Lab 2

Another tool used for network scanning is Sparta. The following lab demonstrates how this tool works. For this lab, we are using Kali Linux running in VMware.

Sparta is built into Kali 2.0, but if you don't have it, you can get it from the Kali repository by typing kali > apt-get install Sparta:

1. To get started, open a terminal window and type sparta. The following screenshot demonstrates the first screen you will see:

1. When you click on it, a GUI resembling the following will open:

1. Once Sparta has started, we need to add some hosts. If we click on the space that says Click here to add host(s) to scope, it opens a window where we can add IP addresses or the range of IP addresses we want to scan. We are also able to use CIDR notation to indicate an entire subnet, such as 192.168.181.0/24:

1. After adding our IP host range in the window, click Add to scope. Sparta will start scanning your hosts now:

The following are the results for Sparta. My subnet had only two machines on it. As you can see, Sparta identified those two IP addresses and provided OS fingerprinting, identifying one as Linux and one as Windows. When I highlight the Windows system IP, it provides details of all the ports it found open and the services running:

If we go the Information tab, we can get more detailed information on the particular highlighted system. Note that we get more specific information on the operating system of the target at the bottom of this screen:

Interestingly, Sparta also runs a nikto scan on the system if it finds port 80 open. We can click on the nikto tab to see the results of the nikto web app vulnerability scan: