Lab 2.2 - Port Scanning 2

NMAP

The p flag is used to specify what port to scan for.

sudo nmap 10.0.17.106 -p 3389

Remmina

This is a RDP application for kali. Enter the following command to install it.

sudo apt-get install remmina

After run the remmina application. Enter the ip address of the windows machine.

More NMAP

The first nmap scan for version detection using the V flag, below is the command used to find info about the version of the system. Also notice the s flag, that means verbose and provides more information overall. Here is that command:

sudo nmap 10.0.17.106 -sV -p 3389

Next the A flag is used to try and gain even more information about the host. This flag also runs a traceroute on the host as well.

sudo nmap 10.0.17.106 -A -p 3389

Next, scan ports 1 through 6000 with the following command:

sudo nmap -p 1-6000 -sT 10.0.17.106

Next on the Windows machine, I turned on file and printer sharing which opened up more ports on the Windows machine. When I ran the previous command, the scan found more ports were open. I then did a version scan only on the ports that were previously found in the command below:

sudo nmap -p 135,139,445,3389 -sT 10.0.17.106

Finally, in the last scan, the A flag is again used against the exposed ports.

sudo nmap -p 135,139,445,3389 -sT -A --traceroute 10.0.17.106

Reflection

This lab seemed pretty straightforward although it was my first encounter with Remmina. It was interesting to see how much information can be pulled by nmap.