{"id":234,"date":"2026-05-03T10:39:47","date_gmt":"2026-05-03T10:39:47","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/?page_id=234"},"modified":"2026-05-04T00:31:42","modified_gmt":"2026-05-04T00:31:42","slug":"sword-vs-shield","status":"publish","type":"page","link":"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/sword-vs-shield\/","title":{"rendered":"Sword vs. Shield"},"content":{"rendered":"\n<h1 class=\"wp-block-heading\">TASK A:<\/h1>\n\n\n\n<ol>\n<li>Use Nmap to profile the basic information about the subnet topology (including open ports information, operation systems, etc.) You need to get the service and backend software information associated with each opening port in each VM.<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"895\" height=\"923\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.1.png\" alt=\"\" class=\"wp-image-278\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.1.png 895w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.1-291x300.png 291w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.1-768x792.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.1-833x859.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.1-186x192.png 186w\" sizes=\"(max-width: 895px) 100vw, 895px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"683\" height=\"203\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.2.png\" alt=\"\" class=\"wp-image-279\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.2.png 683w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.2-300x89.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.2-192x57.png 192w\" sizes=\"(max-width: 683px) 100vw, 683px\" \/><\/figure>\n\n\n\n<p>I used the command, nmap 192.168.10.0\/24 to scan the subnet topology, which showed me the open ports of the available VMs.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"881\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.3-1024x881.png\" alt=\"\" class=\"wp-image-280\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.3-1024x881.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.3-300x258.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.3-768x661.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.3-833x717.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.3-192x165.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.3.png 1081w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>I used the commands, nmap -sP 192.168.10.18, nmap 192.168.10.19, and nmap 192.168.10.13 to discover wether or not the hosts were active. All of the powered-on hosts were up.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"880\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.4-1024x880.png\" alt=\"\" class=\"wp-image-281\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.4-1024x880.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.4-300x258.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.4-768x660.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.4-833x716.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.4-192x165.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.4.png 1077w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"877\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.4p2-1024x877.png\" alt=\"\" class=\"wp-image-282\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.4p2-1024x877.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.4p2-300x257.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.4p2-768x658.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.4p2-833x714.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.4p2-192x164.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.4p2.png 1081w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>I used the command, nmap -sV 192.168.10.0\/24 to scan the version\/port information behind each VM in the LAN.\u00a0<br><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"830\" height=\"927\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix1_.png\" alt=\"\" class=\"wp-image-283\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix1_.png 830w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix1_-269x300.png 269w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix1_-768x858.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix1_-172x192.png 172w\" sizes=\"(max-width: 830px) 100vw, 830px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"833\" height=\"927\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix2_.png\" alt=\"\" class=\"wp-image-284\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix2_.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix2_-270x300.png 270w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix2_-768x855.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix2_-173x192.png 173w\" sizes=\"(max-width: 833px) 100vw, 833px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"830\" height=\"927\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix3_.png\" alt=\"\" class=\"wp-image-285\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix3_.png 830w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix3_-269x300.png 269w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix3_-768x858.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix3_-172x192.png 172w\" sizes=\"(max-width: 830px) 100vw, 830px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"827\" height=\"928\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix4_.png\" alt=\"\" class=\"wp-image-286\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix4_.png 827w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix4_-267x300.png 267w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix4_-768x862.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.fix4_-171x192.png 171w\" sizes=\"(max-width: 827px) 100vw, 827px\" \/><\/figure>\n\n\n\n<p>I used the command, nmap -O 192.168.10.0\/24 to scan the OS information behind each VM in the LAN.&nbsp;<\/p>\n\n\n\n<ol start=\"2\">\n<li>Run Wireshark in Internal Kali VM while External Kali is scanning the network. Discuss the traffic pattern you observed. What do you find?&nbsp;<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"818\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3afterspping-1024x818.png\" alt=\"\" class=\"wp-image-287\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3afterspping-1024x818.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3afterspping-300x240.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3afterspping-768x614.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3afterspping-833x666.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3afterspping-192x153.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3afterspping.png 1165w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>This image displays the Wireshark capture after running the nmap -sP command in External Kali. I utilized the display filter, ip.src == 192.168.217.3 to only display the traffic originating from the External Kali VM.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"816\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3aftersvping-1024x816.png\" alt=\"\" class=\"wp-image-288\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3aftersvping-1024x816.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3aftersvping-300x239.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3aftersvping-768x612.