Tải bản đầy đủ
After completion, scanning results can be viewed as shown in the following figure.

After completion, scanning results can be viewed as shown in the following figure.

Tải bản đầy đủ

Module 03 - Scanning Networks

l - l ° W *

Global Network Inventory ‫ ־‬Unregistered
Me

v ie w

-

in

& S9 3

sca n

T o o l(

R ep o rt <

H ?p

%-u110 | s ^ P i g

¥

B |Q |^ |a |D |B - B

#

® ,

|^

Hot fxes 3 e ;jr**• certer

■' ‫י‬-‫מ‬

‫־‬-

□ »

Port a r r e d o R

N e rrc

^

B ‫ י^יי‬AH addresses
B - <* WORKGROUP

O rvces

j

|

System dots

3

Q

Shores

L » ^ cvp s

Po;c3:cn>

§,

Scan •u n ra ry

| ^

NetBIOS

Computer 3y3tcn

^

| 3 ‫■׳‬

'•'ci‫ ־׳‬b o s d

0 ‫ נ כ‬ctn3 C,ctcn

^

Startup
^



Desktoo

Lbcre

M orer)

(ji)

| J

Logged c r

B8

Q

*|^r)0.a7(WN-D3T~1
»• ‫ נ י ו‬C J 4 iv>‫׳‬N-ULV3.r.

Type

Global Netw ork
Inventory grid color
scheme is completely
customizable.
Y ou can change Global
N etw ork Inventory colors
by selecting T o o ls | G rid
colors from main m enu
and changing colors

J

‫״‬

HikIM

» Sfdlin

*

» MAC A

V btkIh

» CJS

* PlOCHZM (

* C0I1HIMf »

Duiein *‫׳‬o ^ e n a j p COUNT-11
JIP A d d rew 10.Cl07(C O U N T1‫) ־‬
TncU aro: G/22/2012 3 GG: 38 PM (CO UN T-1)
■» C5t o j . |V/NC39MR Succc«

|D4 BE D9-C|Realck

ntefR] CorcfTM' Send: H202!

01011‫ ז‬i‫׳‬a»(j)

^jgl^c^roug^l^r

^esufc^jto^jegt^oj^ca^o^oc^cdfcj^

Re»dr

FIGURE 11.12 Global Network Inventory Individual machine results

14. The Scan Summary section gives you a brief summary o f die machines diat
have been scanned
1 - ‫ ^־‬r

Global Network Inventory ‫ ־‬Unregistered
f ie

View

Scan

Tools

Reports

Melo

□ ]e

*5 '
n 1* a □ * a
Nam•
- ‫ !■י‬A1addrestM
^

£

WORKGROUP

Sn

‫ נ כ‬tin>lcr5

k

yw don

( j

D ovcoi

J
l# |

1 ^ -sa

t1

▼ a x

[# j

- .r% xi*rty rt» r
Scan a n r m y

V crito o

a w-

| jjjjj

Logical d sk a

S^eton d o t•

NoifcKJS

| £

Q

j^

Sharoe

:■^:•;ore
®]

^

Hoi tacoe

^

CX>k & ts z i
Q

Jt

mo

"Sntcn

S o c u ty ccrto■
0 $orgroupt

M a n te s :

J

^

| j*

Networx oocp to o

Startup

U*«ra

*5

fa
B*S

|H

Dcckiop
LoggoCon ^

M enoiy cevicee

Q |

ijperatmg

:mtOiXOi’^N-ULYC"
‫ ם‬To configure
results history
level c h o o s e Scan
| R esults history
level from th e
main menu and
s e t th e desired
history level

Hcs4 H.. -

Status

‫ ־״‬MAC A .. ‫■״־‬barrio-

~ OSKsrw

‫ ־י‬Prco3350r.. ‫ ״י‬Corrmert■‫״‬

d t 'o m a r :\v tR r .ii-O U ‫ ׳־‬l .‫־‬JLrJ -‫־‬
^

P i d i e w : 1C.O.O : CQUNT=1J _________________________
Id Tnrgra«p B/22;2PlZ3-36 ^ P M p = D U H r= ll
| ;*» Ccnpu |W K-039M R|Succg«

