in trouble with this class
jamesleecoleman
Member Posts: 1,899 ■■■■■□□□□□
in Off-Topic
Alright, I'm taking a security class "securing the infrastructure"
I just transferred in to the four year school and this is the first class of the first semester there.
Well everyone in the class copied an image for windows 2000 server and I found out that we
have to security the server os without updates, ad, and we can't have a firewall.
I've been trying to do some research on how to protect the OS but I'm not really familiar with
windows 2000. I need to protect the OS because people will be trying to break into the OS.
After they're done, my teacher will for sure break in. We have people on the cyber defense team
at school who are in our class so I'm sure that they have experience with breaking into and protecting systems.
I know to turn off the services that won't be needed but we have requirements for certain services to
be enabled. Such as ftp, webserver, file share, remote management, and other things.
Our teacher included tools like snort, nmap, and nesses on the image. He told some of us that if
we had a honeypot then that would help in some way with the score, I think. I didn't know a honeypot
could be put on an OS. So I've been looking for honeypots to put on the 2000 server.
The ip address is stuck to 192.168.10.2. I can't change it. Now I'm working on scanning the ports for the
image in vmware. I'm using this string "nmap -S 192.168.1.103 192.168.1.48 -PN -e eth1". So I can do IP
spoofing because nmap won't let me scan my computer. I'm going to pick up the nmap book asap.
One of the students asked if they could use BT on the laptop that they have. I'm going to have to run out
and get a laptop HD and install BT on it and buy the book for BT.
Does anyone know any books that could help me out? Anything else I should be looking into?? I want to learn
as much as possible and still recieve a high mark in the class. I'm pretty sure I'm going to get my butt kicked.
I just transferred in to the four year school and this is the first class of the first semester there.
Well everyone in the class copied an image for windows 2000 server and I found out that we
have to security the server os without updates, ad, and we can't have a firewall.
I've been trying to do some research on how to protect the OS but I'm not really familiar with
windows 2000. I need to protect the OS because people will be trying to break into the OS.
After they're done, my teacher will for sure break in. We have people on the cyber defense team
at school who are in our class so I'm sure that they have experience with breaking into and protecting systems.
I know to turn off the services that won't be needed but we have requirements for certain services to
be enabled. Such as ftp, webserver, file share, remote management, and other things.
Our teacher included tools like snort, nmap, and nesses on the image. He told some of us that if
we had a honeypot then that would help in some way with the score, I think. I didn't know a honeypot
could be put on an OS. So I've been looking for honeypots to put on the 2000 server.
The ip address is stuck to 192.168.10.2. I can't change it. Now I'm working on scanning the ports for the
image in vmware. I'm using this string "nmap -S 192.168.1.103 192.168.1.48 -PN -e eth1". So I can do IP
spoofing because nmap won't let me scan my computer. I'm going to pick up the nmap book asap.
One of the students asked if they could use BT on the laptop that they have. I'm going to have to run out
and get a laptop HD and install BT on it and buy the book for BT.
Does anyone know any books that could help me out? Anything else I should be looking into?? I want to learn
as much as possible and still recieve a high mark in the class. I'm pretty sure I'm going to get my butt kicked.
Booya!!
WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
*****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
*****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
Comments
-
demonfurbie
Member Posts: 1,819 ■■■■■□□□□□
turn IMCP echo request off
block tcp/upd port 135~139
run nmap from the host os to the vm
if your not hacking wireless there should be no reason not to be able to run backtrack from a vm
and a honey pot is a differant install of the same or simmilar os with less security to attract hackers to the less secure one
edit: is there even a book on backtrack??wgu undergrad: done ... woot!!
WGU MS IT Management: done ... double woot :cheers: -
Everyone
Member Posts: 1,661
demonfurbie wrote: »turn IMCP echo request off
block tcp/upd port 135~139
run nmap from the host os to the vm
if your not hacking wireless there should be no reason not to be able to run backtrack from a vm
and a honey pot is a differant install of the same or simmilar os with less security to attract hackers to the less secure one
edit: is there even a book on backtrack??
Start with these: http://www.nsa.gov/ia/_files/os/win2k/w2k_file_disk_resource.pdf
http://www.nsa.gov/ia/_files/os/win2k/w2k_group_policy_toolset.pdf
http://www.nsa.gov/ia/_files/os/win2k/w2k_router.pdf
Security configuration guidance support
EDIT: Here is what I was looking for, all the NSA guides for Server 2000 are here: Current Guides - NSA/CSS -
hiddenknight821
Member Posts: 1,209 ■■■■■■□□□□
demonfurbie wrote: »edit: is there even a book on backtrack??
Yep. Here it is. Backtrack 4: Assuring Security by Penetration Testing -
jamesleecoleman
Member Posts: 1,899 ■■■■■□□□□□
Thanks for the advice everyone!Booya!!
WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
*****You can fail a test a bunch of times but what matters is that if you fail to give up or not***** -
demonfurbie
Member Posts: 1,819 ■■■■■□□□□□
hiddenknight821 wrote: »Yep. Here it is. Backtrack 4: Assuring Security by Penetration Testing
wow thanks for the link ive just been using it so long i guess i take the knowledge for grantedwgu undergrad: done ... woot!!
WGU MS IT Management: done ... double woot :cheers: