ITIS 3110LAB 09

Network Audit

System Audit• Scenario

• You’ve been hired into a new Network Admin position• What is the networks status• What is on the system• What ports are open• What vulnerabilities are there?• Is it secure?

• Your job is to investigate the system and document it• You are only starting with the user id and password• You have Kali Linux on your Pi to help you analyze the system

System Audit• Procedure

• Download the bee-box VM• Create a Kali Linux on an 8GB or larger SD card

• Install ettercap (if needed)

• You may take a copy of the VM with you to do analysis later• On your VMPlayer• At a different time in the lab

• Note:• There is the compressed file (.7z) and the expanded directory with the files• Your choice

• Download the smaller .7z file and expand • Quicker download• Some time to expand

• Download the larger directory and wait• Long download• No expanding

Notes:• This is an extensively updated lab

• Has a new “victim” VM: bee-box• Uses Kali Linux on the Pi instead of backtrack on a VM

• Updated Kali for the Pi B/B+• A Kali VM is available if the Pi does not work

• If there are errors or omissions in the Lab• Highlight the error on your lab sheet• Turn in the lab sheet as part of the report• Note in the report the problems found

• The Shellshock vulnerability may be fixed on the workstation this semester• Document it either way

Upcoming Labs:• Lab 10

• New Lab – Wireless on the Pi

• Lab 11• Kerberos and LDAP

• Lab 12• SMTP SPF

• Lab 13• In-lab project time

• Lab 14 • Project presentations

GET STARTED