1 / 17

Network Discovery Midterm

Network Discovery Midterm. Instructor: Dr. Mark Stamp CS Technician: Kevin Ross Equipment: Linksys WRT54G WAP Via Mini-ITX PC Cords, powerstrip, etc. WAP. SSID: jasmine WEP Key: c0ffee2020 IP: 192.168.20.1 Running DD-WRT firmware Gives out IP addresses in range: 192.168.20.100-150.

afya
Download Presentation

Network Discovery Midterm

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Discovery Midterm • Instructor: Dr. Mark Stamp • CS Technician: Kevin Ross • Equipment: • Linksys WRT54G WAP • Via Mini-ITX PC • Cords, powerstrip, etc.

  2. WAP SSID: jasmine WEP Key: c0ffee2020 IP: 192.168.20.1 Running DD-WRT firmware Gives out IP addresses in range: 192.168.20.100-150

  3. WAP • Open Ports: • Port: Service: • 22 ssh (secure shell access) • 53 dns (ipmasq) • 80 http (config tool)

  4. Firewall Ports open (forwarded to static IP 192.168.20.120): 23 8080

  5. Networked computer Hostname: bob-desktop IP Address: 192.168.20.120 Running Ubuntu 7.10 Form factor: mini-itx Hardware condition: deceased

  6. Networked computer Open ports: Port Service 23 SSH (OpenSSH) 8080 HTTP (lighttpd web server)

  7. Bob-desktop port 8080: Web root folder images music stuff

  8. Web root folder index.html links to other directories robots.txt excludes directory: stuff

  9. images index.html

  10. music index.html

  11. stuff index.html info.txt.bfa

  12. info.txt.bfa • blowfish encrypted file • Internet search: “.bfa extension” • Many command line programs will decrypt

  13. info.txt.bfa • Password: frequently mentioned word from web pages • Contents: bob’s password, among others

  14. Tools: • nmap, nmapfe, nessus • wget, or remember to check for robots.txt and use web browser

  15. Problems: • Firewall scan difficult because all laptops were 1 hop from WAP—needed IP of internal machine or to perform scan one team at a time. • WAP DHCP server temporarily assigned what was supposed to be the static IP of internal machine, 192.168.20.120, to a user’s laptop. • Via hardware died a premature death.

  16. Questions:

More Related