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3aftersvping-833x664.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3aftersvping-192x153.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3aftersvping.png 1163w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>This image displays the Wireshark capture after running the nmap -sV command in External Kali.&nbsp; I utilized the display filter, ip.src == 192.168.217.3 to only display the traffic originating from the External Kali VM.&nbsp;<\/p>\n\n\n\n<p>Analysis: After initiating the nmap -sP command, only six packets were sniffed in total, with three packets being missing from the analysis. The Ubuntu VM and Windows Server 2022 VM both received ping messages from the External Kali machine as demonstrated in the image, but the Internal Kali VM\u2019s packets are missing from the capture. Very minimal traffic was produced following the initial command when compared to the nmap -sV command which produced 3193 packets in total. This could be due to the fact that this command provides a more in-depth summary of each of the VMs, while the nmap -sP command only displays the host\u2019s availability. A regular ping command on any of the VMs would have produced hundreds of packets if left running, due to this we can conclude that the -sP command produces minimal traffic to be discrete and efficient. My display filter also minimized the amount of traffic being captured which greatly improved the readability of the data, and had I not utilized it, outside protocols and unrelated information would have been present within the capture. After applying firewall rules in subsequent steps, much of the traffic from the External Kali VM was limited, with most of the packets being dropped unless specified otherwise by the rules.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">TASK B:&nbsp;<\/h2>\n\n\n\n<ol>\n<li>Configure the pfSense firewall rule to block the ICMP traffic from External Kali to Ubuntu VM.&nbsp;<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>Rule #<\/td><td>Interface:<\/td><td>Action:<\/td><td>Source IP:<\/td><td>Destination IP:<\/td><td>Protocol (Port # is applicable):&nbsp;<\/td><\/tr><tr><td>1 (B1)<\/td><td>WAN<\/td><td>Block<\/td><td>192.168.217.3<\/td><td>192.168.10.18<\/td><td>ICMP&nbsp;<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"455\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.5.1-1024x455.png\" alt=\"\" class=\"wp-image-289\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.5.1-1024x455.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.5.1-300x133.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.5.1-768x341.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.5.1-833x370.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.5.1-192x85.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.5.1.png 1275w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Firewall Rules updated for B1.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"877\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.5.2-1024x877.png\" alt=\"\" class=\"wp-image-290\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.5.2-1024x877.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.5.2-300x257.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.5.2-768x658.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.5.2-833x714.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.5.2-192x164.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.5.2.png 1081w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>On the External Kali VM, I attempted to ping the Ubuntu VM, but every ICMP packet was lost\/blocked in transmission.&nbsp;<\/p>\n\n\n\n<ol start=\"2\">\n<li>Clear the previous firewall policies and configure the pfSense firewall to block all ICMP traffic from External Kali to the LAN side.<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>Rule #:<\/td><td>Interface:&nbsp;<\/td><td>Action:&nbsp;<\/td><td>Source IP:<\/td><td>Destination IP:&nbsp;<\/td><td>Protocol (Port # if applicable):&nbsp;<\/td><\/tr><tr><td>2 (B2)<\/td><td>WAN<\/td><td>Block<\/td><td>192.168.217.3<\/td><td>Any (*)<\/td><td>ICMP<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"450\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.6.1-1024x450.png\" alt=\"\" class=\"wp-image-291\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.6.1-1024x450.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.6.1-300x132.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.6.1-768x337.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.6.1-833x366.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.6.1-192x84.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.6.1.png 1257w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Firewall Rules updated for B2.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"879\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.6.2-1024x879.png\" alt=\"\" class=\"wp-image-292\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.6.2-1024x879.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.6.2-300x258.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.6.2-768x659.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.6.2-833x715.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.6.2-192x165.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.6.2.png 1080w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>On the External Kali VM, I attempted to ping the three available LAN VMs, but due to the new Firewall policy, all of the ICMP traffic was lost\/blocked.&nbsp;<\/p>\n\n\n\n<ol start=\"3\">\n<li>Clear the previous firewall policies and configure the pfSense firewall to block ALL traffic from External Kali to the LAN side, except for the FTP protocol towards Ubuntu.<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>Rule #:<\/td><td>Interface:<\/td><td>Action:<\/td><td>Source IP:<\/td><td>Destination IP:<\/td><td>Protocol (Port # if applicable):<\/td><\/tr><tr><td>3 (B3)<\/td><td>WAN<\/td><td>Block<\/td><td>192.168.217.3<\/td><td>Any (*)\/Invert Match for 192.168.10.18<\/td><td>All (all protocols)<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>Rule #:<\/td><td>Interface:<\/td><td>Action:<\/td><td>Source IP:<\/td><td>Destination IP:<\/td><td>Protocol (Port # if applicable):<\/td><\/tr><tr><td>4 (B3)<\/td><td>WAN<\/td><td>Block<\/td><td>192.168.217.3<\/td><td>Any (*)\/Invert Match for 192.168.10.18<\/td><td>TCP\/FTP\/21<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"729\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.9fix-1024x729.png\" alt=\"\" class=\"wp-image-293\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.9fix-1024x729.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.9fix-300x214.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.9fix-768x547.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.9fix-833x593.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.9fix-192x137.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.9fix.png 1293w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Firewall Rules updated for B3, I utilized two rules to satisfy the requirements.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"918\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.7.3-1024x918.png\" alt=\"\" class=\"wp-image-294\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.7.3-1024x918.