Tolall 4em(s)

rU-BF-D»C:| R ^ r r i

1‫־‬

r

h!el(R)Cme|TM: Seiial H?‫?ר‬

1‫־‬

r

^c^U^iiitorydepthj
FIGURE 11.13: Global Inventory Scan Summary tab

15. The B ios section gives details o f Bios settings.

C E H L ab M an u al P ag e 194

E th ica l H a c k in g an d C o u n term easu res Copyright O by E C ‫־‬Counc11
All Rights Reserved. Reproduction is Strictly Prohibited

Looc a d!s\s

^

Z»: ‫ ־‬- ‫־‬

Module 03 - Scanning Networks

Global Network Inventory ‫ ־‬Unregistered
f it

v ie w

1^ ‫ז‬

5ta n

T o o ls

‫־‬

‫׳יי‬

X

^

89 £ □ J5

k.

‫^־ד‬

Narrc

_

Derive*

2

Hct fixes

^

MdBIOS
P

•»|1a616T(w’1^039.7'''

‫״‬

System dots

. ■rr-

£

q

.s r jx x p s

3"

)£•

Mar ?pad

Opcra.i-10 Cvs.or

.7 :

Scaabr e a te r

Shares

Poeewots

J^

Ssa^aumanr

5 ‫ ־‬W ORKGROUP

a

jij

Q

Por. -annccfcrc

H * P A ll a d d r e s s e s
B

1‫ ' ־‬° '

x

‫ז‬

H e lp

S J 1 '’‫ □־‬E T? | 5 | □

icwresufts

*

R e p o rt(

1555

Merer?

Q

■>

fid . . •

Startup

>*‫י‬

fc l



| ^

Desktop
Lccocd o r

Memory donees
‫׳‬cut

{ ■ 10.0.1‫>נ*ר‬VIN-IJI Y8...

Scan only items that
you need by customizing
scan elements

1 01* 1 ‫ו‬

»U»d/

Ret jt t t hutory depth: Latt t o n for tacft aflcret;

Q 't p lt / « d g r o u p : All g r o u p t

FIGURE 11.14: Global Network Inventory Bios summary tab

16. The Memory tab summarizes die memory in your scanned machine.
£□ E-mail
ad d ress S p ecifies th e email ad d ress that
p eop le should u se
w hen sending email to you at this
a ccou n t. The email ad d ress m ust
be in th e format
name(ftcompany—
for exam ple,
som eone@ m ycom
pany.com

Global Network Inventory - Unregistered
F ie

V ie w

*



S ca n

T o o ls

R e p o rts

‫ח‬

H e V iB lB & lm lH F i- iii

v ie w retuR*

▼ a x

■»

** s« a □ ‫« מ‬

\M »0 coofirokn

y -. ‫•■ ־■ ־ ־‬
D*Ye*t

All edd resse*

4 # WOWCROUP
;h

p

Mentors
iff)

‫י ן״‬

‫*■־‬w

L.

>#H

N am *
H %

h e lp

y

‫־‬

|g j

®
Logical daks

ct encct f

[#]

NmBIOS

t M

- ‫!־־־‬:•-

Oak ± n

|

H

Shw*1

‫■•יי‬fff

11 ‫׳‬

p

Uttramu

■t•5 ‫־‬
%-

•>

1‫י»ת‬0‫ו׳*חוח‬

Q

Operating ‫ל‬,‫׳‬d-•

‫׳‬

Network a d ^ c n !

Startup

| 'j

tk # n

a

1

ber/ r*c

|K
or

Memory f l w f «

I0.C.0.4 (WIN-ULY8...

Tc0f/.M 3

d[D

-

S a la b le H -yrea...

