Project 5
Attack Familiarization
COSC 352
Spring 2003
Due April 22, 2003
My experience in the military has convinced me that in order to defend
against attacks, you need to be able to see your defences the way that
an attacker will. You therefore need to understand how an attacker does
this. This assignment is intended to allow you to experiment in
reconnaissance and attack tools in a safe (for everyone else)
environment.
You still have an account on the machine named ia-class.georgetown.edu. Your
assignment is to log onto this machine, and to determine how you would
go about breaking into the host named "victim'' (IP address
192.168.14.8) which is on a private subnet and is only accessible from ia-class. Notice I said "how
you would" break in. Your assignment is not to break in, but to learn
how it might be possible to do so.
I would suggest the following strategy:
- Try and determine what the OS on victim is, and what services are
running. The following tools are installed and are available for you
(read man pages for descriptions, or ask google), and I am happy to
install any other software you find that you might want to try, though
it must run on FreeBSD. Send me mail.
- Try and determine what user accounts are on victim. You might try
using finger for this, or
try connecting directly to one of the services on victim, if there is some way to
get user information from it. You can connect directly to a specific port
and type commands at it by using: telnet
victim <port>, where port is the port the service runs on.
- Using the above information, go online and determine what
exploits are available and what is likely to work. Sites that can be
helpful for this are plentiful, and include:
What to turn in:
- A list of the services and accounts on the system, and any other
system information you have determined.
- A list of the vulnerabilites of the system, based on your
research into the above services and their vulnerabilites.
- An outline of how you would try and break in, if you were allowed
to do so, which you are not.
IMPORTANT
It is possible to use the scanning tools on ia-class against other hosts on
the Georgetown Campus and on the Internet. This is forbidden (verboten,
prohibited, not allowed) by class policy and by the Georgetown
Acceptable Use Policy, and anyone caught doing this will receive a
severe grade
penalty. Don't think that I am not watching.
Additionally, remember the goal of the assignment is not to turn you
into a computer attacker. It is instead to allow you to learn the
basics of how attackers operate so that you may more successfully
defend your systems in the future. Breaking into other computers, even
if it is easy to do so, is a crime and is punishable under many state
and federal laws.