Silver

Reflection:

Foot-printing:The purpose of this lab is to teach us how to execute programs using scripted commands. So through network scanning, you can see the implementation of security performance more clearly.

Summarize the information discovered in the Lab about the network topology

We can summarize the capabilities we need to find into hosts.txt . In the txt file. In this way, we can effectively find out the results scanned by the host through LeafPad.

We can also use the Topology option to display the discovered network hosts that have been detected by scanning. And you can clearly see which networks have vulnerabilities from the topology.

The network consists of several Windows and Linux machines. There are 5 Windows machines and 3 Linux machines. From the analysis network port to Zenmap, you can see that there are several vulnerable hosts. On the other hand, Linux systems are secure and have fewer open ports than vulnerable hosts.

By using Nmap, the scan port can be used to detect open ports available in the system’s internal systems. These open ports are vulnerable points, and an attacker can destroy the entire network with a successful attack.

How can packet sniffing be used to detect potential issues on a network?

First, we can do this by turning on WireShark. There is a folder for Vulnerable Network Captures. We can use this operation to scan which data is vulnerable. After that, we can achieve the purpose of deletion by clearing the filter. Finally, we can click on Statistics and then select Conversations to see the Ethernet address of the device on the network. Therefore, you can see the traffic flow and port information of the same device.

Analyses the captured packets from Exercise 2 and filter the DNS requests sent from 192.168.27.12 to 192.168.27.1 and view the UDP stream.What can you tell about the DNS request?

The content of the DNS request is mainly through the address translation system. Domain name resolution is the process of re-converting a domain name into an IP address. A domain name corresponds to an IP address, but an IP address corresponds to multiple domain names. So multiple domain names can be resolved to an IP address at the same time.

Critical Thinking Analysis

This lab focuses on network footprint and packet sniffing. We can use these two methods to quickly and efficiently find out what is a network vulnerability. And we can clearly see what the packet will parse certain domain names.

However, this lab has some shortcomings. First, it must be operated simultaneously through the TigerVNC Viewer and WireShark. It is not possible to bring the two together. Second, it is possible to quickly grasp the information through packet sniffing. However, there is no filtering function.

Reflection:

The main purpose of this lab is to protect the computer against virus intrusion by using the security of the host.

Discuss when you may need to use the Windows Defender feature from the lab

Windows Defender is an anti-malware feature found on Windows 10 systems. We should use the Windows defender feature when checking if the computer is at risk. In addition, this feature can be used if we want to see if a file is at risk. This feature allows you to quickly and accurately identify which folders are at risk.

Discuss a scenario when you may need to use the Online Anti-Malware Scanner

First, we need to download a program for anti-malware scanning. In addition, we need to read all the terms carefully and confirm. Second, we need to scan some files that may be at risk. Finally, the application window of the security scanner should be closed when all scans have ended.

Select a feature Internet Explorer Browser Security from the lab and discuss the reason it is required.

1. Internet Explorer browser protects your privacy by installing filters and blocking pop-ups.The Internet Explorer browser can effectively block you from entering any false information at risk. Therefore, Internet Explorer can guarantee the security of your Internet access.

2.The Internet Explorer browser can provide you with filtering capabilities. The ActiveX program can remind you if the software is from a publisher of trusted software. This way you have the ability to safely download the software you need.

3.Take advantage of ActiveX’s filtering capabilities. You can see who signed the website. In addition, you can also view the certificate to determine the validity period.

Critical Thinking Analysis

How the lab could be improved (in relation topic)

This lab gives us how to use the Windows Defender feature to check for risk in the file. In addition, an Internet Explorer browser is provided to allow you to have a secure environment to download software and protect your privacy. However, this lab does not provide a display of documents and websites at risk. If you can compare the security of the check file or website with the risk of the website content. This may be more beneficial for us to practice

What problems I encountered

The first major issue in the lab was not to tell us how to establish the security of the host. The lab is asking us to build a secure environment for the host. However, what the lab teaches us is how to view documents and websites for risks. Therefore, there is no discussion on how to establish host security.

Reflection:

This lab focuses on how quickly and efficiently an attacker finds useful information and uses it.

Summarize the key information gathered from MY BOOK

Through this website, there is obvious information about Phillip. He has 1,325 followers, moreover, his job role is front-end software engineer at Google, and he loves his work very much. Therefore, we can use his personal information to trick the company into thinking that the attacker is Phillip. He is more active on social networking sites. Some pictures show that Philip is married and has a wife. The criminal can implement the positioning through the background position of the wedding.

We can know from the comments below the photo that John and Alexis are his two friends and that Philip may have his own children. There is a message that Philip’s car is broken. This is a very useful message for the attacker. May pretend to be Philip through the license plate number. On this website, Phillips disclosed his phone number and date of birth and where he was educated. Therefore, an attacker may use this basic private information to gain the trust of security inspectors. We can also find Philip’s personal information through Oxford University, all information will be exposed. The attacker will use Phillips’ previous work experience to get Philip’s details. This may cause the IT department to inform Philip that he needs to change his password.

Another useful message is that the location represented by the map may be the location of the family. We can use the information on the album to find out that Philip has been listed as creative director and she works in front-end software design. This means that Philip has access to many important resources and information. His password may give him a domain name with administrator level or root access. This is very beneficial information for the attacker. In addition, an attacker may use the pet’s type and name to crack password issues in security issues.

According to some information from Phillips friends. The attacker may use Phillips’ information to deceive his friends. For example, fake Philip provides his friend with Philip’s personal information, and then sends some websites to his friends to get personal information from Phillips friends.

What are the risks of using a social networking platform?

Using a social networking platform may result in the disclosure of personal information.

1. Date of birth
2. Family address and family members
3. Password
4. Work location and position
5. Identification number
6. Information about friends around you

The attacker will communicate with your good friends through your personal information to achieve the purpose of deception. Moreover, they can use your personal information to steal content from your work at the company and cause vulnerability.

Consider how the information gathered can be leveraged to attack an organisation?

1. The attacker will use personal information to deceive relatives and friends around to achieve the purpose of fraudulently obtaining money.
2. The attacker can use personal information to locate the location and location of the work and the name of the company. Furthermore, the purpose of stealing company information can be achieved, and the use of such information to cause a vulnerability will eventually lead to leakage of company secrets.

Critical Thinking Analysis

How you could have done the lab better

I think there are a lot of beneficial things in the simulation of the lab. We can understand more clearly what information is very important to us, moreover, this real information should not be exposed on the network.

In the case of this lab simulation, I believe that the information published on the website should be modified according to the publisher’s wishes. First, you can add the ability to hide information. This helps publishers protect their personal privacy. However, if you want to open your personal information to people you are familiar with, you can solve this problem by setting some people to see it. In addition, it should be important to set a window to emphasize personal information when entering the website.