Practice Exercise: Basic Computer Networking Lab using Linux nmap Command
Introduction
Welcome to the Basic Computer Networking Lab! In this lab, you will learn how to use the nmap command on a Linux server to effectively explore networking aspects, troubleshoot network issues, and perform security assessments. This hands-on lab is designed to help future Site Reliability Engineers (SREs) gain practical experience with nmap.
Prerequisites
Before you begin this lab, you should have the following:
- Access to a Linux server (e.g., Ubuntu, CentOS) as your client
- Basic knowledge of Linux command-line interface (CLI)
- SSH access to the Linux server
- Administrative privileges or sudo access on the server
Scenario
You are a future Site Reliability Engineer (SRE) responsible for ensuring the availability and security of online services. You will use your Linux server as a client to perform network scans and troubleshoot network issues. Additionally, you will use nmap to assess the security posture of your server and external websites.
Task 1: Basic Port Scan
Objective: Learn how to perform a basic port scan using nmap.
Procedure:
- Log in to your Linux server using SSH.
- Open a terminal window.
- Run the following command to perform a basic port scan on your server:
nmap localhost
- Analyze the output to identify open ports on your server.
Task 2: Service Version Detection
Objective: Learn how to use nmap to detect service versions running on open ports.
Procedure:
- Run the following command to perform a version detection scan on your server:
nmap -sV localhost
- Examine the output to identify services and their versions running on open ports.
Task 3: Scan Specific Ports
Objective: Learn how to specify specific ports to scan using nmap.
Procedure:
- Run the following command to scan only ports 80 and 443 on your server:
nmap -p 80,443 localhost
- Review the output to see if ports 80 and 443 are open.
Task 4: Scan Multiple Hosts
Objective: Learn how to use nmap to scan multiple hosts simultaneously.
Procedure:
- Run the following command to scan both your server (localhost) and a popular website (e.g., google.com):
nmap localhost google.com
- Analyze the output to identify open ports on your server and the website.
Task 5: Scan Target by IP Range
Objective: Learn how to scan a range of IP addresses using nmap.
Procedure:
- Run the following command to scan a range of IP addresses (e.g., 192.168.1.1-10):
nmap 192.168.1.1-10
Task 6: OS Detection
Objective: Learn how to use nmap for operating system detection.
Procedure:
- Run the following command to perform an OS detection scan on your server:
nmap -O localhost
- Review the output to identify the detected operating system.
Task 7: Scan with Firewall Evasion Techniques
Objective: Learn how to use nmap with firewall evasion techniques.
Procedure:
- Run the following command to perform an
nmapscan with firewall evasion using the SYN/ACK scan technique:
nmap -sA localhost
- Examine the output for scan results and the evasion technique used.
Task 8: Perform a Fast Scan
Objective: Learn how to use nmap to perform a fast scan.
Procedure:
- Run the following command to perform a fast scan on your server:
nmap -F localhost
- Analyze the output to see which ports are open in the fast scan.
Task 9: Save Scan Results to a File
Objective: Learn how to save nmap scan results to a file.
Procedure:
- Run the following command to perform a scan and save the results to a file named "scan_results.txt":
nmap -oN scan_results.txt localhost
- Verify that the results have been saved to the "scan_results.txt" file.
Task 10: Troubleshooting Command
Objective: Learn how to use nmap to troubleshoot network connectivity issues.
Procedure:
- Imagine you are experiencing connectivity issues to an external web server (e.g., example.com). Run the following command to troubleshoot and diagnose connectivity problems:
nmap -p 80,443 example.com
- Analyze the
nmapoutput to identify any issues with the target server's ports and services.
Congratulations! You've completed the Basic Computer Networking Lab using the nmap command. This hands-on experience will help you become proficient in using nmap for network scanning, troubleshooting, and security assessments.
Remember that nmap is a powerful tool that can provide valuable insights into network configurations and security vulnerabilities, so use it responsibly and ethically in your SRE role.