- Applied Network Security
- Arthur Salmon Warun Levesque Michael McLafferty
- 299字
- 2021-07-02 23:30:59
Lab 2
Another tool used for network scanning is Sparta. The following lab demonstrates how this tool works. For this lab, we are using Kali Linux running in VMware.
Sparta is built into Kali 2.0, but if you don't have it, you can get it from the Kali repository by typing kali > apt-get install Sparta:
- To get started, open a terminal window and type sparta. The following screenshot demonstrates the first screen you will see:

- When you click on it, a GUI resembling the following will open:

- Once Sparta has started, we need to add some hosts. If we click on the space that says Click here to add host(s) to scope, it opens a window where we can add IP addresses or the range of IP addresses we want to scan. We are also able to use CIDR notation to indicate an entire subnet, such as 192.168.181.0/24:
- After adding our IP host range in the window, click Add to scope. Sparta will start scanning your hosts now:

The following are the results for Sparta. My subnet had only two machines on it. As you can see, Sparta identified those two IP addresses and provided OS fingerprinting, identifying one as Linux and one as Windows. When I highlight the Windows system IP, it provides details of all the ports it found open and the services running:

If we go the Information tab, we can get more detailed information on the particular highlighted system. Note that we get more specific information on the operating system of the target at the bottom of this screen:

Interestingly, Sparta also runs a nikto scan on the system if it finds port 80 open. We can click on the nikto tab to see the results of the nikto web app vulnerability scan:

- Web漏洞分析與防范實戰(zhàn):卷1
- 科技安全:戰(zhàn)略實踐與展望
- 計算機網(wǎng)絡安全技術(shù)(第6版·慕課版)
- 網(wǎng)絡安全保障能力研究
- .NET安全攻防指南(上冊)
- Kali Linux Network Scanning Cookbook(Second Edition)
- 網(wǎng)絡安全技術(shù)與實訓(第4版)(微課版)
- 云原生安全與DevOps保障
- 學電腦安全與病毒防范
- 網(wǎng)絡關(guān)鍵設備安全檢測實施指南
- CTF特訓營:技術(shù)詳解、解題方法與競賽技巧
- Kali Linux高級滲透測試(原書第4版)
- 網(wǎng)絡空間安全:拒絕服務攻擊檢測與防御
- 白話零信任
- 物聯(lián)網(wǎng)信息安全技術(shù)