ssignment $5-2$: Nmap Techniques for Aggressive Enumeration and Firewall Evasion

Introduction: In this assignment, the objective is to utilize Nmap scripting to evade the detection of a firewall within a lab environment. Nmap is a renowned network$-$scanning utility, widely used by security professionals during security assessments. It supports various network$-$scanning techniques, a vital skillset for ethical hackers and penetration testers conducting security assessments.

Objectives:

Scan a whole Subnet.

Trace all the sent and received packets.

Perform a slow comprehensive scan.

Create a new profile to perform a Null Scan.

Scan TCP and UDP ports.

Analyze hosts details and their topology.

Scanning Techniques:

TCP Connect Scan

Xmas Scan

ACK Flag Scan

UDP Scan

IDLE Scan

Avoiding Scanning Detection

Instructions:

Configure the lab environment with the specified machines.

Perform the scanning tasks as outlined in the objectives.

Document each step and capture necessary screenshots.

Save all details in a Word or PDF file with appropriate headings.

Submit your completed file for evaluation.

Requirements:

Windows server machine

OWASP BWA

Windows $10$ machine

Ubuntu Metasploitable machine

Kali Linux machine

Wireshark

VMware$/$Oracle Virtualbox

Properly configure the network topology in your virtual environment.

Note: Since this assignment focuses exclusively on network scanning, specific machine downloads are not required. Any virtual machine for scanning $($apart from Kali$)$ suffices for the task.

Deliverables:

Identify the entire subnet in your machines.

Trace all sent and received packets.

Perform a slow comprehensive scan.

Create a new profile for a Null Scan.

Scan TCP and UDP ports.

Analyze hosts details and their topology.

Implement the specified scanning techniques.

TCP Connect Scan

Xmas Scan

ACK Flag Scan

UDP Scan

IDLE Scan

Avoid detection as much as possible.

Save your Nmap script and capture relevant screenshots where required in a document $($Word or PDF$)$ with appropriate titles.

Submit your files for grading.