Embedded Files
Identify known weaknesses within a device, network or application, using a vulnerability scan
Assessment
Report
Learners may use vulnerability software to perform a vulnerability scan, linked to the CVSS database.
Alternatively, learners may be provided with a vulnerability scan, to identify known weaknesses within a device, network or application.
On one of the two configurable laptops in the Newquay Centre or on your own machine.
Install nMap
Go to the start menu
Type cmd
On the black screen type ipconfig
Record/remember the IP Address for your machine (192.168.80.40)
7. In nMap, type the IP address from Step 6 above, leave the Intense scan
8. Press Scan
9. Look for open Ports
10. Google what each port does
Here's a brief explanation of the purposes associated with the specified ports:
Port 135:
Purpose: Microsoft RPC (Remote Procedure Call)
Description: Port 135 is associated with Microsoft's Remote Procedure Call (RPC) service. It facilitates communication between applications on different computers, allowing them to execute procedures remotely.
Port 445:
Purpose: Microsoft-DS (Directory Services)
Description: Port 445 is used by Microsoft Directory Services, specifically for Server Message Block (SMB) communication. SMB is a network protocol that enables shared access to files, printers, and other resources on a network.
Port 139:
Purpose: NetBIOS Session Service
Description: Port 139 is utilized by the NetBIOS Session Service, which provides session-level communication between computers on a network. NetBIOS (Network Basic Input/Output System) is an early networking protocol used in Windows environments.
Port 5357:
Purpose: Link-Local Multicast Name Resolution (LLMNR)
Description: Port 5357 is associated with Link-Local Multicast Name Resolution (LLMNR). LLMNR is a protocol that allows hosts on the same local network to resolve each other's names without the need for a DNS server.
Port 3300:
Purpose: Generally Unassigned
Description: Port 3300 doesn't have a widely recognized or standardized purpose. It's considered as generally unassigned, meaning that specific applications or services may use it, but it doesn't have a well-known and standardized role.
It's important to note that while these are common uses, the actual use of a port can vary based on the specific configuration of a system or network. Additionally, understanding the purposes of ports is essential for network security, as certain ports, if left open and unsecured, can pose potential vulnerabilities. Always follow security best practices and ensure that open ports align with your network's requirements.
Using Screenshots from nMap, describe which ports were open and what they do (Google Search)
Think of a vulnerability scan like a health check-up for your computer or network. A doctor would use various tools to find out if you have any issues, right? Similarly, a vulnerability scan uses software to find weaknesses in your systems.
How It Works
1. Scanning: Using vulnerability scanning software, you scan the device, network, or application. This is like a doctor running tests during a check-up.
2. Reporting: Once the scan is complete, you get a report that lists all the vulnerabilities found. This is similar to getting test results back from the lab.
3. CVSS Database: The Common Vulnerability Scoring System (CVSS) database is like a medical encyclopedia for computers. It helps you understand how serious each vulnerability is by giving it a score.
What You'll See in the Report
- CVE Identifier: Each vulnerability usually has a Common Vulnerabilities and Exposure (CVE) identifier. It's like a name or a code that tells you exactly what the issue is.
- Description: This gives you details about the vulnerability, like how it could be exploited. It's like a doctor explaining what a particular health issue means for you.
- Impact: The report will tell you what the potential consequences are if the vulnerability is exploited. Think of this as the symptoms you might experience if you don't treat a medical issue.
- CVSS Score: This score ranges from 0 to 10, with 10 being the most severe. It helps you understand how critical the vulnerability is.
How to Use the Scan
1. Identify High-Risk Vulnerabilities: Look for vulnerabilities with high CVSS scores. These are the ones you'll want to fix first, just like you'd treat serious medical issues before minor ones.
2. Research the CVEs: Use the CVE identifiers to look up more information. The CVSS database is a great resource for this, like consulting a medical encyclopedia to understand a diagnosis better.
3. Plan Remediation: Based on the severity and impact of the vulnerabilities, plan how to fix them. This could include patching, upgrading, or other methods.
So if you were doing this in a classroom setting, you could either use actual vulnerability scanning software to scan a demo network, or you could work with a sample report that has been provided. Either way, the goal is to understand how to identify vulnerabilities and how to interpret the information you get.
Page updated
Google Sites
Report abuse