How to work on project 2: 1. Log on to www.emulab.net using your browser 2. Click on Project List on the left vertical bar 3. Click on Project CIS662 4. On top of the page you should see list of experiments - currently only one called 'project2' a) if it is active you need not do anything further on this page b) if it is swapped out, click on the 'project2' name and then click on 'Swap experiment in' - if there are enough machines free (12) it will start swapping in and you will receive E-mail notification in several minutes - if there are less than 12 machines free you cannot work at the moment. You will have to wait and try to swap in later, usually couple of minutes are enough to wait until someone frees machines 5) Choose one of the machines named: internalA internalB internalC ... internalL 6) Log on to chosen machine by typing: ssh yourusername@chosenmachine.project2.CIS662.emulab.net 7) ONLY if you just have swapped the experiment in, run /proj/CIS662/project2-start Otherwise skip this step. If SSH asks you to grant access to a machine or to store host key accept this. 8) Now you can start working a) Folder /proj/CIS662/project2 contains several tools that you will use. First look at the web pages specified in project outline to get familiar with those tools. b) To run nmap type /proj/CIS662/project2/nmap/nmap-3.48/nmap followed by options. Make sure you know which options you want to specify! c) To run sara type /proj/CIS662/project2/sara/sara-4.2.6/sara followed by options. Make sure you know which options you want to specify! Find out from the links I provided with the project outline where to look for sara's results and how this can option can be changed. Specify a directory in your user folder (/users/yourusername) as result folder. Folder /proj/CIS662/project2/sara/sara-4.2.6/html/tutorials/vulnerability contains descriptions of some vulnerabilities sara discovers. Those descriptions may help you with the project. 9) Remember to scan only in 192.168.*.* range 10) If some command needs root access put 'sudo' in front of it 11) It may take several minutes to run some tools, depending on the options you have specified. If you are impatient, you can run tcpdump -n -i any host targethost_you_are_scanning to see packet flow of scans 12) Remember to save all files in your user folder /users/yourusername 13) When finished log out but don't swap out the experiment 14) If you crash some service accidentaly let me know so I can restart it 15) Let me know if you have any problems or questions