Discover LinuxSecurity Features
Member Profile: My Expedition Through nmap Lab How to get through the NMAP room in Tryhackme
Thank you to Oyelakin Timilehin Valentina for contributing this article.
Our newest member, Valentina, an up and coming cybersecurity professional in Nigeria, studying cybersecurity and showing stellar skills in learning and applying her knowledge, recently went through the Tryhackme online learning platform, and shared her experiences, as well as a few quick tips on using nmap.
Tryhackme is an online platform with courses available for beginners, intermediates and professionals in cybersecurity. There are real world labs and challenges to give you an on-the-job challenge and experience. Nmap is one of the courses in this platform and an important tool in cybersecurity that is used for port scanning.
This article explains the following;
- How, why I got into Tech and also my Tech Background
- My experience with a mentor
- How I discovered the online platform, Tryhackme
- My experience getting through the Nmap lab
Getting Into Tech
In my high school days, I wanted to be referred to as Engr. Val; although I was clueless as to what part of engineering I would like to venture into. Because I loved the name Engr., I made sure I worked towards getting into an engineering department in college where I obtained a degree in Electronics and Computer Engineering in the University of Port Harcourt, Nigeria.
I must tell you; I was still as clueless as I was in my high school days on what path to follow. Then came a seminar in my second year that structured and shaped my vision in the department and also connected me to my first mentor. I realized then and found telecommunications interesting and I started doing some research on it and took my telecommunication courses more seriously; it was indeed interesting. I got my first 6 months internship job with Nokia Solutions and Network, Nigeria in my fourth year and the experiencewas priceless, but I still wasn’t satisfied, I just kept telling myself that there is more in tech.
After graduation, I decided to do more research on areas of technology and I discovered cyber security. Wow, I bonded so much with this aspect of technology that I was so much convinced this is it. Before then, I didn’t find any programming language interesting, but discovering that knowledge of it is needed made me go into learning python programming; that I find very interesting now.
You would ask what my major drive is; I just want to make my country a safer place, I want to reduce criminal activity in my country and discovering cybersecurity became the answer to my thirst in technology. I did a lot of research and I am still doing, I discovered a lot of areas in cyber security, I took 3 certification exams which are Introduction In Cyber Security and IT Essentials, both in Cisco, HCIA(Routing and Switching). In All of These, I was still uncertain on the path to take in Cyber Security. This led to the next point on this article.
Getting a Mentor
This aspect of my life helped and guided me to where I am today; my first mentor gave me an insight in technology. My second mentor guided me into taking the Routing and Switching course with Huawei. My third mentor guided me all through my training in IT essentials with cisco. But I still needed someone in the cyber security field, I had lots of questions in my mind to clear the uncertainty in my head as to what to do to start my career in cybersecurity, there are numerous fields in cybersecurity that I discovered during my research, so I needed to know which aligns with my passion.
On Monday, December, 7 2020, I saw a post on twitter with the tag #cybermentoringmonday, I went through it and indicated that I needed a mentor; there I met one. I told him about the areas of cybersecurity that I am interested in and why I am interested in them, I also told him what I was doing at the moment to gain more knowledge in tech. He demystified the areas of cybersecurity I was interested in and told me in his words “you sound more blue team oriented” he went further to explain the blue team and also the red team, this cleared the uncertainty in my head to a large extent. He introduced me to Mosse Cyber Security institute where I did research on my own and it helped me to gain more knowledge.
Getting to Know the Amazing TryHackMe
On New Year Day, he introduced me to Tryhackme and sponsored me for a membership for 2 months with the instruction that I will update him on my progress and most likely get an extension of my membership for a year, this was my first 2021 big gift and I was excited. He said “let me know if you have questions or get stuck and I think you will learn a lot” .He is always there to answer my questions.
Getting Through the nmap Lab
You know that excitement that comes after completing a task, that excitement you get after crossing a hurdle and you get the right to say “I am proud of myself” that was me after getting through the Nmap lab.
The first learning path I started in Tryhackme was Cyber Defense, you would ask why this was my first, it was the first captivating topic, but little did I know that I need the knowledge of some fundamentals that include Nmap.
