Ch 3 - Enumeration

Link to PDF of powerpoint presentation http://dl.dropbox.com/u/68566/Enumeration.pdf

What is Enumeration?

Basic Banner Grabbing

Enumerating Common Network Services

NetBIOS Session

Finger

SNMP

UNIX RPC

Enumerating MS RPC Endpoint Mapper

Novell NetWare Enum.

Summary

Quiz and Answers

1. What is the “holy grail” to hackers?

NetBIOS / SMB / Null NetBIOS Session

2. What is the main information you can get from a banner grab?

Server software and version

3. Name the two things you need to do to secure the Finger leak?

Disable service and block port

4. What service if set to use a standard community string will return lots of information to any one?

SNMP

5. What two ways can you use to stop access to RPC?

Limit to authenticated users and/or use encryption

Here are the examples Dr. A gave in class

(some of these are Linux, others are Windows)

NetCat

nc -v www.scotnpatti.com 80
    HEAD / HTTP/1.0 (press enter)
       (press enter)

FTP

www.scotnpatti.com   (bad)
www.cs.southern.edu  (good)

SMTP

telnet email.scotnpatti.com
    vrfy root
    vrfy scot
    vrfy jane

DNS

dig @peter.cs.andrews.edu southern.edu axfr 
//works here, but may not work elsewhere

BindVersion

dig @ns1.someuniversitythatdoesen'texist.edu version.bind txt chaos

Back to Cptr427Winter2010

HackingExposedChapter03 (last edited 2010-03-09 22:35:34 by c-71-226-185-105)