task111

Scan Report — Task 1

Author: Deepika GL
Date: 2025-09-22
Scope: VM test networks 192.168.86.0/24, 192.168.174.0/24 and local host 127.0.0.1 (only hosts owned by me)

Methodology

1. Host discovery using Nmap -sn to find live hosts.
2. Top-1000 TCP ports scan with -sS (when Npcap + Admin) or -sT.
3. Targeted service/version detection (-sV) on interesting hosts.
4. Optional: UDP scan for common UDP services and Wireshark packet capture for evidence.

Commands run (representative)

• nmap -sn 192.168.86.0/24 -oN scans/discovery-vmnet8.txt
• nmap -sS --top-ports 1000 -T4 -v -oN scans/top1000-vmnet8.txt 192.168.86.0/24
• nmap -sV -p 22,80,443 192.168.86.10 -oN scans/svc-192.168.86.10.txt
• nmap -sU --top-ports 200 -T3 -v -oN scans/udp-vmnet8.txt 192.168.86.0/24

Findings (example table)

| IP | Hostname | Ports (open) | Services | Risk Level | Recommendation | |—-|———-|————–|———-|————|—————-| |192.168.86.10|vm-web|22,80|ssh, http|Medium|Use key-based SSH; update web server; enable firewall| |192.168.86.15|vm-file|445|smb|High|Disable SMB if unused; restrict to admin VLAN; patch OS| |127.0.0.1||22,631|ssh, ipp|Low|Ensure SSH keys; disable unnecessary services|

(Populate this table from your actual scans/*.txt outputs.)

Risk assessment & recommendations

• Close unused services and stop listening daemons.
• Apply vendor patches and updates.
• Use host firewalls and restrict management ports to trusted subnets only.
• Use key-based authentication for SSH; disable password auth.
• Disable SMB or restrict to necessary hosts only.

Raw outputs

See /scans directory for full Nmap outputs (text and XML). See /pcaps for packet captures.

Conclusion

This assessment was performed on VM-hosted test networks and local host only to avoid scanning production/corporate networks. Next steps: patch high-risk services and re-scan to confirm.

Task 1 — Local Network Port Scan

Author: Deepika GL
Date: 2025-09-22

Objective

Discover open ports on devices in my local network and assess exposure. Only hosts I own or have permission to scan were targeted.

Scope

• Primary network observed on system: 10.40.6.102/21 → network 10.40.0.0/21 (DO NOT scan without permission).
• Safe/test networks used (VMs): 192.168.174.0/24 (VMnet1), 192.168.86.0/24 (VMnet8).
• Local host: 127.0.0.1 and 10.40.6.102 (only scan if you own the host).

Tools

• Nmap (version: fill-your-version)
• Wireshark / tshark (optional)
• Windows PowerShell (Administrator)

Commands executed (examples)

Discovery (ping-sweep, host discovery)

nmap -sn 192.168.86.0/24 -oN scans/discovery-vmnet8.txt

Top 1000 TCP ports (SYN scan if Npcap + Admin; otherwise -sT)

nmap -sS –top-ports 1000 -T4 -v -oN scans/top1000-vmnet8.txt 192.168.86.0/24 nmap -sT –top-ports 1000 -T4 -v -oN scans/top1000-vmnet8-connect.txt 192.168.86.0/24

All TCP ports on a single host (slow)

nmap -sS -p- -T3 -v -oN scans/allports-192.168.86.10.txt 192.168.86.10

Service / version detection on a single host

nmap -sV -p 22,80,443 192.168.86.10 -oN scans/svc-192.168.86.10.txt

UDP top ports (slow)

nmap -sU –top-ports 200 -T3 -v -oN scans/udp-vmnet8.txt 192.168.86.0/24

Save XML as well

nmap -sS –top-ports 1000 -oN scans/result.txt -oX scans/result.xml 192.168.86.0/24

Files included

• scans/ — nmap outputs (txt, xml)
• pcaps/ — optional Wireshark captures
• screenshots/ — Wireshark / terminal screenshots
• report.md — analysis + remediation

Notes & Legal

• Do not scan networks you don’t own or have explicit permission to scan (e.g., corporate or university networks).
• For this task I used VM networks and local host scans to avoid unauthorized scans.