Free Preparation Discussions
MENU
Eccouncil 212-82 Exam - Topic 14 Question 45 Discussion
Topic #: 14
An IoT device that has been placed in a hospital for safety measures, it has sent an alert command to the server. The network traffic has been captured and stored in the Documents folder of the Attacker Machine-1. Analyze the loTdeviceTraffic.pcapng file and select the appropriate command that was sent by the IoT device over the network.
TCP Timestamps is the vulnerability with a severity score of 8.0. This can be verified by performing a vulnerability assessment of the web server located at IP address 20.20.10.26 using the OpenVAS vulnerability scanner, available with the Parrot Security machine, with credentials admin/password. To perform the vulnerability assessment, one can follow these steps:
Launch the Parrot Security machine and open a terminal.
Enter the command sudo openvas-start to start the OpenVAS service and wait for a few minutes until it is ready.
Open a web browser and navigate to https://127.0.0.1:9392 to access the OpenVAS web interface.
Enter the credentials admin/password to log in to OpenVAS.
Click on Scans -> Tasks from the left menu and then click on the blue icon with a star to create a new task.
Enter a name and a comment for the task, such as ''Web Server Scan''.
Select ''Full and fast'' as the scan config from the drop-down menu.
Click on the icon with a star next to Target to create a new target.
Enter a name and a comment for the target, such as ''Web Server''.
Enter 20.20.10.26 as the host in the text box and click on Save.
Select ''Web Server'' as the target from the drop-down menu and click on Save.
Click on the green icon with a play button next to the task name to start the scan and wait for it to finish.
Click on the task name to view the scan report and click on Results from the left menu to see the list of vulnerabilities found.
Sort the list by Severity in descending order and look for the vulnerability with a severity score of 8.0. The screenshot below shows an example of performing these steps: The vulnerability with a severity score of 8.0 is TCP Timestamps, which is an option in TCP packets that can be used to measure round-trip time and improve performance, but it can also reveal information about the system's uptime, clock skew, or TCP sequence numbers, which can be used by attackers to launch various attacks, such as idle scanning, OS fingerprinting, or TCP hijacking1. The vulnerability report provides more details about this vulnerability, such as its description, impact, solution, references, and CVSS score2. Reference: Screenshot of OpenVAS showing TCP Timestamps vulnerability, TCP Timestamps Vulnerability, Vulnerability Report
Marge
3 months agoKattie
3 months agoArt
3 months agoVanna
4 months agoHaydee
4 months agoAdelina
4 months agoLilli
4 months agoColeen
4 months agoYoko
5 months agoLura
5 months agoTora
5 months agoBrock
5 months agoArlene
5 months agoBonita
10 months agoGeorgiana
8 months agoElizabeth
8 months agoTiara
8 months agoGregoria
8 months agoColette
8 months agoCeleste
8 months agoCorazon
9 months agoAlpha
10 months agoWilliam
8 months agoArletta
9 months agoRenay
10 months agoArlie
10 months agoWilliam
10 months agoChantell
10 months agoLaurel
10 months agoWei
10 months agoDaniel
10 months agoAlesia
11 months agoMaddie
11 months agoDonette
11 months ago