Problem
Prior to beginning work on this learning activity, review Lab: Evaluating Web Server Vulnerabilities.
Each lab has a similar format, which includes introductory materials, step-by-step instructions for lab completion, and instructions for turning in the required deliverables or challenge activities. Within the lab environment, you will always have access to the Common Lab Tasks file to remind you how to complete these elements.
Once you have completed the labs, you will then submit the lab report to Waypoint for grading. If you use the Internet in some of your research, as outlined by UAGC to provide correct in-text citations and reference entries. For help in how to take a screenshot, go to take-a-screenshot. orgLinks to an external site.
Upon completion of this lab, you are required to provide the following deliverables to your instructor:
I. Section I:
i. Lab report file including screen captures of the following:
a. The IP address in your lab session.
ii. Files downloaded from the virtual environment:
a. yourname_S1 _HTTPHeaders.
iii. Any additional information as directed by the lab:
a. Describe how TCP dump can identify vulnerabilities in web traffic.
b. Describe how Skipfish can identify vulnerabilities in web traffic.
c. Summarize the type of information identified by the Live HTTP Headers add-on.
d. Describe how the Live HTTP Headers add-on can identify vulnerabilities in web traffic.
e. Describe the business threats posed by the following situations and explain what its effect may be if a web application is compromised.
iv. Lab Assessment Worksheet Download Lab Assessment Worksheet-contact your instructor for guidance, if needed.
II. Section II:
i. Files downloaded from the virtual environment:
a. your name
ii. Any additional information as directed by the lab:
a. Describe the business threats posed by the situations presented and explain what their effect may be if a web application is compromised.
III. Section III:
i. Analysis and Discussion
ii. Tools and Commands
iii. Challenge Exercise.