In the beginning things have been kind of slow because there are so many people doing scans that I would imagine there is a high probability of major packet loss. I ran the ‘w’ command from the terminal on Ba and noticed that there were 17 people on the server, and they were most likely scanning the subnet as well:
I found that port 22 (SSH) was open on IP: 192.168.33.2, so I directed an OS scan on that machine with the command:
‘Sudo nmap –n –PN –A 192.168.33.2’
I put the results of this scan into a log file, and it determined that machine was running FreeBSD 5.4 or 5.5 (x86) , though the scan was (89%) sure that this was the correct OS and version number. I’m still doing some scans on the subnet, but it’s taking quite a while and I need to have this blog post up by 12:00a.m. (it’s 10:00p.m. now, so I’ll probably have a few more scans complete in the next couple of hours).
I did notice something kind of funny when I was attempting to scan for ALL OS’s on the subnet, (Yea, I know, not a smart thing to do with so much traffic on the server); I got kicked off the server for “exceeding my allowed time on the server.”
I’m not sure what this really means because the scan was only running for about 30 minutes. Maybe the professor has some kind of time-elapse method that will stop your scan after a set time period; this is just a guess, I have no idea if it’s correct. This also taught me that I need to do more directed scans and not have such a broad view of the task.
At this point I haven’t been able to answer all of the questions for the lab just yet, but I hope to by the next blog post. It’s taking a while to actually filter through the data and mine it for the information I’m looking for. As I stated before, I haven’t had very much experience with NMAP, so I’m still wading my way through the process.
…and the battle continues….
No comments:
Post a Comment