Total vfcuaL. ~ A v a to e V rtja ... »•

lo t a . . . - -

&valabl&.. ‫»י‬

V .C R t5F 0U P [C rM JN '= ]J
Hcsr Marre 3 9 ^ ^ ‫־‬MF5HL9E4 (C0U!\iT=1)
J

‫ ־‬hrescnp

V22J20123:36-38 PM (COUNT‫| ) ־‬
3317

7 o b i 1 it s u ;1

Results history depth: Last scan fo i each address

O ii p la / e d g r o u p : A ll g r o u p s

FIGURE 11.15: Global Network Inventory Memory tab

17. In die NetBIOS section, complete details can be viewed.

C E H L ab M an u al P ag e 195

E th ica l H a c k in g an d C o u n term easu res Copyright O by E C ‫־‬Counc11
All Rights Reserved. Reproduction is Strictly Prohibited

Module 03 - Scanning Networks

;- !o r

G lobal Netw ork Inventory ‫ ־‬Unregistered
F ie

v ie w

Son

T o o ls

R ep o rts

H elp

!□is? iBiaiasp 5!■!a & » B
v * y * re s u lts

Memcry

N a 1r «

Scan 3 jm a r y

4•

&I addresses

-



Port c o n r w c t r c

‫ד‬

h it d t e d « y t * sre

S)

C l

C l

S * d r t / M ‫׳‬t« r

Qf

®a

Memory d e v ic e c

n vm m g rt

| ."3 ‫ל‬

|;&

Startup

H - f i‫ ־‬W ORKGROUP

M essag e su bject Type the Subject o f your
message. Global
N etw ork Inventory cannot
post a message that does
n ot contain a subject

Services



D esktop
lo g g e d on

1C.0.C.’ (WIN-D39...

19 1 0 ^ f^ U L Y « ::

zJ Hart l l i n * 0 33* | , ‫ י\ ׳‬VF 5 H. =)E4 (COLNT=3)
T r^ rta rtp

8/22V2012 3:3ft 38 FM (COUN T 3‫) ־‬

* [ W K - 0 3 9 M R o - LSE4tt>>

L m q j?

W o ik s ta t c r Service

X

W K C •SM R^rLSE4<0x2O5‫־‬

L nque

F ie Server Service

3

W ORKGROUP

Group

Domain N am e

<0x00>

T o id 3 i . e n ld

Rem its history depth H i t scan re t earh naorett

R ea fly


FIGURE 11:16: Global Network Inventory NetBIOS tab

18. The U ser Groups tab shows user account details with die work group.
I ‫ ־‬1‫ם‬

G'obel Network Inventory ‫ ־‬Unregistered
Fie

□ Nam e S p ecifies
th e friendly nam e
a sso c ia te d with
your e-mail
ad dress. When
you sen d
m e s sa g e s , this
nam e appears in
th e From box of
your outgoing
m essa g es

View

Scan

Tools

Reports

Help

1□ c V | B p |g |m |
2

C o n j u t a s r r f—

S3 5) □ *3 $
N jit«
* i* A ll a d d r e s s • :

- i f

WORKGROUP

»‫־‬ccc

• I ‫ ־‬:

m
7‫י‬
^

a
Q

k

P^ cc350ra

Vent ‫רה‬

#>

CIO ‫כ‬

jj]

Opcralinq Cyslcrr

It#]

M a r board

^

Net Cl DC

^

S hares

I^J)

D 9sdr>c*

M em ?y

‫מ‬

‫■י‬P r r t c o

•>

Q

ij0

Q
D e v ic c :

|^

Locicoldbks

El

«•
| J?

cr

!nvronmcrrt

j•

A-

-b w g rx x »

Memory c fc v c c s
N e t t e d ‫־‬.

Startup

_bera


I,

Deaktoo
Lojj=d o r

? S iiilL

»• i a i J i w N S : ‫׳‬

H o s t N c n e ‫־‬/ / * -D 3 9 -4 R 5 H L 9 E 4 (C O U N T -5 1
z i ' r r e s c a n p : E /2 2 '2 0 1 2 3:36:38 F M ( C OU N 5- ‫] ל‬
G io u j

£< *ar> sfrafo:(C0U NT= 1)

‫ !׳■׳י‬S 0 C E N R 5HL3E4'>Adrim $tratoi

U 5 cr o c c c u r t

z i C r^ JD : C K t t K it e d CO M Usets (C O U N I - 1 1
v / ls C 2 S N R 5 H _ 3 E 4 \ A d f 1 i‫ ״‬istj<)(01

U ;e t a c c o u rt

_ J G r» ^ o : Guc:»; C O U N T -1 )
Jk• u A N 0 3 E M R 5 H L 9 E 4 \ G u t s l

d C 1 0 *.IIS J U S fiS
z i G r a if

U :* f « ccou rt

CO UN T■ !)

