Network Discovery Midterm

1
Network Discovery Midterm

• Instructor Dr. Mark Stamp
• CS Technician Kevin Ross
• Equipment
• Linksys WRT54G WAP
• Via Mini-ITX PC
• Cords, powerstrip, etc.

2
WAP
SSID jasmine WEP Key c0ffee2020 IP
192.168.20.1 Running DD-WRT firmware Gives out
IP addresses in range 192.168.20.100-150
3
WAP

• Open Ports
• Port Service
• 22 ssh (secure shell access)
• 53 dns (ipmasq)
• 80 http (config tool)

4
Firewall
Ports open (forwarded to static IP
192.168.20.120) 23 8080
5
Networked computer
Hostname bob-desktop IP Address
192.168.20.120 Running Ubuntu 7.10 Form factor
mini-itx Hardware condition deceased
6
Networked computer
Open ports Port Service 23 SSH (OpenSSH) 8080 H
TTP (lighttpd web server)
7
(No Transcript)
8
Bob-desktop port 8080
Web root folder
images
music
stuff
9
Web root folder
index.html links to other directories
robots.txt excludes directory stuff
10
images
index.html
11
music
index.html
12
stuff
info.txt.bfa
index.html
13
info.txt.bfa

• blowfish encrypted file
• Internet search .bfa extension
• Many command line programs will decrypt

14
info.txt.bfa

• Password frequently mentioned word from web
  pages
• Contents bobs password, among others

15
Tools

• nmap, nmapfe, nessus
• wget, or remember to check for robots.txt and use
  web browser

16
Problems

• Firewall scan difficult because all laptops were
  1 hop from WAPneeded IP of internal machine or
  to perform scan one team at a time.
• WAP DHCP server temporarily assigned what was
  supposed to be the static IP of internal machine,
  192.168.20.120, to a users laptop.
• Via hardware died a premature death.

17
Questions