Scanning & Penetration Testing
0 likes310 views
This document provides instructions for hands-on exercises using the security testing tools in BackTrack 5. It discusses running a live BackTrack CD, configuring network settings, using Wireshark to capture network traffic, Nmap for scanning targets, Hydra for password cracking, and observing the results. Students are warned that any illegal activities outside the classroom are their full responsibility, and basic security best practices like keeping systems patched and using firewalls are recommended. The document concludes by providing questions to analyze the results of exercises using Nmap, Telnet, Wireshark, Hydra and TCPdump to observe network protocols, password cracking attempts, and the three-way handshake process between targets and hosts.
Scanning & Penetration Testing
- 1. Lab Analysis & Hands on BACKTRACK 5 Deris Stiawan Ph.D Candidate | Universiti Teknologi Malaysia In this contains material have steps of scanning and pentest, it use for learning only and do in the private lab scenario. All kinds of problems incurred outside the classroom thereafter is a crime and you are fully responsible @2011
- 2. Scenario Foot printing, Gathering Information IP Address, MAC Address, Port, Daemon / Application Vulnerability / Holes Penetration
- 3. (1) Hands on : Running Backtrack • Live CD Backtrack (BT) 5 Rel. 1 • Loading BT from booting CD / DVD • Choose : (1) Backtrack Text • Wait until process is complete • Command : – root@bt5-stealth:# startx
- 4. Setting IP Address • Find “Terminal” in above of desktop • Root:# ifconfig • Root:# Ifconfig eth0 ip add netmask • Route add default gateway ip add • Echo nameserver 161.139.16.2 > /etc/resolv.conf • Root:# Ifconfig eth0 up
- 5. (2) Hands on: Wireshark • Click : Applications | Backtrack | Information Gathering | Network Analysis | Network Traffic Analysis | Wireshark • OR on Terminal , typing command : Wireshark
- 6. (3) Hands on: nmap • Typing nmap in the terminal – Nmap –v –A ip target • In the Terminal , typing command : Zenmap – On Target : IP Address of target – Profile : Choose the options – Then Click Scan
- 7. (4) Hands on: Guessing Password • Preparing dictionary / world list • Open gedit from Application | Accessories • Or typing in Terminar: gedit • Then typing some word guessing / dictionary list ; – Admin – Password – Handsome – … – Save: passlist.txt on root dir
- 8. Hydra • On Terminal, – Hydra -l username –P nameoffile.txt ip address services – i.e : – Hydra –l administrator –P passlist.txt IP Address Telnet
- 9. • Beware in your characters password, have in list of dictionary, is very easy to guess. There are so many dictionary in much language. • Update patch your OS and applications. • In your PC always update your antivirus and get personal firewall • Be paranoid in Internet, particularly with attachment file from email / messenger • Use your official personal email with care, don’t use it at the time registration in underground / warez websites. • Avoid download s/w or application from non official website / underground / warez
- 10. Exercise • Running and testing – Applications | BackTrack | Stress Testing | Network Stress Testing |
- 11. Lab Review & Analysis Question • (1). Nmap; – Type nmap –sP IP Address, – Type nmap –Vv –A Ip Address, – Type nmap –sS Ip address, – Type nmap –O Ip address, • Observe the output • How many host did it find ? • What is the IP Address of the host ? • How long did the scan take ? • What the result from this stages ?
- 12. • (2). Telnet & Wireshark – Type in terminal, telnet IP Address target – Open Wireshark • Observe the output information from wireshark • Find information user n password in wireshark • What is protocol usage ?, • What is the dominant protocol ? • Observe handshake process the target and your host
- 13. • (3). Hydra & Wireshark & tcpdump – Type Hydra –l administrator –P passlist.txt IP Address Telnet – Open & Running the Wireshark – In the terminal, type tcpdump –X • Observe the output information from wireshark & tcpdump • Observe handshake process the target and your host • Draw it with your own, observation three way handshake the target & host