% N T >‫ ־‬F \lZ c V ^ c p c rlS c « v o r

VV«# k r c v ‫ ׳‬n gtcup oooounl

p M t a v u r e * 1 r g U t t r t ( C Q I J N T ■1)

T U 0 I 5 i c n | i|

R sa d /

RcsuMts h isto r y d e p th : Last s c a n f o i e a c h o o a e s !

D sp la y c C g r o u p ; All q io u p a

FIGURE 11.17: Global Network Inventory User groups section

19. The Logged on tab shows detailed logged on details o f die machine.

C E H L ab M an u al P ag e 196

E th ica l H a c k in g an d C o u n term easu res Copyright O by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Module 03 - Scanning Networks

1 - 1‫״‬

Globa! Network Inventoiy ‫ ־‬Unregistered
Me

v ie w

5
T o o ls

R e p o rts

§ 3 - □Is ? H c 1 ® e /
V « w re
*2 »‫□ ־־ י‬

J

m

E

%
S

_
A l l a d d re s s e s
f

‫ ו ג ב‬a i d s y ie fi

-•1a & ‫׳״‬
Q

Processors

\

N errc

■ ‫■ ״‬

H e lp

^

m

S c a n s u r a n a iy

‫?יי‬

^

BCS

Port c o m e d o s

W O RKGRO UP

| .§ )

'* { 3 0 S

M ain beard

Q

O o e fa tr o System

System slots

C‫־־‬r ■^ r .

£

L>j1d j s v j
|

l£ ‫)־‬

H o tfix e s

2'

S h a ‫׳‬e&

^

N e n o iy

w

Di:-•. J .
t o t a le d software

^

>

Memory d e / c e s

£■
|(|

S e a i t ) e e r ie r

Net ■..

Environment
%

U s e tu .

S ervices

|

3 .< n : u ,_ _ H L _ 2 s 5 tlS B _ J
Users

| j>

Logg ed o r

J

;1abix7"(wi‫׳‬N-D3g...

& Port ‫ ־‬S p ecifies
th e port number
you co n n ect to on
your outgoing email (SMTP)
server. This port
number is usually

;■ '1 6 0 . 0 4 (W IN -U LY 8 ...

H oaN ok

W H -033N R 5H L3£4 (C O U N T S

1 N T S E R V .C E >M s D is S e rv e rl 10
f

H ” S E R V C E 'M S S Q L F D L o u n c h a

f

N ‫ ־‬£ £ R V lC E VM S S Q L S E R V E R

f

N ‫ ־‬S E R V C E 'M S S Q L S e r / e iO L A P S e iv ie e

* , N ‫ ־‬S E R V C E 'R e p o r t S c r v a

25.

5 \ A H D 3 9 M R E H L 9 E 4 \A < in h a tr‫*־‬or

3 8 /2 2/1 2 09:01:20

R e su lts f r i t pry d e p th la s t ;c a n lo r t e c h a d d r c n

R ea dy

Oowove^rou^lUroups

FIGURE 11.18: Global Network Inventory Lowed on Section

20. Tlie Port con n ectors section shows ports connected in die network.
G lob a ' N e tw ork Inventory - U nregistered

ST
F ile

Scan

T o o lt

R ep o rt(

H elp

1S
v ie w re s u t;

O u tg o in g m ail
(SM T P) ‫ ־‬Specifies your
Simple Mail Transfer
Protocol (SMTP) server for
outgoing messages

w a x

n

Name
H-

£

NetBIOS

a ‫ש‬b #
L.
AH a d d re s s e s
f r £* W O R K G R O U P

■»r10bn‫־‬7‫^־‬N-big".'‫־‬.‫־‬

;can currrjr,

*

P « t c on n ecto rs

JO

91‫־‬ares

F io c e s s o is
l- b n t c r j

WOS

| S)

