• Basic system and network commands for reconnaissance.
• Tracing routes and analyzing network hops.
• Querying Active Directory for system and user enumeration.
• Checking DNS records and reverse lookups.

---

Objective: Use basic system commands to gather information about the local machine and its network configuration.

1. Identify the currently logged-in user:

   whoami

2. Check the system hostname:

   hostname

3. Test external connectivity with a single ping:

   ping -n 1 google.com

4. Display IP address and network configuration:

   ipconfig

Deliverable:

• Screenshot of command outputs showing system and network details.

---

Objective: Verify connectivity and analyze the route to champlain.edu.

1. Ping Champlain’s domain:

   ping champlain.edu

2. Trace the route and identify network hops:

   tracert champlain.edu

3. Record the number of hops and note any unusual delays.

Deliverable:

• Screenshot of the tracert output with the number of hops recorded.

---

Objective: Enumerate Windows machines and domain users from the Active Directory.

1. List all Windows computers in the domain:

   Get-ADComputer -Filter *

2. Enumerate domain users:

   Get-ADUser -Filter *

Deliverable:

• List of retrieved domain computers and users.

---

Objective: Identify DNS A records and perform a reverse lookup for PTR records.

1. Find the A record for Champlain.edu:

   nslookup champlain.edu

2. Perform a reverse lookup for an IP address (PTR record):

   nslookup <IP-ADDRESS>

Deliverable:

• Screenshot of DNS queries and PTR lookup results.

---

• Tracing network routes helps identify latency and potential bottlenecks.
• Active Directory enumeration provides insight into domain structure.
• DNS records are crucial for verifying domain configurations.

---

Back to Main Page