The first room in cyber defense; introductory networking, is an introduction to the basic principles of networking, it gave me the detailed and easy understanding of the OSI model and also the TCP/IP model, where I got a better understanding of the “three-way handshake”. I was also introduced to the Wireshark tool which is used to capture and analyze packets of data going across a network. This room also explained some networking tools like ping that are used to test the possibility of a connection to a remote network. Traceroute tool that is used to show all the routes your request took as it gets to you. Whois tool that lets you query who a domain name is registered to and Dig tool that lets you query any DNS servers to get information about their domain. This room was very interesting and easy and I was eager to go to the next room- network services.
In the network services room, I got to know about SMB(Server Message Block) Protocol which is used to share access to files, printers, serial ports and some other resources on a network. Also, I got the understanding of telnet, an application protocol that works with a telnet client and aids in connection and execution of commands on a remote machine that is hosting the telnet server. Finally, FTP (File Transfer Protocol) as its name implies, lets you transfer files remotely over a network. This particular room was more difficult than the previous, but I kept moving to the next room which is Network services 2 But, a good knowledge on Linux would have made this room much easier to walkthrough.
In the network services 2 room, I got to know about NFS (Network file System) that allows sharing of files/directories by a system with others over a network, I was finding it all interesting until I got to task 3, Enumerating NFS and got stuck, I couldn’t provide answers to the quiz. At this point, I had to tell my mentor, the first thing he said was that I should make sure that I am always connected to the OpenVPN Server, this helped me get through the task but I got stuck again in task 4, Exploiting NFS, at this stage I realized I needed the good understanding of NMAP. So, I diverted to the NMAP room.
You may be thinking, how did I know that I needed to divert to Nmap room, in the task 3 of network services 2, one of the topics mentioned was port scanning, which was covered but not detailed, then my first quiz for the task 3 was about scanning for open port, and this can only be answered by getting the understanding of how to scan for open port which can be learnt in the Nmap lab. Diverting to the Nmap room helped me answer the quiz.
In the NMAP room, I made sure that I was connected to the OpenVPN server, and then I deployed my machine. Nmap means network mapper and I learnt about the NMAP switches, the Scan types which are TCP connect scans (-sT) that takes into consideration the TCP three-way handshake. Here, NMAP connects to each TCP port and determines if the port is open or closed. if port is open, a TCP packet with the SYN/ACK flag is sent, if port is closed a RST (reset) flag is sent back, if a port is filtered, it is because it is protected by a firewall, in this case, when Nmap sends a TCP SYN request, it receives nothing back.
Another scan type, the SYN scans(-sS) is referred to as half-open scans or stealth scans and are used by Nmap if they are run with sudo permissions, the only difference between TCP scan and SYN scan is in the case of open port, in SYN scans, when port is open, an RST packet is received.
The next scan type, which is the UDP scan(-Su), a port is considered open|filtered when no response is sent back, but when a response is received (which is rarely possible), then the port is open, a port is closed when the target response with an ICMP ping packet message indicating that the port is unreachable.
The less commonly used TCP port scans; Null (-sN), FIN (-sF), Xmas (-sX) Scans were also taught, and the response expected is similar to that of UDP port scan.
The next task talks about the ICMP Network scanning where I was taught how to perform a ping sweep; a ping sweep is used to see IP addresses with an active host and those without. When I got to task 10, NSE (Nmap Scripting Engine) scripts, I got stuck again, I couldn’t give correct answers to the quiz, and I decided to watch videos on Nmap and noticed that Nmap is being performed on kali Linux. Also, I applied for an internship position sometime last month and lack of experience in Linux couldn’t let me get it, this made me divert to the Linux fundamentals, after completing part 1 and 2 of Linux fundamentals, I was able to successfully complete the Nmap lab.
From my experience so far, it is first about your passion, then the effort you put into gaining more knowledge and experience. If you enjoy what you do, you will thirst for more knowledge and experience.
To become a pro or an expert in something, you have to start from today, put in effort, then more effort, you just can’t stop putting in effort, and you have to be up to date, to remain relevant in the field.
Most importantly, get a mentor that will guide you and when you do, give him/her every reason to be happy and proud to be your mentor; this is through the effort you make into gaining more knowledge and showing positive results.