The Network Discovery lab is designed to help students facilitate open source collection by teaching them how to use more intimate network discovery techniques.
CybrScore's Network Discovery lab tests your ability to discover information about DNS servers, configure IPTables to impede malicious hackers, run traceroute scans, and run a query to see if a port is open to ICMP packets.
What is a DNS server? DNS servers are kind of like a phone book for the Internet. The DNS server keeps track of the domain name associated with a specific IP address. So, when you type in google.com, the DNS server will actually redirect you to the Web server IP address (192.168.0.1 for this example). You will then see the google.com page that you were trying to view. This redirection normally happens in a fraction of a second.
What is IPTables? IPTables is a pre-installed, rule-based firewall in most Linux operating systems. As a firewall, it allows you to specify rules to allow or disallow data packets into or out of the system. Think of it like a traffic light that tells you to stop or go, only here, we are telling data packets to either stop or go.
Students will begin the CybrScore Network Discovery lab by performing some DNS queries using tools, like Dig and Whois. You will then determine the SOA (Start of Authority) for a domain using Dig. Next in the CybrScore Network Discovery lab, students will use Dig to query mail servers and then will attempt a Zone Transfer. In the final part of the CybrScore Network Discovery lab, students will configure IP tables in Kali Linux, perform traceroute scans, and check for an open port.