Penetration Testing and Intrusion Detection Name of the University Author
Added on 2022-08-18
57 Pages5094 Words316 Views
Running head: PENETRATION TESTING AND INTRUSION DETECTION
Penetration Testing and Intrusion Detection
Name of the Student
Name of the University
Author Note
Penetration Testing and Intrusion Detection
Name of the Student
Name of the University
Author Note
PENETRATION TESTING AND INTRUSION DETECTION1
Abstract
In the last decade penetration testing and intrusion detection techniques have
advanced a long way and it has never been this important. Penetration testing and
Intrusion Detection is not just important to attackers trying to break into a network but
also to network administrators trying to protect the network of their organization. This
study is to talk about how reconnaissance and scanning are necessary for attackers
to attack the target hosts of remote systems. These services are also important for
network administrators to check how secure their network is in preventing attackers
from hacking into the network or gaining access to sensitive information. Hence, the
study also talks about IDS and IPS and their key differences. After mentioning the
technical issues faced in scanning networks, the study comes to an end.
Abstract
In the last decade penetration testing and intrusion detection techniques have
advanced a long way and it has never been this important. Penetration testing and
Intrusion Detection is not just important to attackers trying to break into a network but
also to network administrators trying to protect the network of their organization. This
study is to talk about how reconnaissance and scanning are necessary for attackers
to attack the target hosts of remote systems. These services are also important for
network administrators to check how secure their network is in preventing attackers
from hacking into the network or gaining access to sensitive information. Hence, the
study also talks about IDS and IPS and their key differences. After mentioning the
technical issues faced in scanning networks, the study comes to an end.
PENETRATION TESTING AND INTRUSION DETECTION2
Table of Contents
List of Tables............................................................................................................................6
List of Figures...........................................................................................................................6
List of Appendices...................................................................................................................8
Introduction.............................................................................................................................10
Section A.................................................................................................................................10
Section B.................................................................................................................................12
1) Scan of Metasploit Virtual Machines....................................................................12
Use of Scanning Tools..................................................................................................13
Critical Analysis..............................................................................................................13
Network Topology: Attacker Network.........................................................................15
Network Topology: Target Network............................................................................16
Analysis...........................................................................................................................17
2) Use of Nessus Scanner to find vulnerabilities....................................................17
Installing and Running of Nessus Scanner...............................................................17
Scan and Analysis of the Results...............................................................................17
Investigation...................................................................................................................18
Security Analysis on Different Vulnerabilities............................................................19
Evaluation of UFW, IDS and IPS....................................................................................19
UFW usage.....................................................................................................................19
Differences between IDS and IPS..................................................................................20
Table of Contents
List of Tables............................................................................................................................6
List of Figures...........................................................................................................................6
List of Appendices...................................................................................................................8
Introduction.............................................................................................................................10
Section A.................................................................................................................................10
Section B.................................................................................................................................12
1) Scan of Metasploit Virtual Machines....................................................................12
Use of Scanning Tools..................................................................................................13
Critical Analysis..............................................................................................................13
Network Topology: Attacker Network.........................................................................15
Network Topology: Target Network............................................................................16
Analysis...........................................................................................................................17
2) Use of Nessus Scanner to find vulnerabilities....................................................17
Installing and Running of Nessus Scanner...............................................................17
Scan and Analysis of the Results...............................................................................17
Investigation...................................................................................................................18
Security Analysis on Different Vulnerabilities............................................................19
Evaluation of UFW, IDS and IPS....................................................................................19
UFW usage.....................................................................................................................19
Differences between IDS and IPS..................................................................................20
PENETRATION TESTING AND INTRUSION DETECTION3
Snort Setup and Configuration....................................................................................21
Metasploit and Armitage...................................................................................................21
Technical Issues............................................................................................................21
Conclusion..............................................................................................................................22
