H 5: Nmap (15 pts + 25 pts extra credit)

What You Need for This Project

Starting the Virtual Machines

As you did in the previous projects, start both the Kali Linux and Windows Server 2016 virtual machines.

Log in to Kali with:

Log in to Windows with:

Testing Windows Networking

On your Windows Server 2016 desktop, at the lower left, click the magnifying glass icon. In the Search box, type CMD.

"Command Prompt" is found, as shown below.

Click "Command Prompt".

In the Command Prompt window, execute this command, as shown below. 

ping google.com
You should see replies, as shown below. If you do not, perform the "Troubleshooting" steps in the box below.

Troubleshooting VM Networking

In VMware Workstation Player, at the top left, click Player, Manage, "Virtual Machine Settings", as shown below.

In the "Virtual Machine Settings" window, on the left side, click "Network Adapter", as shown below.

On the right side, check that these settings are correct:

  • Connected box checked
  • "Connect at power on" box checked
  • NAT selected

Turning Off Windows Firewall

At the lower left of the Windows desktop, click the magnifying glass icon.

Type FIREWALL.

In the Search results, click "Windows Firewall", the second result in the image below.

In the Windows Firewall box, on the left side, click "Turn Windows Firewall on or off".

Check both of the boxes labelled "Turn off Windows Firewall (not recommended)", as shown below.

Click OK.

Testing Kali Linux Networking

On your Kali Linux desktop, at the top left, click the second icon, as shown below, to open a Terminal window.

In the Terminal window, execute this command, as shown below. 

ping google.com
After a few seconds, press Ctrl+C to stop the pings.

You should see replies, as shown below. If you do not, perform the "Troubleshooting" steps in the box above.

Testing Networking Between the VMs

On your Windows Server 2016 desktop, in the Command Prompt window, execute this command, as shown below. 
ipconfig
Find your IP address, as shown below.

On your Kali Linux machine, in the Terminal window, execute this command, as shown below, replacing the IP address with the IP address of your Windows Server 2016 machine. 

ping 172.16.1.247
After a few seconds, press Ctrl+C to stop the pings.

You should see replies, as shown below. If you do not, perform the "Troubleshooting" steps in the box above. You should also make sure the Windows firewall is off, as explained in an earlier project.

Installing DNS and Remote Desktop

At the lower left of the Windows desktop, click the magnifying glass icon.

Type Control. Open Control Panel.

In Control Panel, in the "Programs" section, click "Turn Windows features on or off".

Server Manager launches, as shown below.

In the "Before you begin" box, click Next.

In the "Select installation type" box, click Next.

In the "Select destination server" box, click Next.

In the "Select server roles" box, check "Remote Desktop Services", as shown below.

Check "DNS Server".

A box pops up, asking "Add features that are required for DNS Server?". Click "Add Features". Click Continue.

In the "Select server roles" box, click Next.

In the "Features" box, click Next.

In the "Remote Desktop services" box, click Next.

In the "Select role services" box, check "Remote Desktop Session Host", as shown below.

A box pops up, asking "Add features that are required for Remote Desktop Session Host?". Click "Add Features".

In the "Select role services" box, click Next.

In the "DNS Server" box, click Next.

In the "Confirm installation selections" box, click Install.

Wait for the "Installation progress" to finish, as shown below. Then click Close.

At the lower left of the Windows desktop, right-click the Start button, point to "Shut down or sign out", and click "Update and restart", as shown below.

In the "Choose a reason..." box, click Continue.

When your server restarts, log in as Administrator with a password of P@ssw0rd

Port-Scanning the Windows Server

On your Kali machine, in a Terminal window, execute this command, replacing the IP address with the IP address of your Windows server: 
nmap 172.16.1.243
Nmap scans the most common 1000 ports. It should find ports 53 and 3389 open, as shown below. You may also have other ports open.

H 5: "SERVICE" name (15 pts.)

Find the "SERVICE" name for port 3389, which is covered by a gray box in the image above. That's the flag.

Turning the Firewall On

At the lower left of the Windows desktop, click the magnifying glass icon.

Type FIREWALL.

In the Search results, click "Windows Firewall", the second result in the image below.

In the Windows Firewall box, on the left side, click "Turn Windows Firewall on or off".

Check both of the buttons labelled "Turn on Windows Firewall", and both the boxes labelled "Block all incoming connections...", as shown below.

Click OK.

Port-Scanning the Windows Server

On your Kali machine, in a Terminal window, execute this command, replacing the IP address with the IP address of your Windows server: 
nmap 172.16.1.243
Nmap now reports that all scanned ports are filtered, as shown below.

Important Nmap Options

Here is a list of all the Nmap options:

https://svn.nmap.org/nmap/docs/nmap.usage.txt

These are the most important ones:

Scanning Your Windows Server

Turn the Windows fireall off again.

Scan your Windows server with operating system detection, and then scan UDP port 53.

Your results should be similar to those shown below.

H 5.1: My packets are your packets. (10 pts.)

Find the TCP port on the ad.samsclass.info server that returns this banner: "My packets are your packets."

That port number is the flag.

H 5.2: My packets are your packets. (15 pts.)

Find the TCP port on the ad.samsclass.info server that returns this banner: "The key to the Universe."

That port number is the flag.

Moved to local server 3-21-19
Forms removed 7-9-19