1. Run netstat and tcpview to find your browser connections
2. On the Linux virtual machine connect to another website and record the connections
3. Run lsof on your linux system
4. Use netcat as a listener on the windows xp machine and have it DOSd
5. Create a limited user on XP and/or 7 and have the user escalate privileges (with exploit)
Lab Review Questions
1) In your own words, describe what you learned by completing this lab.
A:) how vulnerable our systems can be if wrong ports are left listening, how to prevent attacks from the port numbers, how to DOS a system if its ports are left listening. how to find active connection from command line and a specific software " TCPVIEW", how to escalate privileges of an account in windows xp from limited to administrative user using exploits.
2) What’s the big difference between tcpview and netstat
A:) TCPVIEW is a software which has to be downloaded where as Netstat is inbuiled function of the windows which gives us information about active connections from our computer to outer world. Tcpview gives us a little-bit more information to us than netstat it gives us PID and Process name which is currenly being used the process and clicking on it revels name of the application which is using the process, also in the bottom it gives us a brief overview of how many ports are currently listening, have established connection and how many ports have endpoints.
netstat is a command line interface so we have to remember the commands to get right type of information.
3) How can we find cpu usage on linux? Use google if you need to and test it out
A:) "TOP" command can be used to find cpu usage we can see cpu utilization under
4) How can we defend against privilege escalation?
A:) we can increase our firewall restrictions to make our system stronger.