Run a Network Scan Using Nmap Lab Part 1

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
9 hours 54 minutes
Difficulty
Intermediate
CEU/CPE
4
Video Transcription
00:00
>> Hey everyone. Welcome back to the course.
00:00
In the last video we talked about
00:00
how our first control and
00:00
the CIS security controls maps to
00:00
the NIST Cybersecurity Framework.
00:00
In this video, we're going to go ahead
00:00
and do a simple lab.
00:00
We're just going to run a scan with
00:00
Nmap and specifically where to use Zenmap,
00:00
the GUI version of it.
00:00
Don't worry about it if you don't have experience
00:00
with Nmap or any hands-on experience,
00:00
we're going to walk through step by step
00:00
in this particular video.
00:00
I also want to mention that the step
00:00
by step guide you see on the screen here,
00:00
these are available for download
00:00
in the resources section of the course.
00:00
You're welcome to use
00:00
these to guide yourself through the lab,
00:00
or if you want to follow along with
00:00
the video, that's fine as well.
00:00
First things first,
00:00
you're going to be logged into Cybrary,
00:00
and then you're going to search for the run
00:00
a network scan using Nmap lab.
00:00
I've also included a link up top here,
00:00
so you can just click on that link from
00:00
your own system and it should
00:00
take you directly to the lab.
00:00
Once you get in the lab,
00:00
you'll go ahead and launch it,
00:00
click the launch item button.
00:00
It takes about a minute or two,
00:00
but once the lab launches,
00:00
you'll see the screen that we're looking at right now.
00:00
The first thing you want to do is just log
00:00
into the Windows machine here.
00:00
Just click on the screen there,
00:00
and then it gives you the credentials right here.
00:00
It should default to
00:00
putting your user account as the administrator,
00:00
and then all you should have to do is
00:00
just entering the password.
00:00
We're just going to enter in the word password,
00:00
so capital P, lowercase a, s, s,
00:00
w, the number 0,
00:00
so that's a 0 not a capital O,
00:00
lowercase r, d, and then exclamation point.
00:00
Then I'll go ahead and get us logged in there.
00:00
Might take just a moment or so to
00:00
pull up the desktop screen.
00:00
One thing I also want to mention as it's doing that is,
00:00
make sure you click through the lab and check
00:00
these boxes as you're going through it
00:00
so it will continue to mark your progress.
00:00
That way when you get to the end of
00:00
the lab that we're doing,
00:00
it will show as a 100 percent complete.
00:00
Now, I'm not going to do that on my end because I'm not
00:00
worried about showing completion on this particular lab,
00:00
but on your side,
00:00
you'll want to make sure you check those boxes
00:00
to show that you've completed those steps in the lab.
00:00
Once the Windows desktop screen there pulls up,
00:00
what you're going to do is launch
00:00
again this GUI version of Nmaps.
00:00
It's called Zenmap, so it's going to be
00:00
this little eye looking icon right here.
00:00
Just go ahead and double click on that.
00:00
Might take a moment or so for it
00:00
to go ahead and launch for you,
00:00
sometimes it's a little slow.
00:00
While it's doing that there,
00:00
we're going to take
00:00
a look back at our step by step guides.
00:00
Now we're going to be down here at Step Number 7,
00:00
so what we're going to do is enter
00:00
in this IP address range
00:00
and we're going to scan this entire range of subnets.
00:00
Let's go ahead and do that now. In this target box
00:00
here under Zenmap,
00:00
we're going to go ahead and enter in
00:00
that range of IP addresses.
00:00
It's going to be 192.168.10.1,
00:00
and then dash 255.
00:00
It's already defaulted to the intense scans.
00:00
If we look back at our step by
00:00
step guide here in Step 8,
00:00
just make sure that it is showing the intense scan there.
00:00
For some reason it's showing something else,
00:00
just make sure you select intense scan.
00:00
Then all you have to do is click the scan button.
00:00
Now, I'm going to pause the video here because it takes
00:00
about 4-5 minutes for the scan to run,
00:00
and we'll pick things back up once it's completed.
00:00
Do the same thing on your end.
00:00
While you're running this here,
00:00
go ahead and pause this video,
00:00
wait until it's done and then restart the video.
00:00
Now that the scan has completed,
00:00
the next thing we want to do
00:00
is go ahead and save the scan.
00:00
The way to do that is just click
00:00
the scan button at the top left,
00:00
and then we're going to select to save the scan.
00:00
Now, I'm going to go ahead and save
00:00
the scan to my desktop.
00:00
I'm going to go ahead and rename
00:00
the file, FirstScan.XML.
