This week we talked about initial scans using NMAP and NESSUS. We also talked about using TCPDUMP as a packet sniffer. As you work through your virtual environment this week, choose one (or more) of the following questions:
- What issue(s) are you encountering with NMAP, NESSUS, or other scanning tools?
- Did you discover any “interesting” traffic with TCPDUMP?
- How does practicing with a vulnerable device, such as the “MetaSploitable” help you learn more about vulnerability scanning and penetration testing?
Class Four:
Presentation Slides (Handouts)
Eugene Angelo Tartaglione says
What issue(s) are you encountering with NMAP, NESSUS, or other scanning tools?
I personally have only used NMAP and Wireshark. With that in mind, I think that one issue I see with these tools is that you have to capture active packets. If you do not have the tool running when issues arise, or forget to have the traffic writing to a file, it is basically all for not.
Antonio Cozza says
How does practicing with a vulnerable device, such as the “MetaSploitable” help you learn more about vulnerability scanning and penetration testing?
Ultimately, the most learning one can do with penetration testing is to apply “hands on the keyboard” and get practice in so that one can develop “the eye” in this field. This entails gaining the experience to know what to look for in terms of vulnerabilities. When certain ports are open there is clear indication to try certain exploits. If it is seen that there is a way to upload a file, uploading a reverse shell payload would be one common strategy to try. Practicing on vulnerable devices will also give experience of different methods of privilege escalation based on observed processes, permissions, shared resources, etc. I have done a lot of practice on TryHackMe, comparable to HackTheBox, and over time practicing on these vulnerable networks I have learned a lot of commonly applicable techniques in real world scenarios regarding penetration testing.
Dhaval Patel says
How does practicing with a vulnerable device, such as the “MetaSploitable” help you learn more about vulnerability scanning and penetration testing?
The best way to learn about vulnerabilities within systems is to experience them with hands-on practice as others have said. Running and learning about tools like MetaSploitable provides that hands-on experience that one would miss out on by simply going over theory. You get to learn about the process and how to apply payloads and see what vulnerabilities exist and how you can mitigate them.
Tal Eidenzon says
How does practicing with a vulnerable device, such as the “MetaSploitable” help you learn more about vulnerability scanning and penetration testing?
I found “MetaSploitable” to be very close to a realistic situation as possible. I thoroughly enjoyed working through it and even troubleshooting my environment during the initial setup. In real life there will not be any “hand-holding” so I enjoy this style of learning very much. Practicing with “metaSploitable” helped me learn about the types of vulnerabilities that are out there, how to identify them, and ways to exploit these known vulnerabilities.
Dhaval Patel says
Hi Tal,
I agree the MetaSploitable demo/exercises were close to a realistic situation, and these are the best methods to learn how the tool works. Seeing how to properly apply the tool provides a lot of beneficial takeaways.
Krish Damany says
What issue(s) are you encountering with NMAP, NESSUS, or other scanning tools?
Any scanning tool is beneficial to finding out network activity across many devices connected to that network. This means that data is being recorded in real time and every packet is being recorded from many different sources. These sources could be someone watching Netflix or playing a video game over the internet. This adds stress to one’s hard drive and depending on the size, it could quickly fill up. The other main issue is that not all computers are powerful enough to keep it running for long periods of time without having that machine be solely dedicated to it. I would have to quit out of most other applications just to my computer could adequately run it.
Andrew Nguyen says
Practicing with Metasploitable has been a valuable experience for me.
Just getting used to small/basic commands such as ifconfig and other linux terminal commands has helped me feel a bit more comfortable with using some of the more advanced tools of the library such as the Metasploit Framework.
Patrick Jurgelewicz says
What issue(s) are you encountering with NMAP, NESSUS, or other scanning tools?
My issue wasn’t necessarily with nmap, but when trying to scan my metasploitable machine I received a response that all of its ports were closed. This ended up just being an issue with my machines’ network settings, and once I reconfigured them I was able to successfully run an nmap scan on the metasploitable machine.
How does practicing with a vulnerable device, such as the “MetaSploitable” help you learn more about vulnerability scanning and penetration testing?
The biggest advantage with working with a vulnerable device like this is the experience gained from working through the steps of an exploit. Once you get a feel for working through this process, it becomes easier to recognize vulnerabilities and how to work with them.