Instructions: Complete the tasks described in this worksheet. Read the instructi
ID: 3877546 • Letter: I
Question
Instructions: Complete the tasks described in this worksheet. Read the instructions carefully and submit evidence of your completed tasks (a screen shot is your evidence). Answer the questions below in the space provided. • Showing Evidence of Completion: Your evidence of completion is a screen shot, as described in each exercise. Use the tool of your choice to take a screen shot of the required content. Screen shots should be pasted at the end of this document. • Answering Questions: Your answers should be written in carefully edited college-level English, using complete sentences. Lab – Analyze and Differentiate Types of Attacks and Mitigation Techniques Instructions and Evidence of Completion Answer a Question At the end of the document (not in this table) paste a screen capture that shows the successful use of the ncrack tool to discover the password for the root account on the Ubuntu client. Paste a screen capture showing the log file analysis showing privileges being escalated to root. Be sure to label your screen captures and be sure that it shows the command used and the output from that command. You should show two screen captures. Question 1. What command would you use to stop the denyhosts service? 2. What command would you use to make a Secure Shell connection to the Ubuntu client machine? 3. What tool was used to find the password for the root account? 4. What type of password attack was used in this case? 5. Name two other password attack methods that can be used? 6. What file was used to contain the lists of hosts that had been denied a connection to the Ubuntu client? 7. What tool was used to remove the Kali machine from the list of hosts being denied by the Ubuntu client? 8. Explain in your own words how a DOS or DDOS attack results in a victim machine being disabled.
Explanation / Answer
Steps to stop denyhost services
Step # 1: Stop DenyHosts
# /etc/init.d/denyhosts stop
Step # 2: Remove Your IP From /etc/hosts.deny
# vi /etc/hosts.deny
Delete your IP address. Save and close the file.
Step # 3: Remove Your IP From /usr/share/denyhosts/data Directory
Cd to /usr/share/denyhosts/data
# cd /usr/share/denyhosts/data
You need to edit the following files using vi and remove the lines containing the IP address. Save the file.
1.hosts
2.hosts-restricted
3.hosts-root
4.hosts-valid
5.users-hosts
If you’ve static IP address add to allowed-hosts file. Any IP address that appears in this file will not be blocked by default (consider this as a whilelist):
# echo '1.2.3.4' >> allowed-hosts
Step # 4: Start DenyHosts
# /etc/init.d/denyhosts start
...
One essential tool to master as a system administrator is SSH.
SSH, or Secure Shell, is a protocol used to securely log onto remote systems. It is the most common way to access remote Linux and Unix-like servers.
In this guide, we will discuss how to use SSH to connect to a remote system.
Basic Syntax
The tool on Linux for connecting to a remote system using SSH is called, unsurprisingly, ssh.
The most basic form of the command is:
$ssh remote_host
The remote_host in this example is the IP address or domain name that you are trying to connect to.
This command assumes that your username on the remote system is the same as your username on your local system.
If your username is different on the remote system, you can specify it by using this syntax:
$ssh remote_username@remote_host
Once you have connected to the server, you will probably be asked to verify your identity by providing a password.
Later, we will cover how to generate keys to use instead of passwords.
To exit back into your local session, simply type:
$exit
...