Bibliography............................................................................................................................23
Appendix.................................................................................................................................27
Differences between Active and Passive Reconnaissance........................................27
Risk Impact Table..............................................................................................................27
Differences between IDS and IPS..................................................................................27
Attacker IP Address..........................................................................................................28
Setting up Metasploit and Discovering Virtual Machine hosts...................................29
Automatic Server Setup....................................................................................................29
Nmap Scan of hosts with Armitage................................................................................30
Specifying Network of Target System............................................................................31
Scan completion adds Attacks Tab on hosts................................................................31
Discovered Hosts are shown...........................................................................................32
Port Scan of Network Hosts.............................................................................................32
OS and Port Details of Metasploit VM hosts.................................................................33
Nmap Scan of Target Network........................................................................................34
Nmap scan of Hosts with Zenmap..................................................................................35
Services running in Hosts................................................................................................36
Snort Setup and Configuration....................................................................................21
Metasploit and Armitage...................................................................................................21
Technical Issues............................................................................................................21
Conclusion..............................................................................................................................22
Bibliography............................................................................................................................23
Appendix.................................................................................................................................27
Differences between Active and Passive Reconnaissance........................................27
Risk Impact Table..............................................................................................................27
Differences between IDS and IPS..................................................................................27
Attacker IP Address..........................................................................................................28
Setting up Metasploit and Discovering Virtual Machine hosts...................................29
Automatic Server Setup....................................................................................................29
Nmap Scan of hosts with Armitage................................................................................30
Specifying Network of Target System............................................................................31
Scan completion adds Attacks Tab on hosts................................................................31
Discovered Hosts are shown...........................................................................................32
Port Scan of Network Hosts.............................................................................................32
OS and Port Details of Metasploit VM hosts.................................................................33
Nmap Scan of Target Network........................................................................................34
Nmap scan of Hosts with Zenmap..................................................................................35
Services running in Hosts................................................................................................36
PENETRATION TESTING AND INTRUSION DETECTION4
Masscan Results for Open TCP ports............................................................................37
Hping3 Scan.......................................................................................................................38
Installing and Running of Nessus Scanner...................................................................38
Exception for Nessus Scanner........................................................................................39
Account Creation...............................................................................................................39
Nessus Initialization..........................................................................................................40
Nessus Scanner Portal.....................................................................................................40
Advanced Scan..................................................................................................................41
Saving Configuration.........................................................................................................41
Analysing Completed Scan..............................................................................................42
Investigating Findings.......................................................................................................42
List of Vulnerabilities.........................................................................................................43
Medium Vulnerabilities......................................................................................................43
Individual Hosts and OS...................................................................................................44
Detected Topology of the Network.................................................................................45
Attacker Network...........................................................................................................45
Target Network..............................................................................................................46
Port Details of Target Network........................................................................................47
Port Details of Specific Host............................................................................................48
Snort Setup.........................................................................................................................48
Creating Custom Rules....................................................................................................49
Masscan Results for Open TCP ports............................................................................37
Hping3 Scan.......................................................................................................................38
Installing and Running of Nessus Scanner...................................................................38
