IP address, as shown below.

On your Linux machine, in the Terminal window, execute this command, as shown below, replacing the IP address with the IP address of your Windows Server 2016 machine.

ping 172.16.1.247
After a few seconds, press Ctrl+C to stop the pings.

You should see replies, as shown below. If you do not, perform the "Troubleshooting" steps in the box above. You should also make sure the Windows firewall is off, as explained in an earlier project.

Port-Scanning the Windows Server

On your Linux machine, in a Terminal window, execute these commands, replacing the IP address with the IP address of your Windows server:
sudo apt install nmap -y
sudo nmap 172.16.1.243
Nmap scans the most common 1000 ports. It should find port 3389 open, as shown below. You may also have other ports open.


H 5: "SERVICE" name (15 pts.)

Find the "SERVICE" name for port 3389, which is covered by a gray box in the image above. That's the flag.

Turning the Firewall On

At the lower left of the Windows desktop, click the magnifying glass icon.

Type FIREWALL.

In the Search results, click "Windows Firewall", the second result in the image below.

In the Windows Firewall box, on the left side, click "Turn Windows Firewall on or off".

Check both of the buttons labelled "Turn on Windows Firewall", and both the boxes labelled "Block all incoming connections...", as shown below.

Click OK.

Port-Scanning the Windows Server

On your machine, in a Terminal window, execute this command, replacing the IP address with the IP address of your Windows server:
nmap 172.16.1.243
Nmap now reports that all scanned ports are filtered, as shown below.

Important Nmap Options

Here is a list of all the Nmap options:

https://svn.nmap.org/nmap/docs/nmap.usage.txt

These are the most important ones:

Scanning Your Windows Server

Turn the Windows fireall off again.

Scan your Windows server with operating system detection, and then scan UDP port 53.

Your results should be similar to those shown below.


H 5.1: My packets are your packets. (10 pts.)

Find the TCP port on the ad.samsclass.info server that returns this banner: "My packets are your packets."

That port number is the flag.


H 5.2: My packets are your packets. (15 pts.)

Find the TCP port on the ad.samsclass.info server that returns this banner: "The key to the Universe."

That port number is the flag.


Moved to local server 3-21-19
Forms removed 7-9-19