The instructions appear to have mixed up the fileserver and the webserver. Below I have highlighted the discrepancies between the instructions and the lab output.
There’s also this section here which is a bit confusing because it says these 2 commands are equal and that we are running nmap as root, which to my knowledge we aren’t without sudo
. Even if we were, it says we can add the -sS
argument because we are root, however earlier it stated that stealth scans are the default when you have root privileges, thus -sS
is not needed.
Additionally, the previous command has the -F
argument to only scan the most common 100 ports. The latter command omits this, and according to nmap docs, the default port is the most common 1000 ports.
Finally, the top command targets the range 192.168.0.2-100 while the latter command targets 192.168.0.2 and 192.168.0.20 (specifically just the file and webserver).
I don’t know if these commands are the ones that are intended to be compared, but I don’t see any other command that matches either of them nearby, so I can only assume its these 2.

Thanks :3
I have passed this on the the instructor 
2 Likes
Hey @RegionalFelidae7797!
Short answer: You are absolutely right on all counts.
Long(er) answer:
“The instructions appear to have mixed up the fileserver and the webserver. Below I have highlighted the discrepancies between the instructions and the lab output.”
Oops - they are 100% mixed up. Fixed!
“There’s also this section here which is a bit confusing because it says these 2 commands are equal and that we are running nmap as root, which to my knowledge we aren’t without sudo. Even if we were, it says we can add the -sS argument because we are root, however earlier it stated that stealth scans are the default when you have root privileges, thus -sS is not needed.”
Absolutely right! The idea is that the commands are equivalent (if I actually got them right…) when running with root privileges (whether through sudo or via a global root user).
Maybe I thought the “since you are running with root privileges” implied the sudo – but I hope it was just an oversight, because that rationale sucks. If I’m gesturing at a functional equivalency between two different commands, those commands should be explicit.
Fixed!
“Finally, the top command targets the range 192.168.0.2-100 while the latter command targets 192.168.0.2 and 192.168.0.20 (specifically just the file and webserver). I don’t know if these commands are the ones that are intended to be compared, but I don’t see any other command that matches either of them nearby, so I can only assume its these 2.”
Another “oopsie” on my part. Fixed!
Sorry about the confusion! I hope it didn’t cost you too much time. And thank you for bringing this to our attention!
Happy hacking 
2 Likes
Woo!
Only real ‘time loss’ was in making this post which honestly I had a good bit of fun with, and its good audit practice!
Thanks!
2 Likes
You’ll be a GREAT auditor. Just protect those all-seeing eyes. There is plenty of oversight in this industry that can be solved by just paying a little bit more attention. If we can bring enough hawk-eyed folks like you into it, we may have a pretty bright future.
Just, don’t see too much. We like our job security 
Rooting for you!
-Raggetd
1 Like