£

Ji>

LSe

L o g c a l d isk s

0p«1fcrg Syren•

^

1

Users

|

m ay

^

: -t‫־‬KC1:

D:

‫—ן‬

Q

•£‫׳־‬

fcrvron m en t
a

hrr ‫י‬

Logg ed o n

Memory devotes

Startup

Netw ork 0d3?1cr:
|
■1

S « m :«
D esktop

0^10 ‫«־‬.(W‫׳‬fW‫׳‬N‫־‬ULY8""

D o r ia n . V / D ^ K O R O U ? (C0U N T = 2 5I
J

he*• H a r e : t*‫׳‬T . D 3 9 M R 5 H L J 3 E 4 (C O U N T -2 5 )
J

‫ ז‬alal 25

1 ■‫ * ״‬t t a r o : & '2 2 /2 D 1 2 3 3 6 3 8 PM (C O U N T =26)
’ ‫א כ כו׳ן‬

S e r a i P o r 1S55CA C o n p a r t le

D 6 9 ‫־‬.M ale

‫ ז‬7 ‫»ככ‬

K e l o i d P011

FS /2

‫ ז‬7 ‫»נ כ‬

M ou cc Po ri

F S /2

’ 703H

USB

a< r*51 bus

t7

USB

00h

‫ י‬7 3 ‫ווכ‬

UCD

A c c 0 H .b u 4

, 703H

USB

A c o e s t.b u t

Atris
Fes j t s nistory deptn: Last scan foi eatfi address

D isj ayecl arouo; All aroups

FIGURE 11.19; Global Network Inventory Port connectors tab

21. Tlie Service section give die details o f die services installed in die machine.

C E H L ab M an u al P ag e 197

E th ica l H a c k in g an d C o u n term easu res Copyright O by E C ‫־‬Counc11
All Rights Reserved. Reproduction is Strictly Prohibited

Module 03 - Scanning Networks

S To cr ea te a
n ew cu stom
report that
includes more
than on e sca n
elem en t, click
c h o o s e Reports |
Configure reports
from th e main
menu, click
th e Add button on
th e reports dialog,
cu stom ize
se ttin g s a s
desired, and click
th e OK button

Globa! Network Inventory ‫ ־‬Unregistered
Me

v ie w

5
T o o ls

R e p o rts

‫ ־‬- $ * ]‫ י ® ב ס‬H e p H B ] ® e |
V ie w re
*1 *9 2 □

pf

m

E

%
S

Devices

|

Qf

Port cornedas

_

*i

f

M

£

Shares

Q
D

A l l a d d re s s e s
W O RKGRO UP

= r

•-•Eg & ‫׳״‬

NetBOS
et30S

g

N e ir c

R

H e lp

Ci

System slots

'

|

User croups

Main board

Hotfixes

^

3

Memory

|

ig )

Msrrcryde/ces

Startup



0 . ‫ גי‬c t i U S vtte‫״‬

Loaaedor

n

£

Secut) center

jjjj

1•

Jsers

^



Desktoo

|

|

S c r r is c a

|

»"
13

iii'iu n ic il

•1 ‫ ־‬y ' a a ’7 i w i ‘N -D 3 8 ’‫’ "״‬
;■ '1 6 0 . 0 4 (W IN -U LY 8 ...

