Scribd
Upload
29 views

Lab 5

The document summarizes the results of port scans and service enumeration performed on the Metasploitable 2 virtual machine. A default Nmap scan found ports 21, 22, 23, 53, 80 and 8180 open. A full TCP port scan found additional ports 8180, 38692, 41385, 50842 and 54117 open. A UDP scan found ports 3, 7, 8, 9, and 10 open. Running scans of all ports instead of just default ports allows discovery of unnecessary open ports that could be exploited. The -sV switch provides useful version information for open services, identifying exploitable services like SMTP and FTP.

Uploaded by

kuljit kaur
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
29 views

Lab 5

The document summarizes the results of port scans and service enumeration performed on the Metasploitable 2 virtual machine. A default Nmap scan found ports 21, 22, 23, 53, 80 and 8180 open. A full TCP port scan found additional ports 8180, 38692, 41385, 50842 and 54117 open. A UDP scan found ports 3, 7, 8, 9, and 10 open. Running scans of all ports instead of just default ports allows discovery of unnecessary open ports that could be exploited. The -sV switch provides useful version information for open services, identifying exploitable services like SMTP and FTP.

Uploaded by

kuljit kaur
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

1604 Lab 5 Fall2019

Student Name: Kuljit Kaur


Student Number: 761650

Network Discovery and Service Enumeration.

1) Run a default Nmap scan of the Metasploitable 2 VM? What ports are open?
1604 Lab 5 Fall2019

➔ Along with the common ports which are open such as 21, 22, 23 53, 80 port
no. 8180 which is a TCP port is also open and running an unknown service.

2) Run a full TCP port scan of the Metasploitable 2 VM? What additional ports
were found?

Other ports which are open are 8180, 38692, 41385, 50842, 54117 which are
running unknown services.

3) Run a UDP scan of the Metasploitable 2 VM. What ports were found?
1604 Lab 5 Fall2019

Ports that were found open are as follows:


Port 3 running compressnet service
Port 7 running echo
Port 8 running an unknown service
Port 9 running discard service
Port 10 running an unknown service

4) Why is it useful to run a scan of all ports instead of just the default?
→ By scanning all ports, we can know which unnecessary services are
running on the ports which can exploit our system.

5) Use the -sV command in your Nmap scan? What useful information was
provided?
1604 Lab 5 Fall2019

Along with the port no., state and service which are running on them -sV
command also reveals the version of the services as we can see in the
screenshot.

6) Using the information gathered above, identify at least 2 services that can be
exploited. List them below.
➔ SMTP service can be exploited by DDOS attack
➔ FTP can be attacked using FTP bounce attack or FTP Brute Force Attack.

You might also like