Tuesday, 7 March 2023

Cyber Security - Lab -1

 




    

Information to be filled in by learner

Procedure (Write step-wise)


Observations
Write your observations of the task here


Queries about the codes/scenarios given for practice (if any to ask the facilitator)


Feedback from the Facilitator
To be filled in by facilitator


Practical Session 1 Installing and configuring Kali Linux as your workstation

 

Practical Title: Installing and configuring Kali Linux as your workstation

Problem statement

 

Installing and configuring Kali Linux as your workstation

Instructions

 

·         Either you can download the virtual image of Kali Linux from (https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-image-download/) or you can use the cloud version provided by us.

 

Objective: By the end of this practical, you will be able to successfully configure your workstation.

 

Software/s required, if any:

1.       Kali Linux

2.       Virtual Box/VMWare Player

Hardware required, if any:  NA

External references, any


Reference: 

https://tech-skills-world.blogspot.com/2023/03/how-to-install-kali-linux-on-virtual-box.html 



Practical Session 2 Basic commands of Linux

 

Practical Title: Working with Linux

Problem statement

 

Basic commands of Linux.

 

Instructions

·         Run the basic commands of Linux as described in the session.

 

Objective: By the end of this practical, you will be able to get familiarize with Linux.

Software/s required, if any:

1. Kali Linux

Hardware required, if any: NA

External references, any

 

Reference:

https://maker.pro/linux/tutorial/basic-linux-commands-for-beginners 


Practical Session 3 Perform port and protocol scanning.

 

Practical Title: Port and protocol scanning.

Problem statement

 

Perform port and protocol scanning.

 

Instructions

·         Work with Nmap

·         Download the cheat sheet of Nmap from internet (https://github.com/jasonniebauer/Nmap-Cheatsheet)

 

Objective: By the end of this practical, you will be able to determine open port numbers and protocols enabled on the host machine.

Software/s required, if any:

1. Nmap

Hardware required, if any: NA

External references, any : No

Reference:

  1. nmap ip address                         To Scan a single IP
  2. nmap ipaddress1 ipaddress2      To scan specific IPs
  3. nmap IPaddress(Range)            To scan a range
  4. nmap scanme.nmap.org             To scan a domain






      https://maker.pro/linux/projects/how-to-check-for-open-ports-in-linux 

       

       

      Practical Session 4 Perform OS fingerprinting of remote hosts.

       

      Practical Title: OS Fingerprinting

      Problem statement

       Perform OS fingerprinting of remote hosts.

      Instructions

      ·         Use Nmap for this one too.

      ·         Download the cheat sheet of Nmap from internet (https://github.com/jasonniebauer/Nmap-Cheatsheet )

      Objective: By the end of this practical, you will be able to determine the operating system installed on the remote host.

      Software/s required, if any:

      1. Nmap

      Hardware required, if any: NA

      External references, any : No

      OS Footprinting

      1. nmap ipaddress -O (alphabet O)         Remote OS detectioin using TCP/IP stack fingerprinting
      2. nmap ipaddress -A                              Enables OS detection, version detection, script scanning,                                                                  and traceroute 



      If you are unable to to get the OS and get an error message as "requires root privileges" like below:


















      Use the SUDO command.








      Practical Session 5 Perform packet tracing and determine the content of the packet.

       

      Practical Title: Working with Wireshark (Packet Analysis)

      Problem statement

       

      Perform packet tracking and determine the content of the packet.

       

      Instructions

      ·         Work with Wireshark.

      ·         Start capturing packets.

      ·         Analyse the packets and get the required details.

       

      Objective: By the end of this practical, you will be able to analyse network traffic successfully.

      Software/s required, if any:

      1. Wireshark

      Hardware required, if any: NA

      External references, any : No




       


       

       

      Practical Session 6 By intercepting data/packets extract user id and password of xyz user.

       

      Practical Title: Working with Wireshark (Packet Analysis)

      Problem statement

       

      By intercepting data/packets extract user id and password of xyz user.

       

      Instructions

      ·         Work with Wireshark.

      ·         Start capturing packets.

      ·         Analyse the packets and get the required details.

       

      Objective: By the end of this practical, you will be able to analyse network traffic successfully.

      Software/s required, if any:

      1. Wireshark

      Hardware required, if any: NA

      External references, any : No

      Login to www.vulnweb.com 


      Filter HTTP and search for data sent from the system.













      Use the user name as Admin and password as orange to check if the password is detected and captured by wireshark.

      Nikto

      Scan a domain


      $ nikto - host http://testphp.vulnweb.com

      Scan a domain with ssl certificate:
      $ nikto -host https://kali.org -ssl













      By -
      Labels: , ,

      No comments:

      Post a Comment

      Subscribe to: Post Comments (Atom)