The Network Vulnerabilities Part 1 module provides you with the instruction and Server hardware to develop your hands on skills in the defined topics. This module includes the following exercises:
- Network Footprinting
- Packet Sniffing
Lab time: It will take approximately 1 hour to complete this lab.
The following exam objectives are covered in this lab:
- SY0-501 1.2: Compare and contrast types of attacks
- SY0-501 2.2: Given a scenario, use appropriate software tools to assess the security posture of an organization
- SY0-501 2.4: Given a scenario, analyse and interpret output from security technologies
Exercise 1 - Network Footprinting
In this lab, you will practise attack strategies such as footprinting, spoofing, and Denial of Service.
A network scan is usually the first step in an attempt to penetrate security (or indeed to establish what needs defending). Footprinting establishes the topology and protocols deployed on the network while fingerprinting determines the services and other configuration details of a target host.
One of the most popular scanning tools in nmap. This is a command-line program operated using scripts. A GUI version (Zenmap) can perform several very useful pre-configured scans though.
Exercise 2 - Packet Sniffing
Another critical information gathering tool is a protocol analyzer. This tool captures unicast packets sent to the host and broadcast packets on the same subnet. The most widely used is WireShark, which is bundled with Kali Linux.