Lab 2 Report and Challenge Questions
Lab 1.4
List the following Nmap scanning options in order of how invasive the scan is, beginning with the least intrusive
1. Normal scan (regular scan) - a basic port scan with no extra options.
2. Quick scan - this scan is faster than a normal scan because it uses the aggressive timing template and scans fewer ports.
3. Ping scan - this scan only finds which targets are up and does not port scan them.
4. Intense scan - intense, comprehensive scan. The -A option enables OS detection (-O), version detection (-sV), script scanning (-sC), and trace route (--traceroute). Without root privileges only version detection and script scanning are run. This is considered an intrusive scan.
5. Slow comprehensive scan - every TCP and UDP port is scanned. OS detection (-O), version detection (-sV), script scanning (-sC), and traceroute (--traceroute) are all enabled. Many probes are sent to host discovery. This is a highly intrusive scan.
Lab 1.11
In your Lab Report file, recreate the following table, and list the IP addresses discovered during the scan under the appropriate subnet column.
Mapping the Network
Subnet 10.3.0.x
Subnet 10.3.1.x
Subnet 10.3.2.x
10.3.0.1
10.3.1.1
10.3.2.6
10.3.0.5
10.3.1.2
10.3.2.1
10.3.0.6
10.3.1.6
10.3.2.3
10.3.0.250
10.3.1.7
10.3.2.2
10.3.0.254
10.3.1.250
10.3.2.250
Part 2
Lab 2.2
In your Lab Report file, re-create the following table. Complete the first two columns of the table for all computer hosts that expose any of these three TCP ports.
In the table, highlight the IP address of the machine with the oldest OS version. You will use this information later in the lab.
Enumeration for TCP Ports 135, 139, and 445
IP Address
OS Version Detected
NetBIOS Name
10.3.0.6
Windows 7
10.3.1.6
Windows XP SP2/SP3 or Windows Server 2003
SERVER-PHILLY
10.3.1.7
Windows 7 SP0/SP1 or Windows Server 2008 SP1 or Windows 8
10.3.2.1...