Cyber Security - Lab -1

How to check for open ports on Kali Linux - LAB-1 

When you are troubleshooting networking issues in Linux or are looking for ways to improve the security of your Linux.

    

Information to be filled in by learner

Procedure (Write step-wise)

Observations

Write your observations of the task here

Queries about the codes/scenarios given for practice (if any to ask the facilitator)

Feedback from the Facilitator

To be filled in by facilitator

Practical Session 1 Installing and configuring Kali Linux as your workstation

Practical Title: Installing and configuring Kali Linux as your workstation

Problem statement   Installing and configuring Kali Linux as your workstation

Instructions   ·         Either you can download the virtual image of Kali Linux from (https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-image-download/) or you can use the cloud version provided by us.

Objective: By the end of this practical, you will be able to successfully configure your workstation.  Software/s required, if any: 1.       Kali Linux 2.      Virtual Box/VMWare Player Hardware required, if any:  NA External references, any

Reference: 

https://tech-skills-world.blogspot.com/2023/03/how-to-install-kali-linux-on-virtual-box.html 

Practical Session 2 Basic commands of Linux

Practical Title: Working with Linux

Problem statement Basic commands of Linux.

Instructions ·         Run the basic commands of Linux as described in the session.

Objective: By the end of this practical, you will be able to get familiarize with Linux. Software/s required, if any: 1. Kali Linux Hardware required, if any: NA External references, any

Reference: https://maker.pro/linux/tutorial/basic-linux-commands-for-beginners 

Practical Session 3 Perform port and protocol scanning.

Practical Title: Port and protocol scanning.

Problem statement  Perform port and protocol scanning.

Instructions ·         Work with Nmap ·         Download the cheat sheet of Nmap from internet (https://github.com/jasonniebauer/Nmap-Cheatsheet)

Objective: By the end of this practical, you will be able to determine open port numbers and protocols enabled on the host machine. Software/s required, if any: 1. Nmap Hardware required, if any: NA External references, any : No

Reference:

1. nmap ip address                         To Scan a single IP
2. nmap ipaddress1 ipaddress2      To scan specific IPs
3. nmap IPaddress(Range)            To scan a range
4. nmap scanme.nmap.org             To scan a domain

 

How to Check for Open Ports in Linux

When you are troubleshooting networking issues in Linux or are looking for ways to improve the security of your Linux machine, you will need to know if and which ports are open. In this article we will look at different ways to list or display open ports in Linux.

What is a Port?

A port is a 16-bit number (0 to 65535) to help identify a given application or process on a Linux (Unix) operating system. Port differentiates one application from another on a Linux system.

Below are the different categories of ports:

0 – 1023 – Referred to as Well Known Ports

1024 – 49151 –Referred to as Registered Ports

49152 – 65535 – Referred to as Dynamic Ports

Using the following command, a list of applications and ports is displayed on your terminal:

// Your code here

TCP: TCP stands for Transmission Control Protocol. It is the most commonly-used protocol on the Internet. TCP is not just one-way communication, rather it sends packets back to acknowledge it’s  received your packets.

UDP: Also known as User Datagram Protocol. It is an alternative communications protocol to TCP. The UDP protocol works similar to TCP. However, it ignores all error-checking stuff. UDP is necessary when speed is desirable and error correction is not needed.

SOCKETS: Socket allows communication from two different processes on the same or different machines.

Let’s look at different ways to list an open port in Linux.

1. Netstat

In this method we will use the command netstat -atu to check for open ports in Linux.

We used the -a, -t and -u flags for netstat.

-a: shows all sockets

-t: shows TCP connections

-u: shows UDP connections

You can also add the -p flag to show related PID of the process or program name.

To display only UDP ports, you can use the following command:

netstat -vaun

Also, you can use the following command to search for TCP ports:

netstat -vatn

2. lsof

Instead of using netstat, we can use the lsof command to display open ports in Linux:

lsof -i

The following command can also help to display open sockets:

lsof -n -P | grep LISTEN

Also, you can use the command below to list all TCP connections:

lsof -i tcp

Moreover, you can use the following command for UDP connections:

lsof -i udp

3. Network Mapped Command

In this method we will use nmap to detect the open port on your system. We can use the following command to show tcp port connections:

nmap -sT -O localhost

Finally, to show udp port connections, we can use the following command:

nmap -sU localhost

Conclusion

When it comes to the security of your Linux PC, the first thing to do is to close all unnecessary ports to prevent external access. With the methods listed above, you will be able to easily check for open ports on a Linux system and determine which ports should be closed or remain open.

Courtesy: https://maker.pro/linux/projects/how-to-check-for-open-ports-in-linux 

  

Practical Session 4 Perform OS fingerprinting of remote hosts.

Practical Title: OS Fingerprinting

Problem statement Perform OS fingerprinting of remote hosts.

Instructions ·     Use Nmap for this one too. ·    Download the cheat sheet of Nmap from internet (https://github.com/jasonniebauer/Nmap-Cheatsheet )

Objective: By the end of this practical, you will be able to determine the operating system installed on the remote host. Software/s required, if any: 1. Nmap Hardware required, if any: NA External references, any : No

OS Footprinting

1. nmap ipaddress -O (alphabet O)         Remote OS detectioin using TCP/IP stack fingerprinting
2. nmap ipaddress -A                              Enables OS detection, version detection, script scanning,                                                                  and traceroute 

If you are unable to to get the OS and get an error message as "requires root privileges" like below:

Use the SUDO command.

Practical Session 5 Perform packet tracing and determine the content of the packet.

Practical Title: Working with Wireshark (Packet Analysis)

Problem statement Perform packet tracking and determine the content of the packet.

Instructions ·         Work with Wireshark. ·         Start capturing packets. ·         Analyse the packets and get the required details.

Objective: By the end of this practical, you will be able to analyse network traffic successfully. Software/s required, if any: 1. Wireshark Hardware required, if any: NA External references, any : No

Practical Session 6 By intercepting data/packets extract user id and password of xyz user.

Practical Title: Working with Wireshark (Packet Analysis)

Problem statement By intercepting data/packets extract user id and password of xyz user.

Instructions ·         Work with Wireshark. ·         Start capturing packets. ·         Analyse the packets and get the required details.

Objective: By the end of this practical, you will be able to analyse network traffic successfully. Software/s required, if any: 1. Wireshark Hardware required, if any: NA External references, any : No

Login to www.vulnweb.com 

Filter HTTP and search for data sent from the system.

Use the user name as Admin and password as orange to check if the password is detected and captured by wireshark.

Nikto

Scan a domain

$ nikto - host http://testphp.vulnweb.com

Scan a domain with ssl certificate:

$ nikto -host https://kali.org -ssl