Alright, so check it, today I’m gonna break down this little experiment I did, pitting “tank” against “shakur.” Sounds weird, right? Let me explain.
So, I was messing around with some basic vulnerability scanning stuff. Nothing too crazy, just trying to get a feel for how different tools react to the same target. “Tank” and “shakur” are just names I gave to two VMs I spun up for this little exercise. One was deliberately hardened – I called it “tank” because I wanted it to be tough. The other, “shakur,” was left pretty much default, ready to catch a bullet, so to speak.
First things first, I grabbed Nmap. Gotta see what’s even open, right? I ran a basic SYN scan on both targets. “nmap -sS tank” and “nmap -sS shakur.” Boom, instant results. “Shakur” lit up like a Christmas tree – tons of open ports, services just hanging out there. “Tank,” on the other hand, was a ghost town. Only a few essential ports open, like SSH. Already, I knew “tank” was going to be a pain to crack.
Next up, I decided to throw Nessus at them. Nessus is like the big guns when it comes to vulnerability scanning. I fired it up, set it to run a basic scan, and let it do its thing. “Shakur” was a goldmine. Nessus coughed up all sorts of juicy vulnerabilities – outdated software, missing patches, weak configurations. Basically, a hacker’s playground. “Tank,” though? Nessus struggled. It found a few low-severity issues, but nothing major. The hardening I’d done was clearly working.
I wasn’t satisfied yet. I wanted to see if I could manually exploit anything on “shakur.” I picked one of the vulnerabilities Nessus had flagged – an old version of some web server software. I Googled it, found a Metasploit module, and… bam! I had a shell on “shakur” within minutes. Felt good, not gonna lie. On “tank,” I tried the same approach, targeting the few open ports. Nada. Zilch. The hardening was solid.
Now, I know this wasn’t some super-scientific, in-depth penetration test. It was just a quick and dirty experiment to see the difference between a hardened system and a default one. And the results were pretty clear. “Tank” took a beating and barely flinched, while “shakur” went down like a cheap suit.
The takeaway? Hardening your systems matters. It makes a huge difference. Don’t just leave your servers in a default state. Take the time to lock them down, patch your software, and configure things securely. It’s a pain in the ass, I know, but it’s worth it. Trust me.
So yeah, that’s the story of “tank” versus “shakur.” A simple experiment, but a good reminder of the importance of security best practices.