assignment
Microsoft Word - Search and Destroy.docx Search and Destroy! (...Well, that may be a little aggressive. Scan and Report, at any rate.) Mission: You work for a small web design firm in Indianapolis and strange things have been occurring on your coworker’s computers. They’ve been seeing strange messages, extra files here and there, missing files, etc. Though they’re top-notch designers, their technical background isn’t quite so strong. That’s where you come in. Your boss has asked you to figure out what’s going on and they have no idea where you should start. You’ve recently looked at the network hardware in the comms closet, but everything seems to be in order, though you suspect that the firewall isn’t as locked down as you think it should be. You think it might be best to start hitting all the computers over the network to not only take inventory of what machines are being assigned addresses, but to also see where there might be security holes. To accomplish this task, you will create a Python 3 application with the following criteria: 1) Accept input as IP address and port variables in the primary run script that calls: 2) a secondary script that creates a PortScanner object from the namp.PortScanner class. [python-nmap module] 3) That PortScanner object should then be passed to the primary script which then passes that object to a 4) data transformer module that processes that information to format it for your purposes and sends that data back to the primary script 5) Next, the primary script calls a DB controller module to insert that information into a sqlite3 database. 6) Lastly, in order to use that information, the boss will need that in a report. You’ll want to create a report builder in a separate Python module based off the information that is in the sqlite3 database, including the pertinent information inserted using the DB controller such as the time/datestamp in which the scan was executed, hostname, IP, ports, host status, port status, port service, etc. The report can be organized in any manner so that it’s logical and easy to read. Each numbered item above is worth 15 points for a total of 90 points for the project. And here’s the kicker... You’ll get a raise from the boss for going above and beyond... You can also earn extra points by doing the following: 1) Write the primary script so that it accepts AT LEAST the host(s) and port(s) as arguments to the script from the command line (so no user input prompts are involved and no hardcoded variables in the script). [hint: sys.argv is an option] 2) Write the script such that it will accept either a single host or a subnet of hosts and a single port or a range of ports to pass on to the Nmap module to create an object (i.e., any combination of hosts and ports). 3) Fully handle improper input via preferred handling methods (e.g., regex for full credit vs. character scrubbing for partial credit). [re module] 4) Instead of creating a single sqlite3 DB table with results from multiple scans, create multiple tables that refer to multiple port scans with relations back to parent table(s) that contain the “meta data” for each scan completed (a true relational database). 5) Custom error handling using class(es). 6) Last, but not least, export your report into a PDF, DOCX, ODT, or similarly formatted document, rather than a simple text, csv, or screen output. Each item from the ‘above and beyond’ list is worth 5 points each. HOWEVER, there’s the caveat … -Your scripts have to work to get qualify for extra credit. -90 is a perfect score for the project; however, you have the potential to earn up to 120 points. -Keep in mind that this is a Python3 and SQL (sqlite3) project. Python2 code will not be well received. You will have to install the Nmap utility AND the python-nmap module to execute scans, as explained in previous classes/assignments. DO NOT WAIT TO GET STARTED. YOU’VE BEEN GIVEN A DECENT AMOUNT OF TIME TO COMPLETE THE PROJECT, BUT DON’T UNDERESTIMATE ITS DIFFICULTY. IT WILL TEST YOUR PATIENCE AND DRIVE YOU UP AGAINST YOUR DEADLINE. START NOW. DO YOUR OWN WORK. ASK QUESTIONS OFTEN. LEAN ON CANVAS DISCUSSIONS FOR QUESTIONS, TIPS, AND PEER REVIEWS. -Professor Heiney