PPT write Up

Running Head: MIDTERM PAPER

MIDTERM PAPER 7

Midterm Paper: Execution of Reconnaissance and Enumeration

Name

Course

Date

Midterm Paper: Execution of Reconnaissance and Enumeration

Introduction

The task was based on the execution of reconnaissance and enumeration based on the use of the Nmap, Traceroute, and Ping. The methods were used in determining network layout and topology, including the types of the system used in the network. What follows is the procedure on how the mentioned methods were used in determining the network topology and layout.

Nmap Method

Nmap was observed as an open-source and free tool for vulnerability network discovery and scanning (Pale, 2012). To determine network topology and layout, Nmap is used in identifying which devices are running on the systems offered by network administrators. In the process, the tool helps discover available hosts, including the services they provide while detecting security risks and finding open ports (Pale, 2012).

Moreover, it was essential to use Nmap for the process because it uses IP packets to identify all devices connected to a given network while providing information on the operating systems (Pale, 2012). Nmap was also used via a command-line interface, and it can be used for several different operating systems like Free BSD, Gentoo, and Linux. In our case, Linux was the best choice of operating system (Pale, 2012). The advantage of using Nmap for determining network topology and layout is that it can be bolstered by an enthusiastic and active user support community.

Nmap was also used to audit the traffic between the IoT devices and web servers on the networking topology and layout (Pale, 2012). The method is the best because it can highlight devices that might be malicious to the networking layout or topology. The core processes of Nmap include identifying if every active IP is legitimate or an attack, network as a whole, whereby hosts and ports scanned for every connected device, and vulnerabilities scanned for stimulating the process that might be used by hackers in attacking the network site (Pale, 2012).

Traceroute Method

The Traceroute Method works by setting the TTL for a packet one while sending it towards the requested host destination and listening for the reply (McMillan, 2012). The packet is examined when the initiating machine receives a time-exceeded response. The packet is examined to determine where it came from. However, the process identifies the machine based on one hop away (McMillan, 2012). The traceroute command was explicitly used in tracing the route that the packets take in reaching the host. The process also indicates how many hops a packet can take in reaching the host and the time it takes between every hop. For that reason, the traceroute method makes it easy when diagnosing potential networking bottlenecks.

To be effective with determining network topology and layout, the traceroute is run when the user is experiencing the problem from a computer having a problem (Wolfendale, 2014). The tracing is done when the user in a good position to connect from another computer. However, the connection from one computer is not useful (McMillan, 2012). The best approach is to connect to the site one more time before the network is run. Suppose the problem no longer exists, the user is allowed to wait until the problem occurs in the next run.

It was also necessary to use the command tracert hostname>c:\trace1.txt when experiencing the difficulty of copying the traceroute information. The difficulty is usually experienced when the information runs off the screen. The command usually results in a text file referred to as trace1.txt rooted in the C:\ drive. The file can be opened, and information content copy-pasted into the email message to the network support (Wolfendale, 2014). The hostname is the name given to the server being connected while testing the network topology and layout. Determining the hostname is also crucial to the whole process (Wolfendale, 2014). The hostname can also be replaced if it is not compatible with whichever the site is developed for.

Ping Method

Ping is used diagnostically for ensuring that the host computer user is trying to reach its operating. According to the process of determining network layout and topology, Ping works by sending ICMP (Internet Control Message Protocol) Echo Request (Dean, 2013). The request is based on the specified interface on the developing network while waiting for a reply. Furthermore, doing Ping while determining network topology and layout relies on the use of the black box, which has flashing cursor for opening the command prompt when the word 'ping' is the type and the space bar is hit on the pc keyboard (Rosen, 2014). After typing the command prompt, the next step is waiting for the ping results.

The ping method can also be used to Ping any IP address. The process involves the use of the command ‘ping’ 192.168. 1.101-t to initiate the formation of a continuous ping (Rosen, 2014). The IP address can again be replaced with the specific address requested by the advice (Dean, 2013). The best part is that the –t can be placed after or before the given IP address (Dean, 2013). Continues pinging is also necessary when determining the network layout and topology. The process is achieved by opening a continuous ‘ping whereby the command ping-t 8.8.8.8 is typed into the system. Afterward, the continuous ‘ping’ is expected to start by showing the latency in the form of seconds/milliseconds from the IP address used, which might be a Google Public DNS (Dean, 2013).

The range of the IPS was also important when determining network topology and layout. The first step starts by using the command "ping 192.168.1.101-t" for initiating the continuous Ping (Dean, 2013). In the process, the IP address is replaced with the ones needed by the device. As mentioned before, the range of IPS can be achieved by placing –t before or after the identified IP addresses (Wolfendale, 2014).

Additionally, speed is an essential factor to consider when determining network topology and layout. In that case, anything that is always below a ping of 20ms is great (Dean, 2013). However, any speed that is over 150ms could cause a noticeable lag. The actions within the network topology might take longer to process, thereby resulting in a disadvantage operation within the online arena (Wolfendale, 2014).

Conclusion

In conclusion, the process and methods used in determining the network topology and layouts are equally important. These methods play essential roles in the network's performance, including an illustration of the networking concepts. Consequently, the methods reduce factors such as maintenance and operational costs, including cabling. The networking topology is also used as a factor for determining the type of media used in the network layout. Network topology is also necessary for specific spatial functions like network routing, achieved through linear networks and layouts.

References

Dean, T. (2013). Network+ guide to networks. Boston, Mass: Course Technology/Cengage Learning.

McMillan, T. (2012). Cisco networking essentials. Indianapolis, Indiana: John Wiley & Sons, Inc,

Pale, P. C. (2012). Nmap 6: Network exploration and security auditing Cookbook. Birmingham: Packt Pub.

Rosen, R. (2014). Linux Kernel Networking: Implementation and theory. New York, N.Y.: Apress.

Wolfendale, E. (2014). Computer-Aided Design Techniques. Elsevier Science.