N»♦

-

z i D om r* V»ORC13RO UP |CD UM I«l4/)
_!J Hcs‫* ׳‬sLan^ '*1 N 0 ‫»־‬IR5HL9E4(CO UN T■!47|
zi

rr^ a n p

3 /2 2 !2 0 H 3 3&38FM [COUNT =147)

. Ldcte A cxbat U pcare Ser!/ce

41loma1‫׳‬c

RufM rg

, £ p f teanon E>o=r1 ence

Manual

R u m rg

C‫ ־‬vV.mdowt\system32\svehott eye •k netsv

. Appicanon Host Helper Service

Automatic

R j'i'ir g

C «V.»Klowt\^1stern32\fivch0ftexe •k apph(

^A p p fc a n o n Idenfctji

Manual

Stepped

C‫\*־‬fcmdow1\svstem32\svc*10ft.exe •k Local

Manual

R im r g

C »V.m
Manual

Stepped

C ,V,mdowt\S3i5tem32Ulg ew>

Manual

Stepped

C »\v!n
tpflr9r»0nlnf1‫־‬rml1on
. Apftlcanon Layer 5 ‫־‬rewau Service
Apffcarion Manafjenenr

‫־־‬: 'P n g -a n Filei [vf‫־‬fc)\Comrmn Fite'iAdobi

I0 la l1 < 7 toart :J

Ready

Oowoye^KOu^lUroups

Results fcitory depth lost icon lor to
FIGURE 11J20: Global Network Inventory Services Section

22. The Network Adapters section shows die Adapter IP and Adapter type.
1‫־‬

G lob al N etw ork Inventory ‫ ־‬Unregistered
Fie

view

Stan

Tools

Reports

I* ‫״‬



V cw rcsu R ;

r-l

& A security
accou n t
passw ord is
created to m ake
sure that no other
u ser can log on to
Global Network
Inventory. By
default, Global
Network
Inventory u s e s a
blank passw ord

▼ ‫ל‬

X

^ □ E $

Narre
B

1^‫י‬

Help

e

D c*cca

j|

C o n p u te r ‫>־ת‬€*‫ו‬

y

All addr*<«#<

H

y~ * £ W O RKGRO UP

■- m o ‫״‬M

Q 'l l

v

^

[# J

Pc‫ ׳‬t c o r r c c t o o
S ca n s jr r r c r v

h■ v®00

N e tBIO S
Q
Q

^

&

| ^

<‫׳״‬

SK3X3

Prooeaaora
System alota

80S

|‫׳‬jgj]

|^

4■

U3cr
Mom boane
H o t fx c a

O p o r s trg Syrtom

^

fjj

JL•

Ccc^ rfy e e r ie r
h w U to d t c ftv m o

1-

Uaera

M em ory
j*
B

^

B?1
Startup
Envtronmoat

?‫מ‬

Looocdon
Memory d e v ic e s
|^
| ‫״‬j ,

Deoksop
S o rv cm

|v

( w n ' u ’l ^ " . " ’

- Tinettarp: £ / ^ 2 3 36:33 3 2 ‫ ־‬FM (COUNT-11
n ^ ^ v V ^ E t ,.|D 4 : B E :D 9 :C |1 0 0 .D 7

l2 S 2 S .2 g |1 D C .0 1

[vicreolt

|E therrct QIC|N 0

Iotall 1enlj
^esujt^jjto^jepth^as^a^o^scj^ddrts^

Rea^

^jjjte^e^roup^lU^oup^

FIGURE 11.21: Global Network Inventory Network Adapter tab

Lab Analysis
Document all die IP addresses, open ports and miming applications, and protocols
you discovered during die lab.

C E H L ab M an u al P ag e 198

E th ica l H a c k in g an d C o u n term easu res Copyright O by E C ‫־‬Counc11
All Rights Reserved. Reproduction is Strictly Prohibited

Module 03 - Scanning Networks

T o o l/U tility

In fo rm atio n C o llected /O b jectiv es A chieved
IP Scan R ange: 10.0.0.1 —10.0.0.50
S can n ed IP A ddress: 10.0.0.7,10.0.0.4
Result:

G lobal N etw o rk
Inventory

■ Scan summary
■ Bios
■ Memory
■ NetBIOS
■ UserGroup
■ Logged O n
■ Port connector
■ Services
■ N etw ork Adapter

PL E A S E TALK T O Y O U R I N S T R U C T O R IF YOU H A V E Q U E S T I O N S
R E L A T E D T O T H I S LAB.

Questions
1. Can Global N etw ork Inventory audit remote computers and network
appliances, and if yes, how?
2.

