Performing Reconnaissance from the WAN

CEH Exam Domain:
Domain 2: Analysis/Assessments
Domain 4: Tools/Systems/Programs

CEH Objective Mapping:
Objective 2.2 Information Security Assessment Process
Objective 4.3 Information Security Tools

Overview

In this lab, you will be performing reconnaissance from an external IP address from the WAN (wide area network) within this topology, You will also use tools to capture user credentials, and with those captured credentials, log into and compromise the system.

Outcomes:

In this lab, you will learn to:

Use nmap to perform banner grabbing.
Use nmap to determine the operating system and applications running on a system.
Use tools to capture credentials on a system.
Use remote desktop to log in to a system from captured credentials.

Courses

Ethical Hacking and Systems Defense Skill Lab

Key terms and descriptions

TELNET

A protocol where the data is transmitted between two machines over in clear text. The use of TELNET, which uses port 23, should be avoided on networks because it is not secure.

Kali

A Linux distribution used for penetration testing or for hacking.

Zenmap

A GUI front end for nmap; will allow you to scan for open ports and services.

Metasploit

A framework that contains exploits for various information systems.

nmap

A port scanner which will indicate whether ports are open or closed on a remote system.