Scribd
Upload
209 views

Detect OS, Services, and Vulnerabilities

This lab aims to detect the operating system, services, and vulnerabilities of a target machine using Nmap. Students will use various Nmap commands like -F, -O, -A, and -sV to scan the target machine at 192.168.12.254 with its firewall turned on and off. They will also install Nmap vulnerability scripts to detect detailed vulnerabilities of the target OS and report on 5 vulnerabilities found with their CVE codes and explanations. The lab report should include screenshots and descriptions of the steps and observations.

Uploaded by

Tuan Duong
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
209 views

Detect OS, Services, and Vulnerabilities

This lab aims to detect the operating system, services, and vulnerabilities of a target machine using Nmap. Students will use various Nmap commands like -F, -O, -A, and -sV to scan the target machine at 192.168.12.254 with its firewall turned on and off. They will also install Nmap vulnerability scripts to detect detailed vulnerabilities of the target OS and report on 5 vulnerabilities found with their CVE codes and explanations. The lab report should include screenshots and descriptions of the steps and observations.

Uploaded by

Tuan Duong
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Lab 2.

OS security

Detect OS, services, and vulnerabilities


Submission:

You will compose a lab report that documents each step you take, including screenshots to illustrate the
effects of commands you type, and describing your observations. Simply attaching code without any
explanation will not receive credits

Time duration: 1 week

Lab guide:

Network Topology:

Ubuntu or Kali Windows Server 2016


(nmap) or other OS

192.168.12.100/24 192.168.12.254/24

1. Using nmap to scan a machine (via IP address or name) to detect an OS & services
 Students can use some commands:
$ sudo nmap –F <network> //replace <Network> with 192.168.12.0/24
$ sudo nmap –O <IP-target> //replace <IP-target> with 192.168.12.254
$ sudo nmap –A <IP-target>
$ sudo nmap –sV <IP-target>

 Find the differences when using these commands with:


- Turn off the firewall on the target machine (192.168.12.254)
- Turn on the firewall on the target machine

 Students use some other options of the nmap to detect the target.

2. Using nmap with vul-scrip to detect vulnerabilities on an OS

Step 1. Install vul-scrip (to detect detailed vulnerabilities)

$git clone https://github.com/scipag/vulscan scipag_vulscan

$sudo ln -s `pwd`/scipag_vulscan /usr/share/nmap/scripts/vulscan


Step 2. Run with the command:

$sudo nmap -sV --script=vulscan/vulscan.nse <IP-target>

Note: see the website for more details: https://securitytrails.com/blog/nmap-vulnerability-scan

Sv chọn khoảng 5 lỗ hổng có mã CVE, tìm hiểu và giải thích lỗ hổng đó, ghi trong báo cáo.

You might also like