Author: CCNA Security

Topology Objectives Part 1: Exploring Nmap Part 2: Scanning for Open Ports Background / Scenario Port scanning is usually part of a reconnaissance attack. There are a variety of port scanning methods that can be used. We will explore how to use the Nmap utility. Nmap is a powerful network utility that is used for network discovery and security auditing. Required Resources CyberOps Workstation Virtual Machine Internet access Part 1: Exploring Nmap In this part, you will use manual pages (or man pages for short) to learn more about Nmap. The man [ program |utility | function] command displays the…

Mininet Topology Objectives Part 1: Prepare the Hosts to Capture the Traffic Part 2: Analyze the Packets using Wireshark Part 3: View the Packets using tcpdump Background / Scenario In this lab, you will use Wireshark to capture and examine packets generated between the PC browser using the HyperText Transfer Protocol (HTTP) and a web server, such as www.google.com. When an application, such as HTTP or File Transfer Protocol (FTP) first starts on a host, TCP uses the three-way handshake to establish a reliable TCP session between the two hosts. For example, when a PC uses a web browser to…

Mininet Topology Objectives Part 1: Examine the Header Fields in an Ethernet II Frame Part 2: Use Wireshark to Capture and Analyze Ethernet Frames Background / Scenario When upper layer protocols communicate with each other, data flows down the Open Systems Interconnection (OSI) layers and is encapsulated into a Layer 2 frame. The frame composition is dependent on the media access type. For example, if the upper layer protocols are TCP and IP and the media access is Ethernet, then the Layer 2 frame encapsulation will be Ethernet II. This is typical for a LAN environment. When learning about Layer…

Mininet Topology Objectives Part 1: Install and Verify the Mininet Topology Part 2: Capture and Analyze ICMP Data in Wireshark Background / Scenario The CyberOps VM includes a Python script that, when you run it, will set up and configure the devices shown in the figure above. You will then have access to four hosts, a switch, and a router inside your one VM. This will allow you to simulate a variety of network protocols and services without having to configure a physical network of devices. For example, in this lab you will use the ping command between two hosts…

Objectives Part 1: Verifying Network Connectivity Using Ping Part 2: Tracing a Route to a Remote Server Using Traceroute Part 3: Trace a Route to a Remote Server Using Web-Based Traceroute Tool Background Tracing a route will list each routing device that a packet crosses as it traverses the network from source to destination. Route tracing is typically executed at the command line as: tracert <destination network name or end device address> (Microsoft Windows systems) or traceroute <destination network name or end device address> (Unix and similar systems) The traceroute (or tracert) tool is often used for network troubleshooting. By…

Objectives In this lab, you will use familiarize yourself with Linux filesystems. Required Resources CyberOps Workstation VM Part 1: Exploring Filesystems in Linux The Linux filesystem is one of its most popular features. While Linux supports many different types of filesystems, this lab focuses on the ext family, one the most common filesystems found on Linux. Step 1: Access the command line. Launch the CyberOps Workstation VM and open a terminal window. Step 2: Display the filesystems currently mounted. Filesystems must be mounted before they can be accessed and used. In computing, mounting a filesystem means to make it accessible…

Introduction In this lab, you will get familiar with locating and manipulating Linux log files. Required Resources CyberOps Workstation Virtual Machine Part 1: Log File Overview Log files (also spelled logfiles), are files used by computers to log events. Software programs, background processes, services, or transactions between services, including the operating system itself, may generate such events. Log files are dependent on the application that generates them. It is up to the application developer to conform to log file convention. Software documentation should include information on its log files. Step 1: Web server log file example Because log files are…

Introduction In this lab, you will use the Linux command line to identify servers running on a given computer. Recommended Equipment CyberOps Workstation Virtual Machine Part 1: Servers Servers are essentially programs written to provide specific information upon request. Clients, which are also programs, reach out to the server, place the request and wait for the server response. Many different client-server communication technologies can be used, with the most common being IP networks. This lab focuses on IP network-based servers and clients. Step 1: Access the command line. a. Log on to the CyberOps Workstation VM as the analyst, using…

Introduction In this lab, you will use the Linux command line to manage files and folders, and perform some basic administrative tasks. Recommended Equipment CyberOps Workstation Virtual Machine Part 1: Shell Basics The shell is the term used to refer to the command interpreter in Linux. Also known as Terminal, Command Line and Command Prompt, the shell is very powerful way to interact with a Linux computer. Step 1: Access the Command Line a. Log on to the CyberOps Workstation VM as the analyst using the password cyberops. The account analyst is used as the example user account throughout this…