Guardian of Digital Secrets

Introduction

In a realm far beyond the modern digital world, nestled within the heart of ancient Eastern lands, lies a temple of unprecedented historical significance. This temple, shrouded in mystery and tales of old, is protected by an ageless guardian. Known only as The Keeper, this guardian's duty extends beyond mere physical protection; they are the custodian of ancient knowledge and secrets. Their latest challenge, however, transcends the physical realm. In an era where threats no longer only wield swords but digital prowess, The Keeper must evolve, learning the arts of digital defense to safeguard the temple's secrets against cyber invaders.

With the temple as the backdrop, your mission, as an apprentice to The Keeper, is to master the arcane art of Nmap OS and Version Detection. Through this skill, you will learn to identify the operating systems and versions of devices that connect to the temple’s network, allowing you to detect potential threats and secure the temple's digital fortress.

Skills Graph

Setting Up Your Environment

In this step, we will establish our local environment to simulate scanning a target server, representing a digital intruder. This will serve as the foundation upon which you will hone your skills in using Nmap for OS and Version Detection.

First, open a terminal and make sure you are working in the correct directory:

cd /home/labex/project

Next, we'll simulate a server on your local network.

Setup a simple server on port 4444 using the netcat utility. This server will listen for incoming connections on port 4444. Run the following command:

sudo sh -c 'echo "nameserver 8.8.8.8" > /etc/resolv.conf'
nc -lvp 4444 -k

-k flag allows netcat to continue listening for incoming connections after the first connection is closed. This is useful for simulating a persistent service.

Leave this terminal open, as it will act as the target server for our Nmap scans.

Basic OS and Version Detection

In this step, we will use Nmap to perform OS and version detection on a target server. This will help you understand the importance of identifying the operating system and software versions running on a target system.

Now, with the server running, we're ready to perform our first scan using Nmap. Open a new terminal window and navigate to your project directory:

cd /home/labex/project

This command will attempt to determine the operating system of the host running on localhost port 4444:

sudo nmap -O localhost -p 4444 > /home/labex/project/nmap_os_detection.txt

The -O option tells Nmap to try and identify the operating system of the target.

Check the nmap_os_detection.txt file to view the results of the scan.

cat /home/labex/project/nmap_os_detection.txt

This file will contain information about the operating system and version detected by Nmap.

Starting Nmap 7.80 ( https://nmap.org ) at 2024-07-02 15:08 CST
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000024s latency).
Other addresses for localhost (not scanned): ::1

PORT     STATE SERVICE
4444/tcp open  krb524
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running: Linux 2.6.X
OS CPE: cpe:/o:linux:linux_kernel:2.6.32
OS details: Linux 2.6.32
Network Distance: 0 hops

OS detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 1.57 seconds

Summary

In this lab, you learned how to use Nmap to perform OS and version detection on a target server. This is an essential skill for cybersecurity professionals, as it helps identify the operating system and software versions running on a target system.