Evaluate Webserver Security (credit to MindTap)
You are the security analyst working for CorpNet. Your company wants to protect against any potential weakness in their public-facing servers. They would like to make sure that all of their servers are running up to date web server software, and they don't want to expose the servers to threats by using outdated security protocols or easily exploitable ports.
| Computer Name | IP Address | Domain Name |
| CorpNet_www | 198.28.1.1 | www.corpnet.xyz |
| CorpNet_www2 | 198.28.1.2 | www2.corpnet.xyz |
| CorpNet_www3 | 198.28.1.3 | www3.corpnet.xyz |
| www_stage | 198.28.1.15 | www_stage.corpnet.xyz |
In this lab, your task is to scan the public facing web servers as follows:
- Run the curl --head command against each server.
- Using nmap, run the ssl-enum-ciphers.nse script against the secure web server port on each server.
- Answer the questions.
EXPLANATION
While completing this lab, use the following information:
| Computer Name | IP Address | Domain Name |
| CorpNet_www | 198.28.1.1 | www.corpnet.xyz |
| CorpNet_www2 | 198.28.1.2 | www2.corpnet.xyz |
| CorpNet_www3 | 198.28.1.3 | www3.corpnet.xyz |
| www_stage | 198.28.1.15 | www_stage.corpnet.xyz |
Complete this lab as follows:
- Run the curl --head command against each server.
- From the Favorites bar, select Terminal.
- At the prompt, type curl --head ipaddress and press Enter.
- In the top right, select Answer Questions.
- Answer Question 1.
- Run the ssl-enum-cyphers.nse script against each server.
- In Terminal, type nmap --script=ssl-enum-ciphers -p443 ipaddress and press Enter to run the ssl-enum-ciphers.nse script.
- In the top right, select Answer Questions.
- Answer the remaining Questions.
- Select Score Lab.
Comments
Post a Comment