Project 6: Network & Vulnerability Scanning

📌 Lab Overview

In this lab, you will:

Use Nmap to scan for open ports and running services.
Run Masscan for high-speed scanning.
Detect brute-force attacks using logs.
Use Metasploit auxiliary scanning to find vulnerabilities.

✅ Prerequisites

You will need:

Debian Linux VM
Windows Server VM
Nmap, Masscan, Metasploit installed

🛠 Step 1: Network Scanning with Nmap

1️⃣ Find the IP Address of Your Windows VM

Run the following command in your Debian Linux terminal:

ip addr

Example output:

192.168.1.100

📷 Take a screenshot of your system’s IP address.

2️⃣ Run a Basic Nmap Scan

To check which ports are open on your Windows VM, run:

sudo nmap 192.168.1.100

This performs a basic scan to detect open ports.

📷 Take a screenshot of your scan results.

3️⃣ Perform an Advanced Nmap Scan

To gather OS and service information, use the -A flag:

sudo nmap -A 192.168.1.100

This will:

Detect running services
Identify operating system details
Check for potential vulnerabilities

📷 Take a screenshot of your advanced Nmap scan results.

🚀 Step 2: High-Speed Scanning with Masscan

1️⃣ Install Masscan (if not installed)

sudo apt install masscan -y

2️⃣ Run a Fast Network Scan

sudo masscan 192.168.1.100 --top-ports 100

This will:

Scan the top 100 most common ports
Provide faster results than Nmap

📷 Take a screenshot of your Masscan results.

🔐 Step 3: Detecting Brute-Force Attacks

1️⃣ Monitor Authentication Logs

View login attempts in Debian Linux:

sudo tail -f /var/log/auth.log

Press CTRL+C to exit.

sudo grep "Failed password" /var/log/auth.log

If brute-force attempts are happening, you’ll see multiple failed logins.

📷 Take a screenshot of detected failed login attempts.

3️⃣ Install & Enable fail2ban to Block Brute-Force Attacks

sudo apt install fail2ban -y
sudo systemctl start fail2ban
sudo systemctl enable fail2ban

This automatically bans IPs that repeatedly fail login attempts.

📷 Take a screenshot confirming fail2ban is running.

🎯 Step 4: Metasploit Auxiliary Scanning

1️⃣ Start Metasploit

sudo msfconsole

2️⃣ Scan SMB Services for Open Shares

use auxiliary/scanner/smb/smb_version
set RHOSTS 192.168.1.100
run

This checks for open file shares on Windows.

📷 Take a screenshot of your SMB scan results.

3️⃣ Scan for Known Vulnerabilities

use auxiliary/scanner/vuln/ghost
set RHOSTS 192.168.1.100
run

This checks if the Ghost vulnerability exists on the target.

📷 Take a screenshot of any detected vulnerabilities.

🔎 Final Check: What You Should See

By the end of this lab, you should: ✅ Have a detailed scan report from Nmap.
✅ See fast results from Masscan.
✅ Detect failed login attempts in logs.
✅ Identify vulnerabilities using Metasploit.

📷 Required Screenshots

✔ Nmap full scan results
✔ Masscan fast scan results
✔ Detected brute-force attempts
✔ Metasploit scanning results

🚀 Next Steps

Enable logging & monitoring for network security.
Practice writing firewall rules to block unwanted access.
Explore advanced scanning techniques.

📥 Submit Your Lab Report

Ensure you have documented all steps with screenshots.
Submit your findings and explanations.

🎯 Lab Completed! 🚀

Project 6: Network & Vulnerability Scanning#

📌 Lab Overview#

✅ Prerequisites#

🛠 Step 1: Network Scanning with Nmap#

1️⃣ Find the IP Address of Your Windows VM#

2️⃣ Run a Basic Nmap Scan#

3️⃣ Perform an Advanced Nmap Scan#

🚀 Step 2: High-Speed Scanning with Masscan#

1️⃣ Install Masscan (if not installed)#

2️⃣ Run a Fast Network Scan#

🔐 Step 3: Detecting Brute-Force Attacks#

1️⃣ Monitor Authentication Logs#

2️⃣ Check for Failed SSH Login Attempts#

3️⃣ Install & Enable fail2ban to Block Brute-Force Attacks#

🎯 Step 4: Metasploit Auxiliary Scanning#

1️⃣ Start Metasploit#

2️⃣ Scan SMB Services for Open Shares#

3️⃣ Scan for Known Vulnerabilities#

🔎 Final Check: What You Should See#

📷 Required Screenshots#

🚀 Next Steps#

📥 Submit Your Lab Report#