Turncomodofirewall

WhatYouWillNeedAUbuntumachinetoperformtheNmapscansAWebserverwithalargepagetoview,asyousetupinthepreviousproject.
StarttheWebServerDouble-clicktheVMwareWorkstationicononthedesktop.
IntheVMwareWorkstationwindow,fromthemenubar,clickView,GotoHomeTab.
OntheHometab,clicktheOpenExistingVMorTeamicon.
NavigatetotheV:drive,openyourfolder,opentheWindowsXPforHackingfolder,anddouble-clicktheWindowsXPProfessional.
vmxfile.
Ontheleftside,clickStartthisvirtualmachinelink.
Whenyourmachinestartsup,loginasStudent,oranyotheraccountwithAdministrativeprivileges.
VerifyingthatInternetInformationServices(IIS)isRunningOnthevirtualmachine'sdesktop,clickStart,AllPrograms,Accessories,CommandPrompt.
Typeinthefollowingcommand,thenpresstheEnterkey:netstat–anThiscommandlistsalltheactivenetworkconnections,asshownbelowonthispage.
LookforthelinethatshowsthattheLocalAddress0.
0.
0.
0:80isLISTENING–thatistheWebserverwaitingforanyconnectiontoport80.
Ifyoudon'tseetheprocesslisteningonport80,somethingiswrongwithyourWebserverandyouneedtofixitbeforeproceedingfurther.
UsingTaskManagertoDisplaythePerformanceofYourWebServerOnthevirtualmachine'sdesktop,right-clickthetaskbar(atthebottomofthescreen)andselectTaskManager.
InTaskManager,clickthePerformancetab.
YoushouldseeagraphlabeledCPUUsageHistory,asshowntotherightonthispage.
There'sanothergraphtheretoo,butthisistheoneofgreatestinterestnow.
LeavetheTaskManagerwindowopenonyourserver,anddragittothelowerrightcornerofthedesktopsoitwillbeeasytokeepitvisiblewhileotherwindowsareopen.
TurnOfftheFirewallIfyouhavetheComodofirewall,right-clicktheiconinthetaskbartrayandselectAdjustSecurityLevel,AllowAll.
Ifyouhavesomeotherfirewall,makesureitisoff.
FindingYourWebServer'sIPAddressOnthevirtualmachine'sdesktop,clickStart,Run.
TypeinCMDandpresstheEnterkey.
TypeinIPCONFIGandpresstheEnterkeyFindtheIPaddressofyourmachine—inS214,itstartswith192.
168.
1.
Writethataddressintheboxtotherightonthispage.
StartingYourUbuntuVirtualMachineDouble-clicktheVMwareWorkstationicononthedesktop.
IntheVMwareWorkstationwindow,fromthemenubar,clickView,GotoHomeTab.
OntheHometab,clicktheOpenExistingVMorTeamicon.
NavigatetotheV:drive,openyourfolder,opentheYourNameUbuntufolder,anddouble-clicktheYourNameUbuntu.
vmxfile.
Ontheleftside,clicktheStartthisvirtualmachinelink.
Ifyouseeamessagesaying"Thelocationofthisvirtualmachine'sconfigurationfilehaschanged…,"acceptthedefaultselectionofCreateandclickOK.
Whenyourmachinestartsup,loginaswiththenameandpasswordyouchoseinthepreviousproject.
RunningaNormalnmapScanoftheWebServerFromthemenubarintheupperleftcorneroftheUbuntudesktop,clickApplications,Accessories,Terminal.
IntheTerminalwindow,afterthe$prompt,enterthiscommand,thenpresstheEnterkey:nmapip-addrReplacingip-addrwiththeserver'sIPaddress.
Youshouldseeascanthattakesapproximatelyonesecond,asshownaboveonthispage.
Enterthenmapip-addrcommandagain,andthistimewatchtheCPUUsageHistorygraphontheWebserver.
Youshouldseeabriefspikeofactivity,asshowntotherightonthispage.
RunningMoreIntrusivenmapScanoftheWebServerIntheTerminalwindow,afterthe$prompt,enterthiscommand,thenpresstheEnterkey:nmapip-addr–sT–p1-65535–T5Replacingip-addrwiththeserver'sIPaddress.
ThisscanusescompleteConnecthandshakes,scansall65,535ports,anddoesitatthemaximumspeed.
(Toseeallthenmapoptions,typenmap--help.
)TheCPUUsageHistorygraphontheWebservershouldshowamuchlargerandlongersurgeofactivity,asshowntotherightonthispage.
TimingtheWebPageLoadWithoutaPortScanFindawatchwithasecondhand,ordouble-clicktheclockinaconvenientWindowsXPvirtualmachine,suchastheWebserver.
Onthehostmachine(oranyothermachineintheLAN),openabrowser.
IntheWebbrowser,entertheaddressbelow,Thenwaituntilatimeyoucaneasilyremember,suchasthestartofacertainminute,andpresstheEnterkey:IP-Address/big.
htmlDon'tentertheliteralstringIP-address;instead,typeintheWebServerIPfromtheboxonapreviouspage.
Waituntiltheentirepageloads,includingalltheimages,andwritetheelapsedtimeintheboxtotherightonthispage.
WhenIdidit,ittook50seconds.
MakingaShellScripttoRunTenPortScansIntheUbuntumachine,intheTerminalwindow,afterthe$prompt,enterthiscommand,thenpresstheEnterkey:echo"nmapip-addr–sT–p1-65535–T5">>tenscansReplacingip-addrwiththeserver'sIPaddress.