Exception for Nessus Scanner........................................................................................39
Account Creation...............................................................................................................39
Nessus Initialization..........................................................................................................40
Nessus Scanner Portal.....................................................................................................40
Advanced Scan..................................................................................................................41
Saving Configuration.........................................................................................................41
Analysing Completed Scan..............................................................................................42
Investigating Findings.......................................................................................................42
List of Vulnerabilities.........................................................................................................43
Medium Vulnerabilities......................................................................................................43
Individual Hosts and OS...................................................................................................44
Detected Topology of the Network.................................................................................45
Attacker Network...........................................................................................................45
Target Network..............................................................................................................46
Port Details of Target Network........................................................................................47
Port Details of Specific Host............................................................................................48
Snort Setup.........................................................................................................................48
Creating Custom Rules....................................................................................................49
PENETRATION TESTING AND INTRUSION DETECTION5
Snort Configuration...........................................................................................................49
Configured Rules...............................................................................................................49
Browsing Attacks...............................................................................................................50
Completion of Attack Analysis.........................................................................................50
Browsing of new Attack tab..............................................................................................51
Checking Vulnerability......................................................................................................51
Running FTP Exploit Checks...........................................................................................52
Launching the Attack........................................................................................................53
Start of Attack on a specific host.....................................................................................54
Attempt to Exploit Servers................................................................................................55
Technical Issues................................................................................................................56
Snort Configuration...........................................................................................................49
Configured Rules...............................................................................................................49
Browsing Attacks...............................................................................................................50
Completion of Attack Analysis.........................................................................................50
Browsing of new Attack tab..............................................................................................51
Checking Vulnerability......................................................................................................51
Running FTP Exploit Checks...........................................................................................52
Launching the Attack........................................................................................................53
Start of Attack on a specific host.....................................................................................54
Attempt to Exploit Servers................................................................................................55
Technical Issues................................................................................................................56
PENETRATION TESTING AND INTRUSION DETECTION6
List of Tables
Differences between Active and Passive Reconnaissance
Risk Impact Table
Differences between IDS and IPS
List of Figures
Attacker IP Address
Setting up Metasploit and Discovering Virtual Machine hosts
Automatic Server Setup
Nmap Scan of hosts with Armitage
Specifying Network of Target System
Scan completion adds Attacks Tab on hosts
Discovered Hosts are shown
Port Scan of Network Hosts
OS and Port Details of Metasploit VM hosts
Nmap Scan of Target Network
Nmap scan with Zenmap
Masscan Results for Open TCP ports
Hping3 Scan
Installing and Running of Nessus Scanner
List of Tables
Differences between Active and Passive Reconnaissance
Risk Impact Table
Differences between IDS and IPS
List of Figures
Attacker IP Address
Setting up Metasploit and Discovering Virtual Machine hosts
Automatic Server Setup
Nmap Scan of hosts with Armitage
Specifying Network of Target System
Scan completion adds Attacks Tab on hosts
Discovered Hosts are shown
Port Scan of Network Hosts
OS and Port Details of Metasploit VM hosts
Nmap Scan of Target Network
Nmap scan with Zenmap
Masscan Results for Open TCP ports
Hping3 Scan
Installing and Running of Nessus Scanner
PENETRATION TESTING AND INTRUSION DETECTION7
Exception for Nessus Scanner
Account Creation
Nessus Initialization
Nessus Scanner Portal
Advanced Scan
Saving Configuration
Analysing Completed Scan
Investigating Findings
List of Vulnerabilities
Medium Vulnerabilities
Individual Hosts and OS
Detected Topology of the Network
Port Details of Specific Host
Snort Setup
Creating Custom Rules
Snort Configuration
Configured Rules
Browsing Attacks
Completion of Attack Analysis
Browsing of new Attack tab
Exception for Nessus Scanner
Account Creation
Nessus Initialization
Nessus Scanner Portal
Advanced Scan
Saving Configuration
Analysing Completed Scan
Investigating Findings
List of Vulnerabilities
Medium Vulnerabilities
Individual Hosts and OS
Detected Topology of the Network
Port Details of Specific Host
Snort Setup
Creating Custom Rules
Snort Configuration
Configured Rules
Browsing Attacks
Completion of Attack Analysis
Browsing of new Attack tab
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Penetration Testing on Linux Machine: Task 3lg...
|32
|3649
|332
Identification of Threats using Nmap and Metasploit Network Security Toolslg...
|9
|1788
|54
Penetration Testing Report 2022lg...
|23
|1237
|18
Comparison of Metasploit and Nessus for Network Securitylg...
|3
|1000
|38
Overview of Network Securitylg...
|11
|1474
|434
Performing Vulnerability Scan on Networklg...
|12
|769
|44