1. ITIS 3110 LAB 09 Network Audit

2. System Audit Scenario You’ve been hired into a new Network Admin position What is the networks status What is on the system What ports are open What vulnerabilities are there? Is it secure? Your job is to investigate the system and document it You are only starting with the user id and password You have Kali Linux on your Pi to help you analyze the system

3. System Audit Procedure Download the bee-box VM Create a Kali Linux on an 8GB or larger SD card Install ettercap (if needed) You may take a copy of the VM with you to do analysis later On your VMPlayer At a different time in the lab Note: There is the compressed file (.7z) and the expanded directory with the files Your choice Download the smaller.7z file and expand Quicker download Some time to expand Download the larger directory and wait Long download No expanding

4. Notes: This is an extensively updated lab Has a new “victim” VM: bee-box Uses Kali Linux on the Pi instead of backtrack on a VM Kali at lab302-web is 1 year old May download your own updated version http://docs.kali.org/kali-on-arm/install-kali-linux-arm-raspberry-pi Has links to Pi and VM images Pi and Pi 2 images (V2.0.1) A Kali VM is available if the Pi does not work If there are errors or omissions in the Lab Highlight the error on your lab sheet Turn in the lab sheet as part of the report Note in the report the problems found The Shellshock vulnerability may be fixed on the workstation this semester Document it either way

5. Upcoming Labs: Lab 10 New Lab – Wireless on the Pi Lab 11 Kerberos and LDAP Lab 12 SMTP SPF Lab 13 In-lab project time Lab 14 Project presentations

6. GET STARTED