Ch 3 - Enumeration
Link to PDF of powerpoint presentation http://dl.dropbox.com/u/68566/Enumeration.pdf
Quiz and Answers
1. What is the “holy grail” to hackers?
NetBIOS / SMB / Null NetBIOS Session |
2. What is the main information you can get from a banner grab?
Server software and version |
3. Name the two things you need to do to secure the Finger leak?
Disable service and block port |
4. What service if set to use a standard community string will return lots of information to any one?
SNMP |
5. What two ways can you use to stop access to RPC?
Limit to authenticated users and/or use encryption |
Here are the examples Dr. A gave inclass
(some of these are Linux, others are Windows)
NetCat
nc -v www.scotnpatti.com 80
HEAD / HTTP/1.0 (press enter)
(press enter)
FTP
www.scotnpatti.com (bad) www.cs.southern.edu (good)
SMTP
telnet email.scotnpatti.com
vrfy root
vrfy scot
vrfy jane
DNS
dig @peter.cs.andrews.edu southern.edu axfr //works here, but may not work elsewhere
BindVersion
dig @ns1.someuniversitythatdoesen'texist.edu version.bind txt chaos
Back to Cptr427Winter2010