|
Size: 823
Comment:
|
← Revision 11 as of 2021-04-08 19:55:43 ⇥
Size: 1336
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| = Lab 09 - Network and Vulnerability Scanning = | = Lab 08 - Network and Vulnerability Scanning = |
| Line 4: | Line 4: |
| The purpose of this lab is to introduce you to Microsoft Baseline Security Analyzer MBSA from your Windows 10 machine, and NMAP and OpenVAS on kali. | The purpose of this lab is to introduce you to NMAP and OpenVAS on kali. |
| Line 7: | Line 7: |
| 1. Scan all of your windows computes with MBSA from your Windows 10 Machine. | |
| Line 14: | Line 13: |
| 1. Download and install MBSA on your Windows 10 machine. Run this and save the reports. | 1. Report all open ports using NMAP. 1. Download and install [[https://www.kali.org/penetration-testing/openvas-vulnerability-scanning/|OpenVAS]] on your Kali machine. Why it's not already there? I'm not sure. 1. I also had problems with this step because updates were not happening correctly. 1. The fix was simple: http.kali.org always used the archive-7.kali.org mirror, so I changed it to be hard coded in /etc/apt/sources.list to use archive-6.kali.org. Hopefully next year this will be fixed. |
| Line 17: | Line 19: |
| 1. List the elements that you must show me for full credit. 1. If you don't complete the lab in class, then you need to do this section in a video. |
1. Show the NMAP output reports nicely organized - pick a tool. 1. Show Greenbone Working by showing an OpenVAS scan of all your computers. == Hints == In 2021, we had problems getting files to sync. It seems that they might be limiting us to one download per IP. Kendric got the following to work: {{{#!bash sudo apt install rsync sudo greenbone-scapdata-sync --refresh }}} |
Lab 08 - Network and Vulnerability Scanning
Introduction
The purpose of this lab is to introduce you to NMAP and OpenVAS on kali.
Lab Goals
- Use NMAP to scan each of the computers to determine open ports.
- Use OpenVAS to scan all computers on your network - including Windows.
Setup
You need GUI access to your Kali machine, and all your machines must be on.
- Report all open ports using NMAP.
Download and install OpenVAS on your Kali machine. Why it's not already there? I'm not sure.
- I also had problems with this step because updates were not happening correctly.
- The fix was simple: http.kali.org always used the archive-7.kali.org mirror, so I changed it to be hard coded in /etc/apt/sources.list to use archive-6.kali.org. Hopefully next year this will be fixed.
Show Me
- Show the NMAP output reports nicely organized - pick a tool.
- Show Greenbone Working by showing an OpenVAS scan of all your computers.
Hints
In 2021, we had problems getting files to sync.
It seems that they might be limiting us to one download per IP. Kendric got the following to work:
sudo apt install rsync sudo greenbone-scapdata-sync --refresh