In this lab, we will use security utilities provided with Kali Linux to conduct a risk assessment. The lab provides a subnetwork of Linux and Windows servers to provide a complete VPC for exercising the Kali Linux utilities.
Successfully complete this lab by achieving the following learning objectives:
- Access the Kali Linux System
Establish a session to the Kali Linux system:
Change to superuser:
- Identify the Address Assigned to the Ethernet Controller
Query the ethernet configuration on the Kali Linux server:
Make note of the IP address assigned to the primary ethernet controller.
- Use the `nmap` Command to Explore the Subnet
nmaputility to explore the ports open on the subnetwork.
For help with
To scan a series or range of subnet private IP addresses:
nmap -sn 10.0.1.1-255
To try other flags to speed the port scanning process:
nmap -T4 -Pn -n -p- --min-parallelism 50 to 100 -vv 10.0.1.1-255 --max-retries 0 or 1
- Use the hping3 Utility to Analyze a Single Host
Use the hping3 to scan a certain host on the subnet:
hping3 -1 <INTERNAL_IP_ADDRESS_OF_HOST>
Note: You may obtain the internal IP address of the host from the lab interface, the output from an
nmapcommand, or the AWS dashboard.
- Use `nslookup` to Explore the Nameserver Configuration of Various Hosts
nslookupto explore the A record on google.com:
nslookup > google.com
nslookupto look at MX records on google.com
nslookup > set q=MX > google.com
nslookupto interrogate other address types:
nslookup > set type=any > google.com
- Use the dig Tool to Attempt a Domain Zone Transfer
The syntax for the
dig axfr [domain host] [IP Address To Transfer To]
- Use `finger` to Determine Which Users Are Logged into Any Given Host
fingercommand to see who is logged in on a host:
finger -s root