MIT 5214 : Information system intrusion,Detection and Counter measure

ASSIGNMENT 1

Muhizi Guy Stephane

MSCCS/2023/42068

(Disclaimer: The assignment was done using a Linux OS, the screenshot couldn’t be taken and there is no GUI, it’s
only inputs and results from NMAP terminal)

Using NMAP answer the questions below. In your answers enter the command used and a screenshot of
your results.

1. Using the Ns lookup command find the IP addresses of the following and identify the owners (2
Marks)
a) https://www.mku.ac.ke/
b) http://eai.ac.ke/

Answer:

>
┌──(*****㉿*****)-[~]
└─$ nslookup www.mku.ac.ke
Server: 192.168.0.1
Address: 192.168.0.1#53

Non-authoritative answer:
www.mku.ac.ke canonical name = mku.ac.ke.
Name: mku.ac.ke
Address: 192.124.249.120

┌──(*****㉿*****)-[~]
└─$ nslookup eai.ac.ke
Server: 192.168.0.1
Address: 192.168.0.1#53

Non-authoritative answer:
Name: eai.ac.ke
Address: 78.142.63.63

2. Scan the open ports in http://scanme.nmap.org/

Answer:

> ┌──(***** ㉿ *****)-[~]

└─$ sudo nmap scanme.nmap.org
[sudo] password for ****:
Starting Nmap 7.93 ( https://nmap.org ) at 2023-03-08 06:10 EST
Nmap scan report for scanme.nmap.org (45.33.32.156)
Host is up (0.29s latency).
Other addresses for scanme.nmap.org (not scanned):
2600:3c01::f03c:91ff:fe18:bb2f
Not shown: 995 closed tcp ports (reset)
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
646/tcp filtered ldp
9929/tcp open nping-echo
31337/tcp open Elite

Nmap done: 1 IP address (1 host up) scanned in 3.59 seconds

┌──(*****㉿*****)-[~]
└─$

3. Scan your subnet and identify the ports that are open.

Answer:
>┌──(***** ㉿ *****)-[~]
└─$ sudo nmap 192.168.0.1
Starting Nmap 7.93 ( https://nmap.org ) at 2023-03-08 06:13 EST
Nmap scan report for 192.168.0.1
Host is up (0.013s latency).
Not shown: 997 closed tcp ports (reset)
PORT STATE SERVICE
53/tcp open domain
80/tcp open http
443/tcp open https
MAC Address: 2C:4D:DE:A2:AE:2B (Tecno Mobile Limited)

Nmap done: 1 IP address (1 host up) scanned in 0.51 seconds

┌──(*****㉿*****)-[~]
└─$