Scribd Logo
Unggah

Selamat datang di Scribd!

  • Lab 2

    Diunggah oleh

    kishore_sn
    12 tayangan2 halaman

    Hak Cipta

    © Attribution Non-Commercial (BY-NC)

    Format Tersedia

    PDF, TXT atau baca online dari Scribd

    Apakah menurut Anda dokumen ini bermanfaat?

    Apakah konten ini tidak pantas?

    Laporkan Dokumen Ini

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    12 tayangan2 halaman

    Lab 2

    Diunggah oleh

    kishore_sn

    Hak Cipta:

    Attribution Non-Commercial (BY-NC)
    Unduh sebagai PDF, TXT atau baca online dari Scribd
    Tandai sebagai konten tidak pantas
    dari 2

    ANKIT FADIATM Certified Ethical Hacker (AFCEH) 5.

    Lab Session 2
    (Submission Deadline: 14th November Sunday midnight)

    Before you start work on this lab session, it is highly recommended that you carefully watch all
    WEEK 2 video lectures of the AFCEH course. Answers to all the questions can be found within
    the course video lectures or your text books. In case you have any doubts, clarifications or
    questions, feel free to post your queries on the course mailing list or try to do a simple Google
    search.

    A) Using the tools and techniques discussed in the ICMP Scanning and OS Fingerprinting
    sections determine the operating system running on the following systems
    www.relianceworld.in, www.ankitfadia.in and 203.94.11.12. You may use any of the tools
    discussed in this section or your own tools for this lab session. You MUST describe the exact
    procedure that you followed in this lab session.

    B)

    Using email forging techniques taught in this course send the following forged email:

    Sender’s Name: Bill Gates


    Sender’s Email Address: billgates@microsoft.com
    Recipient’s Email Address: afceh.ankitfadia@gmail.com
    CC Email Address: Your Personal Email Address
    Subject: Job Proposal
    Body: Job Proposal

    C)

    Analyze the following email header in detail line by line:

    Delivered-To: victim@victim.com
    Received: by 10.229.230.194 with SMTP id jn2cs114783qcb;
    Tue, 13 Jul 2010 09:38:04 -0700 (PDT)
    Received: by 10.114.61.13 with SMTP id j13mr4748682waa.139.1279039083741;
    Tue, 13 Jul 2010 09:38:03 -0700 (PDT)
    Return-Path: <email@travel.com>
    Received: from mx1.securemx.in (mx1.securemx.in [121.241.247.20])
    by mx.google.com with ESMTP id d28si12324959wam.89.2010.07.13.09.37.59;
    Tue, 13 Jul 2010 09:38:00 -0700 (PDT)
    Received-SPF: pass (google.com: domain of email@travel.com designates 121.241.247.20 as permitted
    sender) client-ip=121.241.247.20;
    Authentication-Results: mx.google.com; spf=pass (google.com: domain of email@travel.com designates
    121.241.247.20 as permitted sender) smtp.mail=email@travel.com
    Received: from oedge4104-rme.smx.co.in ([10.41.20.27])
    by omta4101-rme.smx.co.in with ESMTP
    id <20100713163758.BXRQ510.omta4101-rme.smx.co.in@oedge4104-rme.smx.co.in>
    for <victim@victim.com>; Tue, 13 Jul 2010 16:37:58 +0000
    Received: from app1.travel.com ([202.87.51.226])
    ANKIT FADIATM Certified Ethical Hacker (AFCEH) 5.0

    by oedge4104-rme.smx.co.in with ESMTP


    id <20100713163758.BFVF31964.oedge4104-rme.smx.co.in@app1.travel.com>
    for <victim@victim.com>; Tue, 13 Jul 2010 16:37:58 +0000
    Received: from mailrelay.travel.com ([172.16.0.5])
    by app1.travel.com (8.13.8/8.13.8) with ESMTP id o6DGbvTS025403
    for <victim@victim.com>; Tue, 13 Jul 2010 22:07:57 +0530
    Date: Tue, 13 Jul 2010 22:07:57 +0530
    From: email@travel.com
    To: victim@victim.com
    Message-Id: <4c3c9665b459a_7f2a15555cc023f0969c3@tm1.travel.com.tmail>
    Subject: Confirmation
    Mime-Version: 1.0
    Content-Type: multipart/mixed; boundary=mimepart_4c3c9665b5b77_7f2a15555cc023f097045
    X-Scanned-By: MIMEDefang 2.63 on 172.16.1.49 --mimepart_4c3c9665b5b77_7f2a15555cc023f097045

    D)

    What are the differences between DOS Attacks, DDOS Attacks and Reflective DDOS Attacks?
    Which are the most dangerous? And how do you execute each of them? Describe in detail.

    E)

    What are the difference between Port Forwarding, Firewall Tunneling and HTTP Tunneling?
    Describe in detail.

    F)

    Using the password cracking techniques discussed in the video lectures, reading material and
    books, crack the password of the ZIP file named afceh.zip which has been uploaded to the
    course website (under Week 2) and to the Files section of the course mailing list. You may use
    any tools that are available on the Internet or your own scripts. In the answer to this question,
    you need to mention the cracked password and the text contained in the zipped file. HINT:
    Make sure you try all password cracking techniques like password guessing, dictionary based
    attacks, brute force and so on.

    SUBMISSION INSTRUCTIONS

    Kindly submit your answers to ANKIT FADIATM via email at afceh.ankitfadia@gmail.com and
    make sure you mention your full name in the email. Subject of the email should be Lab Session 2
    (otherwise your lab session work will not be accepted). All answers MUST contain only text. DO
    NOT include any screenshots, photos or videos in your lab session submissions. No late
    submissions will be accepted under any circumstances at all. You will receive an auto reply email
    confirmation once you have submitted the lab session. We have strict policies against cheating.

    Anda mungkin juga menyukai