How can you export the Global N etw ork agent to a shared network
directory?

In tern e t C o n n ectio n R eq u ired
□ Yes

0 No

P latfo rm S u p p o rted
0 C lassroom

C E H L ab M an u al P ag e 199

0 iLabs

E thical H a c k in g an d C o u n term easu res Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Module 03 - Scanning Networks

Anonymous Browsing using Proxy
Switcher
Proxy Switcher allowsyou to automatically execute actions; based on the detected
netnork connection.
ICON

KEY

p =7 Valuable
information
Test your
knowledge
w

Web exercise

Q

Workbook review

Lab Scenario
111 the previous lab, you gathered inform ation like scan summary, NetBIOS
details, services running on a computer, etc. using Global Netw ork Inventory.
N etBIOS provides programs with a uniform set o f commands for requesting
the lower-level services that the programs must have to manage names, conduct
sessions, and send datagrams between nodes on a network. Vulnerability lias
been identified in Microsoft Windows, which involves one o f the NetBIOS
over T C P /IP (NetBT) services, the NetBIOS N am e Server (NBNS). W ith this
service, the attacker can find a com puter’s IP address by using its N etBIOS
name, and vice versa. The response to a N etBT name service query may contain
random data from the destination com puter’s memory; an attacker could seek
to exploit this vulnerability by sending the destination com puter a N etBT name
service query and then looking carefully at the response to determine whether
any random data from that computer's memory is included.
As an expert penetration tester, you should follow typical security practices, to
block such Internet-based attacks block the port 137 User Datagram Protocol
(UDP) at the firewall. You m ust also understand how networks are scanned
using Proxy Switcher.

Lab Objectives
This lab will show you how networks can be scanned and how to use Proxy
Switcher. It will teach you how to:

C E H L ab M an u al P ag e 200



Hide your IP address from the websites you visit



Proxy server switching for improved anonymous surfing

E th ica l H a c k in g an d C o u n term easu res Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited.

Module 03 - Scanning Networks

Lab Environment
To cany out the lab, you need:


Proxy Switcher is located at D:\CEH-Tools\CEHv8 Module 03 Scanning
Networks\Proxy Tools\Proxy Sw itcher

2 " Tools
dem onstrated in
this lab are
available in
D:\CEHTools\CEHv8
Module 03
Scanning
Netw orks

■ You can also download the latest version o f Proxy W orkbench from
this link http:/ / www.proxyswitcher.com/


I f you decide to download the latest version, then screenshots shown in
the lab might differ

■ A computer running W indows Server 2012
■ A web browser with Internet access


Follow’ Wizard-driven installation steps to install Proxy Sw itcher

■ Administrative privileges to run tools

Lab Duration
Time: 15 Minutes

Overview of Proxy Switcher
Proxy Switcher allows you to automatically execute actions, based on the detected
network connection. As the name indicates, Proxy Switcher comes with some
default actions, for example, setting proxy settings for Internet Explorer, Firefox,
and Opera.

Lab Tasks
Cl Autom atic

ch a n g e of proxy
configurations (or
any other action)
b ased on network
information

1. Install Proxy Workbench in W indows Server 2 012 (Host Machine)
2. Proxy Switcher is located at D:\CEH-Tools\CEHv8 Module 03 S can nin g
N etw orks\P roxy T ools\Proxy S w itch er

3. Follow’ the wizard-driven installation steps and install it in all platforms
o f the W indow s op eratin g sy stem .
4. This lab will work in the C EH lab environm ent - on W indow s S erver
2 0 1 2 , W indow s S erver 20 0 8 , and W indow s 7
5.

C E H L ab M an u al P ag e 201

Open the Firefox browser in your W indows Server 2012, go to Tools, and
click Options in die menu bar.

E th ica l H a c k in g an d C o u n term easu res Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited

Module 03 - Scanning Networks

G o o g le

M o iillo Firefox

colt | HtJp
Qownloatfs

CW -I

moderns

cm * v ‫*«״‬A

C3Often different

S e a r ch

Im ages

fi

e •!1• -■cc9u

S<* UpS^K.
♦You

D ocu m en ts

Web Developer

C alendar

*

M ote •

Page Info

internet
co n n ectio n s
require
com pletely
different proxy
server settin g s
and it's a real pain
to ch a n g e them
manually

Sign n

Cle«r Recent Ustsr.

