Question

1a) Which of the following statements is true?

1. Running SSH on the Telnet port will now be sent across an unencrypted port.
2. Despite the results of the scan, the service running on port 23 is actually Telnet and not SSH, and creates an additional vulnerability
3. Running SSH on port 23 provides little additional security from running it on the standard port.
4. Remote SSH connections will automatically default to the standard SSH port.
5. The use of OpenSSH on its default secure port will supersede any other remote connection attempts.

1b) Given the organization’s policy, which of the following services should be disabled on this server?

1. rpcbind
2. netbios-ssn
3. mysql
4. ssh
5. telnet

For part c, please use the following:

1c)

The penetration tester knows the organization does not use Timbuktu servers and wants to have Nmap interrogate the ports on the target in more detail. Which of the following commands should the penetration tester use NEXT?

A. nmap -sV 192.168.1.13 -p1417

B. nmap -sS 192.168.1.13 -p1417

C. sudo nmap -sS 192.168.1.13

D. nmap 192.168.1.13 -v

Starting Nmap 4.67 (http://nmap.org) at 2011-11-03 18:32 EDT Nmap scan report for 192.168.1.13 Host is up (0.00066s latency) />Not shown: 992 closed ports STATE SERVICE PORT 22/tcp ssh open 80/tcp http open 111/tcp rpcbind open 139/tcp netbios-ssn open 3306 mysql open MAC Address: 01:AA: FB:23:21:45 Nmap done: 1IPaddress (1hostup) scannedin4.22seconds Starting Nmap 4.67 (http://nmap.org) at 2011-11-03 18:32 EDT Nmap scan report for 192.168.1.13 Host is up (0.00066s latency) Not shown: 996 closed ports STATE SERVICE PORT 22/tcp 80/tcp 139/tcp 1417/tcp ssh open http netbios-ssn open open timbuktu-srvl open Address: 01: AA: FB: 23:21:45 MAC (1 host up) scanned in 4.22 seconds Nmap done: 1 IP address

Answer 1

Answer 1A
************

D. Remote SSH connections will automatically default to the standard SSH port.

Answer 1B
***********
A) rpcbind
B) netbios-ssn

Answer 1C
**********
nmap -sV 192.168.1.13 -p1417

if you have any doubt then please ask me without any hesitation in the comment section below , if you like my answer then please thumbs up for the answer , before giving thumbs down please discuss the question it may possible that we may understand the question different way and we can edit and change the answers if you argue, thanks :)