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.7.3-300x269.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.7.3-768x689.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.7.3-833x747.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.7.3-192x172.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.7.3.png 1028w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>I attempted to ping two of the available LAN VMs, but all the ICMP traffic was blocked\/lost.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"918\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.7.4-1024x918.png\" alt=\"\" class=\"wp-image-295\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.7.4-1024x918.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.7.4-300x269.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.7.4-768x688.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.7.4-833x747.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.7.4-192x172.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.7.4.png 1033w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>I used the command, ftp 192.168.10.18, to access the file server on Ubuntu. Due to my Firewall rules, I was successfully able to login to the server.&nbsp;<\/p>\n\n\n\n<ol start=\"4\">\n<li>Keep the firewall policies you created in Task B.3 and repeat Task A.1. What\u2019s the difference?<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"924\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.1-1024x924.png\" alt=\"\" class=\"wp-image-296\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.1-1024x924.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.1-300x271.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.1-768x693.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.1-833x751.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.1-192x173.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.1.png 1032w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>After executing the nmap 192.168.10.0\/24 command, my results this time were different. Only one VM(Ubuntu) was reported as up with only two ports active, FTP and SSH. I also performed the nmap -sP command on the Ubuntu VM and the Windows Server 2022 VM. The Windows Server 2022 VM was reported as down.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"921\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.2-1024x921.png\" alt=\"\" class=\"wp-image-297\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.2-1024x921.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.2-300x270.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.2-768x691.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.2-833x749.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.2-192x173.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.2.png 1032w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>I performed the nmap -sP command on the Internal Kali machine and the host was determined be to down. I performed the nmap -sV 192.168.10.0\/24 command and only received information for one VM, the Ubuntu VM.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"997\" height=\"333\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.3.png\" alt=\"\" class=\"wp-image-298\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.3.png 997w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.3-300x100.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.3-768x257.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.3-833x278.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3.8.3-192x64.png 192w\" sizes=\"(max-width: 997px) 100vw, 997px\" \/><\/figure>\n\n\n\n<p>I performed the nmap -sV 192.168.10.19 command on the Windows Server 2022 VM and the host was determined to be down.&nbsp;<\/p>\n\n\n\n<p>Extra Credit:&nbsp;<\/p>\n\n\n\n<p>Use NESSUS to enumerate the security vulnerabilities of Microsoft Windows Server 2022 VM in the CCIA network:\u00a0<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"686\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit-1024x686.png\" alt=\"\" class=\"wp-image-299\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit-1024x686.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit-300x201.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit-768x515.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit-833x558.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit-192x129.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit.png 1385w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>I began a Nessus scan on the Internal Kali VM, utilizing the CVE scanner. Since the scan&#8217;s target was the Windows Server 2022 VM, I entered 192.168.10.19 as the target IP.&nbsp;<\/p>\n\n\n\n<p>Results:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"624\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit2-1024x624.png\" alt=\"\" class=\"wp-image-300\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit2-1024x624.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit2-300x183.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit2-768x468.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit2-833x508.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit2-192x117.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit2.png 1517w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"625\" src=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit3-1024x625.png\" alt=\"\" class=\"wp-image-301\" srcset=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit3-1024x625.png 1024w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit3-300x183.png 300w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit3-768x469.png 768w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit3-833x509.png 833w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit3-192x117.png 192w, https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-content\/uploads\/sites\/41176\/2026\/05\/lab3extracredit3.png 1518w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>There were two vulnerabilities found via the scan, neither of which was of high priority.&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>TASK A: I used the command, nmap 192.168.10.0\/24 to scan the subnet topology, which showed me the open ports of the available VMs.&nbsp; I used the commands, nmap -sP 192.168.10.18, nmap 192.168.10.19, and nmap 192.168.10.13 to discover wether or not the hosts were active. All of the powered-on hosts were up.&nbsp; I used the command, &hellip; <a href=\"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/sword-vs-shield\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Sword vs. Shield<\/span><\/a><\/p>\n","protected":false},"author":24635,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-json\/wp\/v2\/pages\/234"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-json\/wp\/v2\/users\/24635"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-json\/wp\/v2\/comments?post=234"}],"version-history":[{"count":3,"href":"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-json\/wp\/v2\/pages\/234\/revisions"}],"predecessor-version":[{"id":302,"href":"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-json\/wp\/v2\/pages\/234\/revisions\/302"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/jasprit-kaur-2-ids493spring2026\/wp-json\/wp\/v2\/media?parent=234"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}