Information Assurance

Clay Shields, Department of Computer Science, Georgetown University

Homework 8 - Attack Familiarization

Due December 8th, 2010, before midnight

My experience in the military has convinced me that in order to defend against attacks, you need to be able to see your defences the way that an attacker will. You therefore need to understand how an attacker does this. This assignment is intended to allow you to experiment in reconnaissance and attack tools in a safe (for everyone else) environment.

You still have an account on the machine named ia-class.georgetown.edu. Your assignment is to log onto this machine, and to break into the hosts on the 10.1.1.* subnet, excluding ia-class itself, which is at 10.1.1.1. This is a separate subnet and is only accessible from ia-class. There are at least 3 other systems on that subnet you can attack.

I would suggest the following strategy:

• Try and determine what the OS on victim is, and what services are running. A tool named nmap is installed, and I am happy to install any other software you find that you might want to try, though it must run on Linuix. Send me e-mail if there is something else you want to try.
  
• Using the above information, go online and determine what exploits are available and what is likely to work. Sites that can be helpful for this are plentiful, and include:
• http://www.securityfocus.com/bid
• http://cve.mitre.org/
• http://packetstormsecurity.nl/
  
• In addition, a tool called metasploit is installed on ia-class for you to use. You can find some information on how to use it here or via google. You will want the msfconsole tool in /opt/metasploit3/msf3/. You also will likely want to copy the ~clay/.msf3 directory to your own directory, as it contains the setup parameters. Many people using it might suck, though, so what do I know.

What to turn in for each system:

• Any system information you have determined.
  
• A list of the vulnerabilites of the system, based on your research into the above services and their vulnerabilites.

IMPORTANT

It is possible to use the scanning tools on ia-class against other hosts on the Georgetown Campus and on the Internet. This is forbidden (verboten, prohibited, not allowed, banned) by class policy and by the Georgetown Acceptable Use Policy, and anyone caught doing this will receive a severe grade penalty. Don't think that I am not watching.

Additionally, remember the goal of the assignment is not to turn you into a computer attacker. It is instead to allow you to learn the basics of how attackers operate so that you may more successfully defend your systems in the future. Breaking into other computers, even if it is easy to do so, is a crime and is punishable under many state and federal laws. I will happily testify against you in a court of law that you received this warning.