Common Network Vulnerabilities

Introduction

Welcome to the Understand Common Network Vulnerabilities Practice Lab. In this module, you will be provided with the instructions and devices needed to develop your hands-on skills.

Learning Outcomes

In this module, you will complete the following exercises:

• Exercise 1 - Spoofing a DNS Server
• Exercise 2 - Exploring DNS Server Vulnerabilities
• Exercise 3 - Using Anti-Phishing configuration

After completing this lab, you will be able to:

• Defend against a Man in the Middle Attacks (MITM)
• Perform ARP Poisoning
• Spoof a DNS Server
• Identify DNS server vulnerabilities
• Use available tools to mitigate phishing

Exam Objectives

The following exam objectives are covered in this lab:

• N10-007 1.8 Explain the functions of network services (DNS service, Record types, MX)
• N10-007 4.4 Summarize common networking attacks (DoS, Phishing)
• N10-007 4.4 Summarize common networking attacks (DoS, DNS poisoning)
• N10-007 4.4 Summarize common networking attacks (DoS, Spoofing)
• N10-007 4.4 Summarize common networking attacks (DoS, Man-in-the-middle)
• N10-007 5.2 Given a scenario, use the appropriate tool (Command line, dig)

Lab Duration

It will take approximately 1 hour to complete this lab.

Exercise 1 - Spoofing a DNS Server

Linux has a utility called Ettercap that can simulate a DNS spoofing (DNS cache poisoning) where false information is introduced to a Domain Name System (DNS) server causing it to return incorrect IP address and diverting traffic to the attacker’s computer.

In this exercise, you will learn how to use Ettercap tool to observer DNS spoofing in action.

Learning Outcomes

After completing this exercise, you will be able to:

• Understand Man in the Middle Attacks (MITM) and how to stop them
• Become familiar with ARP Poisoning
• Spoof a DNS Server

Exercise 2 - Exploring DNS Server Vulnerabilities

Public DNS servers are at most risk for attacks as they are accessible to any device on the Internet that needs to resolve a fully qualified domain name to its numeric IP address. In most cases, public DNS servers will only respond to resolve a hostname and IP address, and will not accept zone transfer data from unknown DNS servers.

In this exercise, we will add a few more records to the PLABDC01 DNS, to test how zone transfer works. You will use a Linux tool called dig to initiate a zone transfer with a Windows DNS server.

Learning Outcomes

After completing this exercise, you will be able to:

• Explore DNS Server Vulnerabilities

Exercise 3 - Using Anti-Phishing Configuration

In this exercise, you will learn to configure Internet Explorer’s built-in anti-phishing function called SmartScreen Filter.

Learning Outcomes

After completing this exercise, you will be able to:

• Use available tools to mitigate Phishing