Instructions:
1. You must present the practical solutions/ results with visible images captured and pasted into your document.
2. Make sure to use the cover page (available on eLearn) and include your name and student ID.
3. Your submitted assignment file should be a SINGLE PDF. See eLearn for due date and further assignment notes.
4. All answers should be in your own words and use appropriate referencing where required.
5. Assignments must be presented with a consistent font.
Task1: Examining Federal Computer Crime Laws
For this activity, use Internet search engines or Australian Federal Register of Legislation website at www.legislation.gov.au to gather information on the Criminal Code Act 1995, Division 477-478, which outlines the serious computer offences, such as hacking, that can be prosecuted at the federal level. Write a summary explaining how this law can affect ethical hackers and security penetration testers.
Task 2: Determine Legal Requirements for Penetration Testing.
Scenario - Telcomm Hudson Hospital Penetration testing
Organizational Facts
Telcomm Hudson Hospital is a medium-sized regional hospital located in Hudson, with approximately 500 staff members supporting up to 1000 patients. Hospital has contacted you to perform a penetration test on its computer network. Telcomm Hospital has 15 buildings in total on the campus, plus 5 small remote clinics.
There are two main hospital buildings and an auxiliary building. The two main buildings have seven floors each, with four wiring closets per floor. The Children's Place is connected to the two main buildings; the switches from these three buildings are connected with fiber connections in a ring. The Children's Place has three floors and the other 12 campus buildings are smaller office and support facilities, with 10 to 40 people per building, located on one or two floors.
Plans and Requirements
John, the vice president, is your only contact for the hospital. You won't be introduced to any IT staff or employee to avoid undermining the test you are conducting. Bruno wants you to determine what you can find out about the company's network infrastructure, network topology, and discover any vulnerabilities', without any assistance from Bruno or hospital's IT personnel.
Based on the preceding information:
1. Write a brief report to your instructor outlining the steps you should take before beginning the penetration test of the Telcomm Hudson hospital.
2. Research the legal requirement for penetration testing for the Telcomm hospital, and be sure to provide and to reference federal laws that might apply to the task you have been asked to do
Task 3: Examine Network and Computer Attacks
Review and analyse a recent network security attack in Australia. Report any failures that exemplify the security principles i.e. easiest penetration, adequate protection, effectiveness, weakest link.
Task 4: Examine Social Engineering Attacks
Which of the following social engineering attack more likely to succeed:
• In person,
• Over the telephone
• via e-mail? Justify your answer.
PRACTICAL ACTIVITIES
Task 5: Using reconnaissance attack tools
1. Using nslookup in any Windows PC (internet required) and gather the following information:
a. IP address
b. Change the server you want the response from 8.8.8.8
c. Elicit an authoritative answer from the DNS server
d. Find name servers for a domain
e. Find mail servers tor a domain
f. Identify other DNS resource records Requirements:
• Get the information for the following domain:
google.com
microsoft.com
cit.edu.au
2. Gathering information with WHOIS for the following domains (internet required)
Google.com
Microsoft.com
Cit.edu.au
Contoso.com
Whois is network information utility that allows you to look up most available information on a hostname, IP address, or domain, including country, state or province, city, name of the network provider, technical support contact information, and administrator.
a. The owner of the domain
b. The domain registration date and the owner's contact information
c. The owner of the IP address block
3. Using dig tool on EH-Kali2 gather the following information from EH-SVR1:
a. Domain names
b. Transfer domain
c. Resource records in the domain
Task 6: Using AMAP Scanning tool
Use the Amap tool to perform port scanning against EH-SVR1 and know exactly what applications are running on each port found open.
Requirements:
• Run this tool on Windows / Linux virtual machine
Task 7: Using Nmap/ Zenmap Scanning tool
Sectools have set up this machine to help pentesters learn about Nmap and also to test and make sure that their Nmap installation (or Internet connection) is working properly. You are authorized to scan scanme.nmap.org with Nmap or other port scanners. In this taks you will be using Nmap or Zenmap to scan scanme.nmap.org and find the following information:
• List of Services and port numbers
• Operating systems and version numbers
• Firewall protection
• Packets sent and received Requirements:
• Use any Windows/ Linux machine (internet required)
• If you use Windows, then you can also download the Zenmap from the following link https://nmap.org/download.html
• Run this tool on Windows / Linux virtual machine
• Administrative privileges are required to run this tool
Task 8: Identify the network security attacks
Analyse the given packet capture file (A1-task8.pcap) to identify the following:
• Victim's Address (IP and MAC)
• Attacker's Address (IP and MAC)
• Attack method
Task 9: Analyse a network security attack
Telcomm hudson Corp. suspects that one of their employees, John, is stealing secret documents for their competitor. Bruno has access to the company's top-secret documents. IT security staff are worried that Bruno may try to leak the company's top-secret information.
Security staff have been monitoring Bruno's activity for some time, but haven't found anything suspicious- until now. Today an unexpected computer briefly appeared on the company wireless network. Staff hypothesize it may have been someone in the car park, because no strangers were seen in the building. Bruno's computer, (192.168.100.22) sent access request for a file over the wireless network to this unexpected computer.
"We have a packet capture of the activity," said the security staff, "but we can't figure out what was going on. Can you help?" Analyse the given packet capture file (A1-task9.pcap) to identify the following:
• Attacker's Address (IP and MAC)
• Passwords
• Attack method
• Data stolen (file name, type and content)
Task 10: Research and demonstrate with documentation the Social-Engineer Toolkit (SET)
The Social-Engineer Toolkit (SET) is an open-source, Python-driven tool aimed at penetration testing around social engineering. This tool is included in Kali Linux. Your task is to simulate a social-engineering attack using a malicious link and send it victim via E-mail. Main tasks must include
• Clone a website/ or use template
• Obtain user names and passwords using the Credential Harvester method
• Generate reports for conducted penetration tests