Hi, I’m struggling with Task 6
" 1. Alright, investigate one more host – the one you identified as being behind a firewall in step 2.
Three of the following ports are open, can you determine which? 80, 445 2600, 53, 23, 3389. You may run a SYN or TCP connect scan. You will have to slow your scan down to avoid the packet. (Hint: you may have to slow down your scans)"
I’m finding 6 -not 3- ports, and all of them are filtered
Good day! Hope you are doing well. Maybe you should tried a config that doesn’t do a complete hand shake. Discard -Pn and look other option. The other config are ok
You are looking at the wrong host; otherwise, you have the right idea.
In the second step (run a SYN scan on the hosts you identified in step 1) you will have found one host with most of its ports reporting as filtered (hmm… maybe behind a firewall?). This is the host you’ll want to target in step 6.
You’re right, I was looking at the wrong host. I assumed the most lilkely to be behind the firewall would be the one with all the ports filtered. Apparently I wasn’t getting it at all xD
And re: “I assumed the most lilkely to be behind the firewall would be the one with all the ports filtered,”
That would be a reasonable assumption as long as you know that host exists to begin with. For example, I can confirm no host exists at 172.16.0.33, but if I perform a port scan on it, I’ll see that all ports are supposedly filtered. This means there is likely a firewall, but not necessarily a host at that IP.
However, if we see all ports are filtered except for one or more, then we can confirm something lives at that IP.
To this end, I’m curious about how you discovered the 172.16.0.54 address. I’ll also confirm that nothing lives there, so it shouldn’t have shown up in your ping scan (step 1) that you perform to gather the initial set of hosts for further analysis. If you found some indication that something does live there, please DM me with a screenshot, because that would be confusing, and indicate some lab edits are required!