This research is a security assessment of a small group of systems. in this assessment, students will apply security tools and resources learned in labs to a set of unknown systems. they will synthesize the output of security tools and the results of research into a report evaluating the security of each unknown system.

1 scope of assessment

• the assessment is limited to the 3 ip addresses.
• room 250 anypc_ip_1
• room 250 anypc_ip_2
• room 250 anypc_ip_3
2 rules of engagement

• students may use any security tools to perform a security evaluation of the systems listed in the scope of assessment. these tools should include but are not limited to those listed in the resources required. security tools can be used to identify potential vulnerabilities and verify these potential vulnerabilities through the use of exploits. however, no tools that are designed to crash a system or otherwise create a denial of service attack may be used.

3 resources required

• students will need the following data and tools to create and test the software:
• kali vm
• port scanner like nmap
• vulnerability scanner like nessus
• metasploit
4 procedure

4.1 network scanning

• scan each ip address listed in the scope with nmap. scans should verify that the systems are up before proceeding, then identify the operating systems of each system, and finally identify both the names and versions of the running services on each system. students will need to scan all tcp and udp ports.
4.2 vulnerability research

• first, lookup the operating system type and version that were reported by network scanning tools. next, lookup any services, such as iis or apache, whose names were identified. use service versions to determine which vulnerabilities apply to the system under assessment. compare these lists of vulnerabilities with the ones found in the next step: vulnerability scanning.
4.3 vulnerability scanning

you need use the nessus vulnerability scanner tool to find vulnerabilities. create scan configurations for each of the targets. be sure that you can ping a target before beginning an nessus scan. if a nessus scan reports zero vulnerabilities, then there was an error during the scan or the target was not up.

5 report

• the report will need to be at least 5 pages single spaced using a 12-point font. the report must be divided into six sections:
1 summary
2 procedure
3 assessment of system 1 at ip room 250 anypc_ip_1
4 assessment of system 2 at ip room 250 anypc_ip_2
5 assessment of system 3 at ip room 250 anypc_ip_3
6 conclusion
7 references