Scanning Lab
In this lab, I needed to scan the 10.50.96.0/23 netblock to find all the live hosts and then enumerate which operating systems and services were running on them. The above picture shows that there were two subnets. I started by using nmap to scan the netblock using ICMP ping and timestamp packets. I then scanned again using nmap's half-open SYN scan. Next, I scanned the most common UDP ports. Next, I scanned the netblock again using port 53 as the source as well as the destination port. This is because sometimes machines are set up to only allow data coming from specific ports. This means that sometimes DNS requests will only be accepted from port 53. Using this method, I discovered one more host @ 10.50.97.25 My next job was to compile a concise list of live hosts based on the previous scans. I noticed as I was doing this that the hosts on the 10.50.96.0/24 subnet did not respond to the TCP packets, though they had responded to the ICMP traffic. I then broke the next part of the e...