00:00
You'll see on the step by step guide we've
00:00
got it right there for you as well.
00:00
Now go ahead and just save that there.
00:00
We're going to take a look here in the
00:00
Nmap output window,
00:00
so we've got a couple of questions here.
00:00
Once we look at the results here and just
00:00
scroll up and down to review the results,
00:00
Question Number 1, do you see any Linux host?
00:00
Question Number 2, do you see any Windows host?
00:00
Common sense says you'll probably say
00:00
yes to that if you were scanning the actual network,
00:00
you'd probably say yes to both of those.
00:00
But let's actually take a look here and see what we have.
00:00
If we scroll up a little bit here,
00:00
we'll see that we do have a Linux host,
00:00
and if we keep scrolling up the page a little bit,
00:00
we'll also see that we've got
00:00
a few Windows host on
00:00
this particular network that we're finding.
00:00
You'll see here we've got some windows.
00:00
If we go up a little further, we got
00:00
some additional Windows machines as well.
00:00
Let's go back to our step by step lab guide.
00:00
Next thing we're going to do here in Step 12,
00:00
we're going to select the services tab,
00:00
and then we're going to select HTTP.
00:00
Let's go ahead and do that. I'm just going to
00:00
scroll down for continuity there.
00:00
Click the services tab right here and then select HTTP.
00:00
Now we have a question, so do
00:00
you see a web server on the network?
00:00
If your screen looks like mine,
00:00
then the answer is yes.
00:00
You do see a web server,
00:00
so you see an IIS server right here on the network.
00:00
The next thing we're going to do is select
00:00
the Resources tab,
00:00
and then we're going to choose the Linux1 machine.
00:00
We're going to log in to the other machine.
00:00
Just over here on the right side of the screen,
00:00
select Resources right here.
00:00
Then we're going to select
00:00
this Linux1 machine right here.
00:00
Going to take just a moment or so to pull up for us.
00:00
Now we just need to go ahead
00:00
and log in this particular machine.
00:00
It's got the username and password
00:00
on the right side here for us,
00:00
but we'll go ahead and just type that in.
00:00
You may not see as I type what I'm typing in,
00:00
so just be mindful of that on your end as you're typing,
00:00
make sure you're typing everything correctly.
00:00
We're going to type in u,
00:00
o, n, e,
00:00
all lowercase, and
00:00
then it's going to prompt us for the password,
00:00
which is going to be capital P, lowercase a,
00:00
and then the dollar sign,
00:00
the dollar sign again, lowercase w,
00:00
the number 0, lowercase r,
00:00
d, and then capital ABC 123.
00:00
By the way, never use a password that simple,
00:00
we all know that common sense.
00:00
You see we've gone ahead and logged in there,
00:00
let's go back to our step by step lab guide here.
00:00
Now what we're going to do is down
00:00
here on Step Number 15,
00:00
we're going to go ahead and type in this command
00:00
here to stop the service,
00:00
and then we'll go ahead and check the status of it.
00:00
We're going to type in sudo service sshd, and then stop.
00:00
Then just hit the Enter key on your keyboard there,
00:00
it usually will prompt you for the password.
00:00
We're going to enter in that same password,
00:00
so the capital P, lowercase a,
00:00
the dollar sign, the dollar sign,
00:00
lowercase w, the number zero,
00:00
lowercase r, d,
00:00
capital ABC, and then 123.
00:00
That should stop it for us there, perfect.
00:00
Now we just need to double check
00:00
ourselves to make sure that we
00:00
actually did stop the service.
00:00
We're going to type in sudo service sshd,
00:00
and then just check the status of it.
00:00
We'll see there that it's stopped.
00:00
Let's go back to our step by step lab guide.
00:00
Now we're going to go back to the Windows machine,
00:00
we'll go back to Resources and we're going to run
00:00
the same scan we did again.
00:00
Let's go back to our Windows machine here,
00:00
and we're going to run the exact same scan
00:00
again that we did before.
00:00
Now, what I'm going to do
00:00
is I'm just going to go ahead and close out
00:00
of this and just launch it
00:00
again just so you can see from a blank screen there.
00:00
But you don't have to do it that way,
00:00
you can just actually run the scan.
00:00
Now we're just going to type in, like I
00:00
said, the same IP address,
00:00
192.168.10.1- 255, so the same range,
00:00
and we're going to do the same intense scan.
00:00
Let's go ahead and scan that.
00:00
Similar thing here,
00:00
it's going to take about four to five minutes.
00:00
I'm going to pause this video and we'll pick
00:00
up the scan in the next video.
Up Next