Theeasiestwaytoenterthiscommandistoprestheup-arrowtorepeatthepreviouscommandandthenedititwiththeleft-arrowandright-arrow.
IntheUbuntumachine,intheTerminalwindow,afterthe$prompt,presstheup-arrowkeyonce.
Youshouldseethesameechocommandappearagain.
PresstheEnterkey:Repeatthisprocesseightmoretimes,soyouhavedoneitatotaloftentimes.
Ifyoulosecount,andendupwith8or12repititions,that'sOK.
echo"nmapip-addr–sT–p1-65535–T5">>tenscansIntheUbuntumachine,intheTerminalwindow,afterthe$prompt,enterthiscommand,thenpresstheEnterkey:cattenscansYoushouldseetenlinesasshowntotherightonthispage.
Thisscriptwillruntenintrusivescans,makingtheWebserverbusyforaboutfiveminutes.
IntheUbuntumachine,intheTerminalwindow,afterthe$prompt,enterthiscommand,thenpresstheEnterkey:chmoda+xtenscansThiscommandmakesthetenscansfileexecutable.
IntheUbuntumachine,intheTerminalwindow,afterthe$prompt,enterthiscommand,thenpresstheEnterkey:.
/tenscansThiscommandexecutesthetenscansscript.
YoushouldseetheCPUUsageHistoryinyourWebserverincrease,andstayhigh,asshowntotherightonthispage.
TimingtheWebPageLoadDuringaPortScanOnthesamemachineyouusedtotimethepreviousportload,inthesamebrowserwindow,holddowntheShiftkeyandclicktheReloadbutton.
ThisforcesthepagetocompletelyreloadfromtheWebserver,notjustredrawfromthelocalcache.
Makeanoteofthetimeyoustartedthereload.
Waituntiltheentirepageloads,includingalltheimages,andnotetheelapsedtimeintheboxtotherightonthispage.
Ifitisloadingveryslowly,justwaitfor2or3minutes,andmakeanoteofhowmanyimagesloadedinthattime.
WhenIdidit,itonlyloaded3imagesafter4minutes.
SavingtheScreenImageGobacktotheserver,andlookattheCPUUsageHistory.
Youshouldseealotofactivity,lastingseveralminutes,asshowntotherightonthispage.
Yoursmaynotpeakat100%,butitshouldshowclearactivity.
PressCtrl+Alttoreleasethemouse,andclickonthehostWindowsXPdesktop.
PressthePrntScnkeytocopywholescreentotheclipboard.
OnthehostWindowsXPdesktop,openPaintandpasteintheimage.
SaveitasaJPEG,withthefilenameYourNameProj17a.
StoppingthePortScansIntheUbuntumachine,clickintheTerminalwindow.
HolddowntheCtrlkeyandpressCtocancelthescan.
Repeatthisuntilyouseethe$promptagain.
LookattheCPUUsageHistoryontheserver.
Soonitshoulddropdownto0%orso,asthedenialofserviceattackstops.
ProtectingtheServerWithaFirewallThereareplentyofgoodfirewallsoutthere,softwareandhardware.
Butforthisproject,therelativelyweakWindowsfirewallisgoodenough.
OntheWebserver'sdesktop,clickStart,ControlPanel.
Double-clickWindowsFirewall.
IntheWindowsFirewallbox,clickOn(recommended).
MakesuretheDon'tallowexceptionsboxiscleared,asshownaboveonthispage.
ClicktheExceptionstab.
ClicktheAddPortbutton.
IntheAddaPortbox,enteraNameofWebServerandaPortnumberof80.
MakesuretheTCPradiobuttonisselected,asshowntotherightonthispage.
IntheAddaPortbox,clickOK.
IntheWindowsFirewallbox,clickOK.
TestingtheWebServerOnthehostmachine(oranyothermachineintheLAN),openabrowser.
Entertheaddressbelow,andpresstheEnterkey:IP-Address/big.
htmlDon'tentertheliteralstringIP-address;instead,typeintheWebServerIPfromtheboxonapreviouspage.
Thepageshouldload,asbefore.
Ifitdoesnot,youneedtoadjustthefirewallsettings.
Makesurethereisonlyonefirewallturnedon,andthatport80TCPisopenforincomingtraffic.
StartingthePortScansAgainIntheUbuntumachine,intheTerminalwindow,afterthe$prompt,enterthiscommand,thenpresstheEnterkey:.
/tenscansThescanproceedsasbefore,butthistimetheCPUUsageHistoryshowsmuchlessburdenontheserver.
Thefirewallissavingtheserverfromtheattack!
SavingtheScreenImageMakesuretheserver'sCPUUsageHistoryisvisible,showingalowlevelofactivity,asshownaboveonthispage.
PressCtrl+Alttoreleasethemouse,andclickonthehostWindowsXPdesktop.
PressthePrntScnkeytocopywholescreentotheclipboard.
OnthehostWindowsXPdesktop,openPaintandpasteintheimage.
SaveitasaJPEG,withthefilenameYourNameProj17b.
TurninginyourProjectWritethetwo"TimetoLoadPage"valuesyoumeasuredinthebodyofyouremail!
EmailtheJPEGimagestomeasattachments.
Sendthemessagetocnit.
123@gmail.
comwithasubjectlineofProj17FromYourName.
SendaCctoyourself.
Lastmodified6-4-07