Write an Intelligence Gathering Plan for a college. The intelligence gathering plan should identify the following: The Target. How you would gather passive data, including what data you would look for. What tools you would use. Documenting how you would perform active intelligence gathering, including how you would determine network topology, what operating systems are in use, and what services are accessible. Remember to account for variables like wired and wireless networks, onsite and cloud hosting, and virtual versus physical hosts.

tual machine. Me services that the we should anticipate seeing many ser p of the screen. Open Ptr Oro be IP address of the target system Part 2: Scanning Now we will perform a port scan of the Metasploitable will designed to be vulnerable, so we should anticipate erwise be available on properly secured Linux system One Terminal window using the menu bar at the top of 2. To run nmap, simply type nmap and the IP address address of the Metasploitable system: nmap [target IP). What ports are open, and what services are identified? Do identified all of the open ports on the system? 3. Now we will identify the operating system of the Metasploitabl. 2. Tols of the o you believe that you and what the system aitable virtual maci p, but this time ty Il possible ports virtual machine This is enabled using the - flag in nmap. Rerun your nmap.hu nmap -[target IP) and add -p 1-65535 to capture all possib What operating system and version is the Metasploitable virtual What additional ports showed up? Activity 2.2: Write an Intelligence Gathering Plan For this activity, design a passive intelligence gathering plan for an organization choice. You may want to reference a resource like OSSTMM, NIST SP 800 pentest-standard.org before you write the plan. Lab Exercises Your intelligence gathering plan should identify the following: . The target . How you would gather passive data, including what data you would look for What tools you would use Once you are done, use one or more of the references listed earlier to review your plan Identify what you missed and what additional data you could gather Repeat the activity, documenting how you would perform active intelligence gathering including how you would determine network topology, what operating systems are in use, and what services are accessible. Remember to account for variables like wired and wireless networks, onsite and cloud hosting, and virtual versus physical hosts. Activity 2.3: Intelligence Gathering Techniques Match each of the information types in the following chart to the tool that can help sati Route to a system net Open services via a network Wh IP traffic flow and volume Organizational conto otional contact information associated with domain registration Connections listed by protocol Zone transfer Packet capture Rani con il IP address assigned to the system. este virtual machine. Metapo many services that not oth dress of the target system. Use the IP Part 2: Scanning Now we will perform a port scan of the Metasploitable virtual designed to be vulnerable, so we should antici erwise be available on properly secured Linux system. 1. Open a Terminal window using the menu bar at the top of the ser 2. To run nmap, simply type nmap and the IP address of the targets address of the Metasploitable system: nmap [target IP). What ports are open, and what services are identified? Do you believe that identified all of the open ports on the system? Now we will identify the operating system of the Metasploitable virtual machine This is enabled using the - flag in nmap. Rerun your nmap, but this time type nmap -o [target IP] and add -p 1-65535 to capture all possible ports What operating system and version is the Metasploitable virtual machine running What additional ports showed up? Activity 2.2: Write an Intelligence Gathering Plan For this activity, design a passive intelligence gathering plan for an organization of your choice. You may want to reference a resource like OSSTMM, NIST SP 800-115, or pentest standard.org before you write the plan. Lab Exercises 69 Your intelligence gathering plan should identify the following: . The target . How you would gather passive data, including what data you would look for What tools you would use Once you are done, use one or more of the references listed earlier to review your plan. Identify what you missed and what additional data you could gather Repeat the activity, documenting how you would perform active intelligence gathering including how you would determine network topology, what operating systems are in use and what services are accessible. Remember to account for variables like wired and wireless networks, onsite and cloud hosting, and virtual versus physical hosts. Activity 2.3: Intelligence Gathering Techniques Match each of the information types in the following chart to the tool that can help gather in netstat Route to a system Whois Open services via a network tracerout IP traffic flow and volume Creepy Organizational contact information associated with domain registration nmap Connectionellatadhurotocol tual machine. Me services that the we should anticipate seeing many ser p of the screen. Open Ptr Oro be IP address of the target system Part 2: Scanning Now we will perform a port scan of the Metasploitable will designed to be vulnerable, so we should anticipate erwise be available on properly secured Linux system One Terminal window using the menu bar at the top of 2. To run nmap, simply type nmap and the IP address address of the Metasploitable system: nmap [target IP). What ports are open, and what services are identified? Do identified all of the open ports on the system? 3. Now we will identify the operating system of the Metasploitabl. 2. Tols of the o you believe that you and what the system aitable virtual maci p, but this time ty Il possible ports virtual machine This is enabled using the - flag in nmap. Rerun your nmap.hu nmap -[target IP) and add -p 1-65535 to capture all possib What operating system and version is the Metasploitable virtual What additional ports showed up? Activity 2.2: Write an Intelligence Gathering Plan For this activity, design a passive intelligence gathering plan for an organization choice. You may want to reference a resource like OSSTMM, NIST SP 800 pentest-standard.org before you write the plan. Lab Exercises Your intelligence gathering plan should identify the following: . The target . How you would gather passive data, including what data you would look for What tools you would use Once you are done, use one or more of the references listed earlier to review your plan Identify what you missed and what additional data you could gather Repeat the activity, documenting how you would perform active intelligence gathering including how you would determine network topology, what operating systems are in use, and what services are accessible. Remember to account for variables like wired and wireless networks, onsite and cloud hosting, and virtual versus physical hosts. Activity 2.3: Intelligence Gathering Techniques Match each of the information types in the following chart to the tool that can help sati Route to a system net Open services via a network Wh IP traffic flow and volume Organizational conto otional contact information associated with domain registration Connections listed by protocol Zone transfer Packet capture Rani con il IP address assigned to the system. este virtual machine. Metapo many services that not oth dress of the target system. Use the IP Part 2: Scanning Now we will perform a port scan of the Metasploitable virtual designed to be vulnerable, so we should antici erwise be available on properly secured Linux system. 1. Open a Terminal window using the menu bar at the top of the ser 2. To run nmap, simply type nmap and the IP address of the targets address of the Metasploitable system: nmap [target IP). What ports are open, and what services are identified? Do you believe that identified all of the open ports on the system? Now we will identify the operating system of the Metasploitable virtual machine This is enabled using the - flag in nmap. Rerun your nmap, but this time type nmap -o [target IP] and add -p 1-65535 to capture all possible ports What operating system and version is the Metasploitable virtual machine running What additional ports showed up? Activity 2.2: Write an Intelligence Gathering Plan For this activity, design a passive intelligence gathering plan for an organization of your choice. You may want to reference a resource like OSSTMM, NIST SP 800-115, or pentest standard.org before you write the plan. Lab Exercises 69 Your intelligence gathering plan should identify the following: . The target . How you would gather passive data, including what data you would look for What tools you would use Once you are done, use one or more of the references listed earlier to review your plan. Identify what you missed and what additional data you could gather Repeat the activity, documenting how you would perform active intelligence gathering including how you would determine network topology, what operating systems are in use and what services are accessible. Remember to account for variables like wired and wireless networks, onsite and cloud hosting, and virtual versus physical hosts. Activity 2.3: Intelligence Gathering Techniques Match each of the information types in the following chart to the tool that can help gather in netstat Route to a system Whois Open services via a network tracerout IP traffic flow and volume Creepy Organizational contact information associated with domain registration nmap Connectionellatadhurotocol