Common Network Vulnerabilities
Welcome to the Understand Common Network Vulnerabilities Practice Lab. In this module, you will be provided with the instructions and devices needed to develop your hands-on skills.
Introduction
Welcome to the Understand Common Network Vulnerabilities Practice Lab. In this module, you will be provided with the instructions and devices needed to develop your hands-on skills.
Learning Outcomes
In this module, you will complete the following exercises:
- Exercise 1 - Spoofing a DNS Server
- Exercise 2 - Exploring DNS Server Vulnerabilities
- Exercise 3 - Using Anti-Phishing configuration
After completing this lab, you will be able to:
- Defend against a Man in the Middle Attacks (MITM)
- Perform ARP Poisoning
- Spoof a DNS Server
- Identify DNS server vulnerabilities
- Use available tools to mitigate phishing
Exam Objectives
The following exam objectives are covered in this lab:
- N10-007 1.8 Explain the functions of network services (DNS service, Record types, MX)
- N10-007 4.4 Summarize common networking attacks (DoS, Phishing)
- N10-007 4.4 Summarize common networking attacks (DoS, DNS poisoning)
- N10-007 4.4 Summarize common networking attacks (DoS, Spoofing)
- N10-007 4.4 Summarize common networking attacks (DoS, Man-in-the-middle)
- N10-007 5.2 Given a scenario, use the appropriate tool (Command line, dig)
Lab Duration
It will take approximately 1 hour to complete this lab.
Exercise 1 - Spoofing a DNS Server
Linux has a utility called Ettercap that can simulate a DNS spoofing (DNS cache poisoning) where false information is introduced to a Domain Name System (DNS) server causing it to return incorrect IP address and diverting traffic to the attacker’s computer.
In this exercise, you will learn how to use Ettercap tool to observer DNS spoofing in action.
Learning Outcomes
After completing this exercise, you will be able to:
- Understand Man in the Middle Attacks (MITM) and how to stop them
- Become familiar with ARP Poisoning
- Spoof a DNS Server
Exercise 2 - Exploring DNS Server Vulnerabilities
Public DNS servers are at most risk for attacks as they are accessible to any device on the Internet that needs to resolve a fully qualified domain name to its numeric IP address. In most cases, public DNS servers will only respond to resolve a hostname and IP address, and will not accept zone transfer data from unknown DNS servers.
In this exercise, we will add a few more records to the PLABDC01 DNS, to test how zone transfer works. You will use a Linux tool called dig to initiate a zone transfer with a Windows DNS server.
Learning Outcomes
After completing this exercise, you will be able to:
- Explore DNS Server Vulnerabilities
Exercise 3 - Using Anti-Phishing Configuration
In this exercise, you will learn to configure Internet Explorer’s built-in anti-phishing function called SmartScreen Filter.
Learning Outcomes
After completing this exercise, you will be able to:
- Use available tools to mitigate Phishing
See the full benefits of our immersive learning experience with interactive courses and guided career paths.