Activity 2.1 Host Discovery - nicolas-tullio/Tech-Journal GitHub Wiki

Deliverables

Deliverable 1: Provide a screenshot similar to the one below that shows 1 outbound ping and the captured request and reply.

image

Deliverable 2: Submit a screenshot that shows either your 1 liner command or source code, followed by a cat of sweep.txt.

image

Deliverable 3: Now, do the same thing with fping.

image image

Deliverable 4. Use nmap's -sn switch to scan 10.0.5.21. Capture traffic on eth0 using Wireshark. Provide a screenshot of your wireshark output.

image

Deliverable 5. Closely examine What destination ports and protocols were used in the use case? What observations do you have when comparing this to the ping and fping tests?

It looks like nmap used TCP ports 443 and 80 to see if the host is alive. Ping and fping on the other hand use ICMP requests and replies.

Deliverable 6. Write a bash script that conducts a nmap -sn scan of 10.0.5.2-50 similar to ping and fping. Take a screenshot that shows the execution and output.

image

Steps

Ping

image image

Ping script

#!/bin/bash
for i in {2..50}
do
  if ping -c 1 -W 1 10.0.5.$i > /dev/null
  then
    echo "10.0.5.$i is up" >> sweep.txt
  fi
done

Output

image

Fping

Fping script

#!/bin/bash
for i in {2..50}
do
  if fping -c1 -t100 10.0.5.$i > /dev/null
  then
    echo "10.0.5.$i is up" >> sweep2.txt
  fi
done

Output

image

NMAP

image image

NMAP script

#!/bin/bash
for i in {2..50}
do
  if nmap -sn 10.0.5.$i | grep "Host is up" > /dev/null
  then
    echo "10.0.5.$i is up" >> sweep3.txt
  fi
done

Output

image

Reflection

This assignment gave me some trouble when it came to scripting. It isn't really my strong suit so once I wrote the first one I used it as a building block to assist me with the others. This caused some issues as the commands require different parameters but some tweaking got it working.