01+“ Sh1ft*IW

Google
Gocgle Search

I'm feeling Lucky

A6 .««t>11ng P io g a m m e i

Bu sin ess SolUion*

P ir a c y t Te

•Google

Aboul Google

Google com

FIGURE 121: Firefox options tab

6.

Go to die Advanced profile in die Options wizard o f Firefox, and select
Network tab, and dien click Settings.
Options

‫ם‬

&

G e n e ra l

G e n e ra l | M e tw o rV

%

‫§י‬

Tabs

C o n te n t

A p p l ic a t io n s

j U p d a t e | E n c r y p t io n

p
P r iv a c y

*k
S e c u r it y

3
S> nc

A dvanced

j

C o n n e c tio n

3‫׳‬k Proxy Switcher fully
compatible w ith Internet
Explorer, Firefox, Opera
and other programs

|

C o n f ig u r e h o w h r e f o i c o n n e c t s t o t h e I n te r n e t

S g t n g i.

C a c h e d W e b C o n te n t
C le a r N o w

Y o u r v r e b c o n t e n t c a c h e 5 ‫ י‬c u r r e n t ly u s in g 8 .7 M B o f d i s k s p a c e
I

I O v e r r id e a u t o m a t e c a c h e m a n a g e m e n t

Limit cache to | 1024-9] MB of space
O f f lin e W e b C o n t e n t a n d U s e r D a ta
You

1 a p p lic a t io n

M

T e ll m e w h e n a w e fc c ite a c lr t t o s t o r e H a t* f o r o f f l in e u c e

C le a r N o v /

c a c h e i s c j i r e n t l / u s in g 0 b y t e s 01 d is k s p a c e

Exceptions..

T h e f o llo v / in g t v e b s it e s a r e a lo w e d t o s to r e d a ta f o r o f f lin e u s e

B a r eve..

OK

Cancel

H e lp

FIGURE 122 Firefox Network Settings

7. Select die U se S ystem proxy se ttin g s radio button, and click OK.

C E H L ab M an u al P ag e 202

E th ica l H a c k in g an d C o u n term easu res Copyright O by E C ‫־‬Counc11
All Rights Reserved. Reproduction is Strictly Prohibited

Module 03 - Scanning Networks

C onnection Settings

‫ייי־‬

Configure P oxies to Access the Internet

O

N o prox^

'‫ )־‬Auto-detect proxy settings fo r this network
(•) Use system proxy settings
M anual proxy configuration:

f i proxy switcher
supports following
command line
options:

HTTP 5rojjy:

127.0.0.1
@ U je this prcxy server for all protocols

-d: Activate direct
connection

SSLVoxy:

127.0.0.1

P firt

FTP *roxy.

127.0.0.1

P o rt

SOCKS H o s t

127.0.0.1
O

SOCKS v4

P o rt
® SOCKS v5

N o Pro>y f o r
localhcst, 127.0.0.1

Example: .mozilla.org, .net.nz, 192.168.1.0/24
O

Autom atic proxy configuration URL:
Reload

OK

Cancel

Help

FIGURE 12.3: Firefox Connection Settings

8. N ow to Install Proxy Switcher Standard, follow the wizard-driven
installation steps.
9. To launch Proxy Switcher Standard, go to Start menu by hovering die
mouse cursor in die lower-left corner o f the desktop.
T A S K

1

Proxy Servers
Downloading

FIGURE 124: WmdcKvs Server 2012 - Desktop view

10. Click die Proxy Sw itcher Standard app to open die Proxy Sw itcher
window.
OR
Click Proxy S w itch er from die Tray Icon list.

C E H L ab M an u al P ag e 203

E th ica l H a c k in g an d C o u n term easu res Copyright O by E C ‫־‬Counc11
All Rights Reserved. Reproduction is Strictly Prohibited