: Information Security
words: 1700-2000
Instructions
1. Download nmap (https://nmap.org/download.html)
2. Open the scripts from the folder
3. Do not run any more tests!!
Report
Port scanning is a commonly used technique to probe a host for open/closed ports and identify
services that are running in that host. This retrieved information may be used to launch an attack on
a system.
In this assignment, you will be using a commonly used port scanner called Nmap. You’re to scan the
following hosts and write a report about your results.
is5104target.cs.standrews.ac.uk (Available only from the lab machines) 138.251.194.194 (Available
only from the lab machines)
kd69.host.cs.standrews.ac.uk (Replace username with your university username)
scanme.nmap.org
The report should contain a summary of the information that you have discovered about each host
through port scanning. This may include information regarding the services running on the hosts
(and the associated port), OS details, vulnerabilities and any other hidden information that you were
able to retrieve about the hosts through Nmap. Based on the retrieved information, you must discuss
the following:
1. Are there any vulnerable services running on the hosts? If yes, what are they?
2. How can they be used to launch an attack and/or gain backdoor entry? And how do you prevent
them?
3. Are there any hidden services running on the system that may contain sensitive information? If yes,
is it possible access that information?
4. Anything else that you think could be used to affect the CIA triad of the host.
Three different commands are used for each host:
1. nmap T4 A v IPADDRESS/HOSTNAME
This will give a brief overview of the OS, Open ports and services running on the target.
2. nmap script discovery IPADDRESS/HOSTNAME
This will run all the scripts in the category ‘discovery’ at the target host
3. nmap script vuln IPADDRESS/HOSTNAME
This will find vulnerabilities
Use screenshots in the report!!
Use references!! (APA)