CNIT 123 Proj 5: Port Scans and Firewalls (20 pts.)

What You Need

A Windows machine and a Linux machine, real or virtual.

Setting VMware Networking

In the VMware Player window, on the top left, click Player, Manage, "Virtual Machine Settings".

In the "Virtual Machine Settings" box, on the left side, click "Network Adapter".

On the right side, click "Bridged: Connect directly to the physical network" or NAT. Click OK

Repeat the process for your other VM. It doesn't matter which networking mode you use, but both machines must use the same mode.

Finding the IP Address of Your Kali Linux Machine

At the upper left of your Kali desktop, click the little black square icon to open a Terminal window.

In the Terminal window, after the $ prompt, enter this command, then press the Enter key:

ifconfig
Find your IP address. Make a note of it.

Ensuring that You Have an Internet Connection

In the Terminal window, after the $ prompt, enter this command, then press the Enter key:
ping google.com
You should see lines starting "64 bytes from...". Press Ctrl+C to stop the pinging.

If you don't, you need to troublehshoot your networking before proceeding with this project.

Installing Zenmap

In the Terminal window, after the $ prompt, execute these commands:
apt-get update

apt-get install zenmap

Port Scanning Your Own Linux Machine With zenmap

In the Terminal window, after the $ prompt, enter this command, then press the Enter key:
zenmap
In the Zenmap window, enter a Target: of 127.0.0.1

Accept the default Profile: of Intense Scan, as shown below on this page. Click the Scan button.

When the scan completes, the results show "All 1000 scanned ports on localhost (127.0.0.1) are closed", as shown below. That's normal for a Kali Linux machine. There is no firewall running, but no services are listening, so Kali returns a RST for every SYN probe.

Finding the IP Address of Your Windows Machine

In your Windows machine, click Start, type CMD, and press the Enter key. In the Command Prompt window, enter the IPCONFIG command and press the Enter key.

Several IP addresses appear. Find the one that starts with 192.168.1 and make a note of it.

Setting Your Windows Machine's Firewall to Block All Incoming Connections

In your Windows machine, click Start. Type in FIRE and click "Windows Firewall" in the results section.

In the "Windows Firewall" box, on the left side, click "Turn Windows Firewall on or off".

In the "Customize Settings" box, in the "Home or work (private) network location settings" section, click the "Turn on Windows Firewall" button and check the "Block all incoming connections..." box, as shown below on this page. Make the same adjustments in the "Public network location settings" section. Click the OK button.

Scanning Your Windows Machine With Incoming Connections Blocked

In the Zenmap window, enter the IP address of your Windows machine. Click the Scan button.

You should get results as shown below, saying "All 1000 scanned ports ... are filtered". That's what the firewall does--blocks all responses to unexpected SYN packets, on all ports. Since there is no response at all, the scan takes longer, and the ports are reported as "filtered", not "closed".

Saving a Screen Image

Click outside the virtual machine to make the host machine's desktop active. Press the PrintScrn key to copy the whole desktop to the clipboard.

YOU MUST SUBMIT WHOLE-DESKTOP IMAGES FOR FULL CREDIT

In the host machine, launch Paint and paste in the image. Save the image with the filename "Your Name Proj 5a".

Setting Your Windows Machine's Firewall to Off

In your Windows machine, click Start. Type in FIRE and click "Windows Firewall" in the results section.

In the "Windows Firewall" box, on the left side, click "Turn Windows Firewall on or off".

In the "Customize Settings" box, in the "Home or work (private) network location settings" section, click the "Turn off Windows Firewall" button, as shown below. Make the same adjustment in the "Public network location settings" section. Click the OK button.

Port Scanning Your Windows Machine With the Firewall Off

In the Zenmap window, verify that the IP address of your Windows machine is still in the Target: box. Click the Scan button. When the scan completes, scroll up to find the green text.

You should get results as shown below, showing open ports: 135, 139, 445, and probably several others.

Saving a Screen Image

Click outside the virtual machine to make the host machine's desktop active. Press the PrintScrn key to copy the whole desktop to the clipboard. In the host machine, launch Paint and paste in the image. Save the image with the filename "Your Name Proj 5b".

Turning in Your Project

Email the JPEG images to me as attachments to a single email message. Send it to: cnit.123@gmail.com with a subject line of "Proj 5 From Your Name", replacing "Your Name" with your own first and last name. Send a Cc to yourself.

Last Modified: 9-7-16