Nmap and Wireshark Lab Report: Network Security - University Name

Verified

Added on 2023/04/22

AI Summary

This lab report provides an introduction to using Nmap and Wireshark for network analysis. The report analyzes five packet captures, detailing the types of scans performed, such as ping scanning, TCP connect() scans, and ACK scans. It identifies responding services like Telnet, SMTP, SSH, and SSL and determines target operating systems and hostnames. The analysis includes identifying devices, common ports, and protocols, such as HTTP and NBNS, providing insights into network communication and security vulnerabilities. Desklib offers a range of similar solved assignments for students.

Running Head: LAB 3 - INTRODUCTION TO NMAP (WIRESHARK)
Lab 3 - Introduction to Nmap (Wireshark)
[Student Name]
[University Name]

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1LAB 3 - INTRODUCTION TO NMAP (WIRESHARK)
Capture1.pcapng
1. Ping scanning on the network is done in this packet capture.
2. Nmap -sP 10.10.10.0/24
3. The scan result shown the ping result to a particular source to all network destination
those are connected with this network.
4. Cisco vendors is shown on the scan
5. MAC address is - 00:e0:b8:af:14:cb
6. IPv4 address – 10.10.10.5
Capture2.pcapng
1. There are other packets from different host, because the source address first make
loss-tolerating connection with the network and then communicate with the router to
establish multicast group membership.
2. There are many different type of services are responding on the target such as telnet,
SMTP, SSH, SSL, NetBIOS, FTP, RTSP, POP3 over SSL, Microsoft-DS, EPMAP,
IMAP4 over SSL, POP3 and many more.
3. Packet number 23 is checking the telnet service.
Capture3.pcapng
1. TCP connect() Scan is running
2. Cause many different ports are used in this scan.
3. 50843, 50840, 50846, 50851 this ports are listening on the target.
Capture4.pcapng
1. ACK Scan is running
2. Because every packets are acknowledging the request from different ports.

2LAB 3 - INTRODUCTION TO NMAP (WIRESHARK)
3. Two devices are 10.10.10.6 and 10.10.10.4. common ports and services are 22 – SSH,
23 – telnet, 25 – SMTP, 443 – SSL, 53 – DNS and many more.
Capture5.pcapng
1. Mail service is running on that server.
2. Windows server is running on the target computer
3. HTTP protocol is running that shows the OS of the target.
4. The host name of the target is Mailslot (10.10.10.4).
5. NBNS protocol is running to show the host name of the target.