Use Banner Grabbing Techniques to Enumerate Services on a Linux Server
This IT Pro Challenge virtual lab shows you how to use both the Terminal application and the telnet tool to connect to FTP, HTTP, and SSH servers to display operating system information, as well as service (FTP, HTTP, SSH) software information. You will also execute an installation script and install the FTP client software.
Already have an account? Sign In »
In this IT Pro Challenge, learners will install and enable the FTP and HTTP services, use FTP, SSH, and HTTP client software to discover operating system and server software information, as well as use telnet to discover FTP, SSH, and HTTP operating system and server information. As a result, learners will develop skills in banner grabbing and understand how attackers get information on target systems. The skills acquired in this lab are useful for careers as a system administrator or penetration tester.
Overview
The scenario for this virtual lab is that you are a Linux system administrator in charge of a file server. As part of your duties, you need to install both the FTP and HTTP services and confirm that the Secure Shell (SSH) service is running. Then you will try to connect to each service and document the operating system and service software (for both FTP and HTTP). To finish, you will use the telnet command to document the operating system and service software.
Install and enable services on CentOS7-A
To begin the lab, you will sign into the CentOS 7 Linux virtual machine (CentOS7-A) and launch the Terminal command-line application. First, you need to get root privileges (su - root). Then, from the same virtual machine, select Resources, then the DVD drive, and then InstallationScript1.iso. Run the following commands to configure access to the installation script on the DVD drive: Mount /dev/cdrom /media cd /media
Execute the install script by running the ./install-script-1.bash command. Then you need to run the ip addr show eth0 command to display the IP address. Make a note of the IP address; you will use it later in the lab.
Use client software as a banner-grabbing tool
Now you're going to switch to a second virtual machine (running a Kali Linux server) that will be the client machine, launch the Terminal application, run the apt-get update command to check for updates and then install the File Transfer Protocol (FTP) client. Then you need to connect to the FTP server by running the __ftp IPAddr __command. You will review the operating system and FTP server software names and then disconnect from the FTP server by running the __bye __command. You then need to connect to the HTTP server to get the operating and HTTP server software names by running the curl -s -L IPAddr command. Finally, launch a Firefox browser window, navigate to http://IPAddr, and review the operating system and HTTP server information.
Use telnet as a banner-grabbing tool
In the final step, you're going to get the same information you did in the previous steps of this lab, but differently, using the telnet tool.
Return to the Terminal and use telnet to try to connect to the FTP server by running the telnet IPAddr 21 command. Then press Ctrl-C to interrupt the connection and review the server information, verifying that it matches what you reviewed in the lab's previous steps. Disconnect and then try telneting to the SSH server (port 22). Disconnect again and connect to the HTTP server (port 80). Run the __display __command to display system information.
Summary Conclusion
By taking this virtual lab, you will learn how to install and enable both the FTP and HTTP services and use FTP, HTTP, and SSH client software to discover operating and server software information. You will also learn how to get the same information about the FTP, HTTP, and SSH servers by using the telnet tool.
