Here is the full lab.md file for Project 6: Network & Vulnerability Scanning in a single markdown block, formatted like Project 2 Lab and Project 4 Lab, ensuring everything is in one continuous file for easy copying.
---
title: "Project 6: Network & Vulnerability Scanning"
description: "A hands-on lab covering Nmap, Masscan, brute-force detection, and Metasploit auxiliary scanning."
date: 2025-02-11
tags: ["Nmap", "Masscan", "Metasploit", "Cybersecurity", "Vulnerability Scanning"]
categories: ["Projects"]
draft: false
---
# Project 6: Network & Vulnerability Scanning
## π Lab Overview
In this lab, you will:
- **Use Nmap** to scan for open ports and running services.
- **Run Masscan** for high-speed scanning.
- **Detect brute-force attacks** using logs.
- **Use Metasploit auxiliary scanning** to find vulnerabilities.
## β
Prerequisites
You will need:
- **Debian Linux VM**
- **Windows Server VM**
- **Nmap, Masscan, Metasploit installed**
---
## π Step 1: Network Scanning with Nmap
### 1οΈβ£ Find the IP Address of Your Windows VM
Run the following command in your Debian Linux terminal:
```bash
ip addr
Example output:
192.168.1.100
π· Take a screenshot of your systemβs IP address.
2οΈβ£ Run a Basic Nmap Scan
To check which ports are open on your Windows VM, run:
sudo nmap 192.168.1.100
This performs a basic scan to detect open ports.
π· Take a screenshot of your scan results.
3οΈβ£ Perform an Advanced Nmap Scan
To gather OS and service information, use the -A flag:
sudo nmap -A 192.168.1.100
This will:
- Detect running services
- Identify operating system details
- Check for potential vulnerabilities
π· Take a screenshot of your advanced Nmap scan results.
π Step 2: High-Speed Scanning with Masscan
1οΈβ£ Install Masscan (if not installed)
sudo apt install masscan -y
2οΈβ£ Run a Fast Network Scan
sudo masscan 192.168.1.100 --top-ports 100
This will:
- Scan the top 100 most common ports
- Provide faster results than Nmap
π· Take a screenshot of your Masscan results.
π Step 3: Detecting Brute-Force Attacks
1οΈβ£ Monitor Authentication Logs
View login attempts in Debian Linux:
sudo tail -f /var/log/auth.log
Press CTRL+C to exit.
2οΈβ£ Check for Failed SSH Login Attempts
sudo grep "Failed password" /var/log/auth.log
If brute-force attempts are happening, youβll see multiple failed logins.
π· Take a screenshot of detected failed login attempts.
3οΈβ£ Install & Enable fail2ban to Block Brute-Force Attacks
sudo apt install fail2ban -y
sudo systemctl start fail2ban
sudo systemctl enable fail2ban
This automatically bans IPs that repeatedly fail login attempts.
π· Take a screenshot confirming fail2ban is running.
π― Step 4: Metasploit Auxiliary Scanning
1οΈβ£ Start Metasploit
sudo msfconsole
2οΈβ£ Scan SMB Services for Open Shares
use auxiliary/scanner/smb/smb_version
set RHOSTS 192.168.1.100
run
This checks for open file shares on Windows.
π· Take a screenshot of your SMB scan results.
3οΈβ£ Scan for Known Vulnerabilities
use auxiliary/scanner/vuln/ghost
set RHOSTS 192.168.1.100
run
This checks if the Ghost vulnerability exists on the target.
π· Take a screenshot of any detected vulnerabilities.
π Final Check: What You Should See
By the end of this lab, you should:
β
Have a detailed scan report from Nmap.
β
See fast results from Masscan.
β
Detect failed login attempts in logs.
β
Identify vulnerabilities using Metasploit.
π· Required Screenshots
β Nmap full scan results
β Masscan fast scan results
β Detected brute-force attempts
β Metasploit scanning results
π Next Steps
- Enable logging & monitoring for network security.
- Practice writing firewall rules to block unwanted access.
- Explore advanced scanning techniques.
π₯ Submit Your Lab Report
Ensure you have documented all steps with screenshots.
Submit your findings and explanations.
π― Lab Completed! π