Scribd
Upload
37 views5 pages

VICBHE Module 10 Practical 6nuu2

The Nmap scan report identifies a Windows 10 system with four open ports, revealing significant vulnerabilities including those associated with EternalBlue and SMBGhost. Recommendations include closing unused ports, applying updates, enabling firewalls, and implementing network segmentation to enhance security. The report emphasizes the need for proactive measures to mitigate risks and improve the system's security posture.

Uploaded by

ahmed.rb
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
37 views5 pages

VICBHE Module 10 Practical 6nuu2

The Nmap scan report identifies a Windows 10 system with four open ports, revealing significant vulnerabilities including those associated with EternalBlue and SMBGhost. Recommendations include closing unused ports, applying updates, enabling firewalls, and implementing network segmentation to enhance security. The report emphasizes the need for proactive measures to mitigate risks and improve the system's security posture.

Uploaded by

ahmed.rb
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

VICBHE Module 10 Practical 6

Registration No: 530


Surname: AHMED
First Name: RAHMAT BOLANLE

Practical 6: Nmap scan report


Authority to ethically scan received from (Name PC 5th-june-2025
And Date)
Date: 5th - june - 2025
Target: 192.168.130.58
Scan Type: Intense scan
Nmap Command Used: nmap -T4 -A -v 192.168.130.58
Scan summary
Host Status: [Up/Down] UP
Operating System:[Detected OS] Microsoft windows 10
1809 – 21H2
Total Open Ports: [Number of Open Ports] 4

Ports & services

port protocol state service version


135 tcp open msrpc Microsoft
Windows RPC
139 tcp open Netbios-ssn Microsoft
Windows
netbios-ssn
445 tcp open Microsfot-ds
5357 tcp open http Microsoft
HTTPAPI httpd
2.0 (SSDP/UPnP)
TOPOLOGICAL MAP

Vulnerabilities & Security Findings

Detected Vulnerabilities (Common Vulnerabilities and Exposures - CVEs)

 Port 135 (Microsoft RPC)


Can be used in remote code execution attacks (like that EternalBlue thing—CVE-2017-0144).

 Port 139 (NetBIOS Session)


This one’s old school. It can leak file shares and is vulnerable to SMB relay attacks, brute
force, or man-in-the-middle attacks.

 Port 445 (Microsoft-DS / SMB)


A big one. This port has had major issues in the past—again, EternalBlue (CVE-2017-0144)
and also SMBGhost (CVE-2020-0796). These are the types used in WannaCry/ransomware
attacks.

 Port 5357 (Microsoft HTTPAPI)


This is tied to Windows services like UPnP. Version 2.0 has had problems with info leaks and
denial of service (DoS).
Firewall & Security Measures: [Detected Firewalls, IDS/IPS]

 Host-Based Firewall Configuration

 Use Windows Defender Firewall with Advanced Security to:


o Block all inbound traffic by default.
o Allow only required services on a per-rule basis.
o Set rules by IP range, port, or application for better control.

 Perimeter Firewall/Router Security

 Ensure router or perimeter firewall is:


o Blocking ports 135, 139, 445, and 5357 from public networks.
o Supporting intrusion prevention systems (IPS).
o Configured to detect and drop malformed SMB packets or brute force attempts.

 Use Application Whitelisting

 Configure AppLocker or Windows Defender Application Control to only allow approved


software to run, reducing malware risk.

 Deploy Secure DNS and DNS Filtering

 Use DNS filtering services like Quad9, Cisco Umbrella, or Cloudflare Gateway to block
known malicious domains.

Recommendations

 Close Unused Ports


Disable ports like 135, 139, and 445 if not needed via Windows Features or firewall.

 Apply Updates
Patch the system regularly, especially for vulnerabilities like EternalBlue and SMBGhost.

 Enable Firewall
Use Windows Defender Firewall to block unnecessary inbound traffic.

 Restrict File Sharing


Disable or limit file/printer sharing; enforce strong authentication.

 Strong Passwords
Enforce complex passwords and account lockout policies.
 Disable UPnP
Turn off UPnP (port 5357) in Windows Services or on the router.

 Monitor Network Traffic


Use tools like Wireshark or Snort to detect unusual activity.

 Implement Network Segmentation


 Separate critical systems from general user access using VLANs or subnets. This limits
lateral movement in the event of a compromise.
 Enable SMB Signing Enforcement
 Require SMB signing on all devices to protect against man-in-the-middle (MitM) and
relay attacks.
 Deploy Endpoint Detection and Response (EDR)
 Use solutions like Microsoft Defender for Endpoint or SentinelOne to detect threats and
suspicious activities in real-time.

 Disable Legacy Protocols

 Disable SMBv1, NetBIOS over TCP/IP, and other outdated protocols unless absolutely
necessary.

Conclusion

The Nmap scan has revealed a Windows-based system with several open ports that are often
associated with high-impact vulnerabilities such as EternalBlue (CVE-2017-0144) and
SMBGhost (CVE-2020-0796). These services — particularly those exposed on ports 135, 139,
445, and 5357 — can be exploited for remote code execution, privilege escalation, or lateral
movement if not properly secured.

The lack of a host-based or network firewall and the availability of vulnerable services indicate a
potentially exposed attack surface. The system also lacks intrusion detection or advanced
monitoring, increasing its risk profile.

However, by implementing defense-in-depth strategies — including patching, service


minimization, firewall hardening, and network monitoring — the system's resilience against both
opportunistic and targeted threats can be greatly improved.

In summary, while the system is operational and responsive, it is not secure by default.
Proactive configuration changes, combined with continuous monitoring and regular updates, are
essential to ensure long-term security and compliance.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy