Overview

Introduction

The Understand Common Network Vulnerabilities module provides you with the instruction and Server hardware to develop your hands on skills in the defined topics. This module includes the following exercises:

  • Spoofing a DNS Server
  • Exploring DNS Server Vulnerabilities
  • Using an Anti-Phishing Toolbar

Exam Objectives

The following exam objectives are covered in this lab:

  • 3.2 Compare and contrast common network vulnerabilities and threats (Social engineering and Man-in-the-middle)
  • 3.5 Given a scenario, install and configure a basic firewall (Host-based, Implicit deny, Block/allow, Outbound traffic, Inbound traffic, Internal/external)
  • 4.7 Given a scenario, troubleshoot and resolve common security issue (Misconfigured firewall)

Exercise 1 - Spoofing a DNS Server

Kali Linux has a utility called Ettercap that can simulate a DNS spoofing (DNS cache poisoning) where false information is introduced to a Domain Name System (DNS) server causing it to return incorrect IP address and diverting traffic to the attacker’s computer.

In this exercise, you will learn how to use Ettercap tool and know what DNS spoofing is all about.

Exercise 2 - Exploring DNS Server Vulnerabilities

Public DNS servers are at most risk for attacks as they are accessible to any device in the Internet that needs to resolve a fully qualified domain name to its numeric IP address. In most cases, public DNS servers will only respond to resolve a hostname and IP address, but will not accept zone transfer data from unknown DNS servers.

In this exercise, we will add a few more records to PLABDC01 DNS, to test how zone transfer works. You will use a Kali Linux tool called dig to initiate a zone transfer with a Windows DNS server.

Exercise 3 - Using an Anti-Phishing Toolbar

In this exercise, you will learn the following in this course:

  • Anti-Phishing Toolbar: Netcraft

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.