CIS 403 Project Part 1: Reconnaissance with complete solution

Project Part 1: Reconnaissance Christopher Fuhrer ECPI University CIS403 To start off, I will first login to Kali Linux and start my passive mode reconnaissance. I This study source was downloaded by from CourseH on 12-09-2021 23:53:19 GMT -06:00 This study resource was shared via CourseH can also use tcpdump to analyze the packets. Most of the IP addresses announce themselves on the network, without doing any type of scan. User Datagram Protocol (UDP) NetBIOS Datagrams are sent to the network broadcast address. Address Resolution Protocol uses the broadcast MAC address of FF:FF:FF:FF:FF:FF. These broadcasts are sent to all machines within a single broadcast domain; meaning ARP broadcasts are not forwarded off a LAN segment. This can also be categorized as passive sniffing of the network. Another way we can listen passively on the internal network is by using Wireshark. After a passive reconnaissance, we can start with an active reconnaissance. In an active recon, I am actually touching or gaining access to the servers in this case. I will perform a banner grab which is connecting to a remote IP address and a corresponding port. I will use telnet to perform the banner grab. I can also use netcat as well. The servers have common port numbers associated with their services for instance, port 21 corresponds to File Transfer Protocol. I can also use nmap for vulnerability scanning. Banner grabbing allows me to determine if a port is open and possibly reveal information about the application and operating system software. And, it will also leave a much smaller footprint than when a scan is performed with a tool like Nmap or Zenmap. I can scan the remote c amount of the ports but not all. When you scan a machine that is on the Internet, you will not see