Team Exercise 3 Reconnaissance Exercise March 16 2005 Report Due Date March 30 2005 Before the Exercise You are to set up a collection of machines including at least 2 SSH servers at least one FTP server at least one Windows Shared folder at least one telnet server and at least one web server These services may be on the same or on different machines though the two SSH servers need to be on different machines Each machine with the exception of the web server needs two or more enabled non root accounts For each such account you will fill out an index card with the machine s IP address the account name the type s of service and the account password These index cards will be collected at 6 00 and some will be distributed to members of other teams The FTP server and the Windows Shared folder need to have files accessible for download The web server s IP address will be made public For these machines you may use any operating system and any available version of the service Exception Do not use the telnet server provided as part of IIS on Microsoft Windows 2000 machines Each machine must have an accurate NETBIOS name or hostname Each team must choose a team theme and all of their machine names must be related to that theme All machines started by the team must have accurate names not just the ones providing services described above Ensure that all banners provided by services provide accurate hostname information You must complete a Machine Information Sheet for every machine that you start You should configure your machines so that they collect enough information to allow to you complete the exercise During the Exercise Try to complete a machine information sheet for all of the other machines in the room In particular for each active machine try to determine The IP address The hosting team The OS and The types and versions of all available services During the exercise you need to complete your command summary sheets Try to cover your tracks as best as you can The use of cunning and guile are encouraged After the Exercise Based on your work you will write a final report This report should contain the results of your scans including machine information sheets for all of the active guests in the room More importantly the report try to ascertain who scanned and or probed your network and what they accomplished To answer these questions you will need to set up a good system of logging intrusion detection and even sniffing