Home > Articles

This chapter is from the book

Exercises

3-1 Performing Passive Reconnaissance

The best way to learn passive information gathering is to use the tools. In this exercise, you perform reconnaissance on several organizations. Acquire only the information requested.

Estimated Time: 20 minutes.

  • Step 1. Review Table 3-10 to determine the target of your passive information gathering.

Table 3-10 Passive Information Gathering

Domain Name

IP Address

Location

Contact Person

Address and Phone Number

h4cker.org

Examcram.com

72.3.246.59

Rutgers.edu

secretcorp.org

3-2 Performing Active Reconnaissance

The best way to learn active information gathering is to use the tools. In this exercise, you perform reconnaissance on your own internal network. If you are not on a test network, make sure that you have permission before scanning it, or your action may be seen as the precursor of an attack.

Estimated Time: 15 minutes.

  • Step 1. Download the most current version of Nmap from https://nmap.org/download.html.

  • Step 2. Open a command prompt and go to the directory in which you have installed Nmap.

  • Step 3. Run nmap -h from the command line to see the various options.

  • Step 4. You’ll notice that Nmap has many options. Review and find the option for a full connect scan. Enter your result here:___

  • Step 5. Review and find the option for a stealth scan. Enter your result here: ___

  • Step 6. Review and find the option for a UDP scan. Enter your result here: ___

  • Step 7. Review and find the option for a fingerprint scan. Enter your result here: ___

  • Step 8. Perform a full connect scan on one of the local devices you have identified on your network. The syntax is nmap -sT IP_Address.

  • Step 9. Perform a stealth scan on one of the local devices you have identified on your network. The syntax is nmap -sS IP_Address.

  • Step 10. Perform a UDP scan on one of the local devices you have identified on your network. The syntax is nmap -sU IP_Address.

  • Step 11. Perform a fingerprint scan on one of the local devices you have identified on your network. The syntax is nmap -O IP_Address.

  • Step 12. Observe the results of each scan. Could Nmap successfully identify the system? Were the ports it identified correct?

Pearson IT Certification Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Pearson IT Certification and its family of brands. I can unsubscribe at any time.