CITA 352 Chapter 6 Enumeration.

Slides:



Advertisements
Similar presentations
Ethical Hacking Module IV Enumeration.
Advertisements

Chapter One The Essence of UNIX.
SYSTEM ADMINISTRATION Chapter 19
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Homework 3.2 Clients Hub What’s wrong with this picture? Clients Using 100TX.
Network+ Guide to Networks, Fourth Edition Chapter 10 Netware-Based Networking.
MCT260-Operating Systems I Operating Systems I Networking.
Lesson 5-Accessing Networks. Overview Introduction to Windows XP Professional. Introduction to Novell Client. Introduction to Red Hat Linux workstation.
Chapter 13 Chapter 13: Managing Internet and Network Interoperability.
Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Network Shares and Accounts Sharing Printers, Drives, Folders – Setup Windows 95/98 Windows NT (2000, XP) Linux – Users – Groups.
Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:
Guide To UNIX Using Linux Third Edition
Enumeration. Local IP addresses Local IP addresses (review)  Some special IP addresses  localhost (loopback address)  Internal networks 
Resource Sharing Over a Network
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.
Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:
Guide to Operating System Security Chapter 5 File, Directory, and Shared Resource Security.
Samba
Section 6.1 Explain the development of operating systems Differentiate between operating systems Section 6.2 Demonstrate knowledge of basic GUI components.
Chapter 6 Enumeration Modified Objectives  Describe the enumeration step of security testing  Enumerate Microsoft OS targets  Enumerate NetWare.
1 SAMBA. 2 Module - SAMBA ♦ Overview The presence of diverse machines in the network environment is natural. So their interoperability is critical. This.
Microsoft Windows 2003 Server. Client/Server Environment Many client computers connect to a server.
BASIC NETWORK CONCEPTS (PART 6). Network Operating Systems NNow that you have a general idea of the network topologies, cable types, and network architectures,
Guide to Operating System Security Chapter 9 Web, Remote Access, and VPN Security.
Module 7: Configuring TCP/IP Addressing and Name Resolution.
Hands-On Ethical Hacking and Network Defense
Module 4: Add Client Computers and Devices to the Network.
Chapter 9: Novell NetWare
Module 10: Configuring Windows XP Professional to Operate in Microsoft Networks.
CIM6400 CTNW (04/05) 1 CIM6400 CTNW Lesson 6 – More on Windows 2000.
File Recovery and Forensics
CS391 Computer & Network Security
Network Operating Systems versus Operating Systems Computer Networks.
Configuring Network Connectivity Lesson 7. Skills Matrix Technology SkillObjective DomainObjective # Using the Network and Sharing Center Use the Network.
Network Management Tool Amy Auburger. 2 Product Overview Made by Ipswitch Affordable alternative to expensive & complicated Network Management Systems.
FTP Server and FTP Commands By Nanda Ganesan, Ph.D. © Nanda Ganesan, All Rights Reserved.
PC Maintenance: Preparing for A+ Certification Chapter 23: Using a Windows Network.
DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.
Chapter 5: Defining the Role of the Operating System
SCSC 555 Frank Li.  Introduction to Enumeration  Enumerate Microsoft OS  Enumerate *NIX OS  Enumerate NetWare OS (skip) 2.
Networking in Windows NT Layered Network Architecture Network Interface Card Network Adapter Card Drivers NDIS InterfaceStreams Transport Protocols.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 13 FTP and Telnet.
1 Linux Networking and Security Chapter 5. 2 Configuring File Sharing Services Configure an FTP server for anonymous or regular users Set up NFS file.
CMPF124 Basic Skills For Knowledge Workers Chapter 1 – Part 1 Introduction To Windows Operating Systems CMPF 112 : COMPUTING SKILLS.
Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.
Enumeration After scanning for live systems and services, hackers will probe the services more carefully looking for weaknesses This involves active connections!
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 21 Administering User Accounts and Groups 1.
Retina Network Security Scanner
Hands-On Ethical Hacking and Network Defense
Hands-On Ethical Hacking and Network Defense Chapter 6 Enumeration Modified
Administering Microsoft Windows Server 2003 Chapter 2.
Course ILT Unit objectives Describe the network clients that are available to connect DOS-, Windows-, and Macintosh-based computers to a network Network.
IS493 INFORMATION SECURITY TUTORIAL # 1 (S ) ASHRAF YOUSSEF.
Remote Access Usages. Remote Desktop Remote desktop technology makes it possible to view another computer's desktop on your computer. This means you can.
Objective Enumeration takes port scanning to the next level. Now that you know how to discover live systems on a network, the next steps are finding what.
Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 44 – Exploring Network Properties.
Enumeration March 2, 2010 MIS 4600 – MBA © Abdou Illia.
Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.
Guide to Operating Systems, 5th Edition
Chapter Objectives In this chapter, you will learn:
Nessus Vulnerability Scan
Click to edit Master subtitle style
Enumeration.
CITA 352 Chapter 5 Port Scanning.
WINDOWS NT VERSUS UNIX NT & UNIX OVERVIEW by Zhuo Hong Liu
Telnet/SSH Connecting to Hosts Internet Technology.
Nessus Vulnerability Scanning
Linux and TCP/IP Networking
Presentation transcript:

CITA 352 Chapter 6 Enumeration

Introduction to Enumeration Enumeration extracts information about: Resources or shares on the network Usernames or groups assigned on the network User’s password and recent logon times Port scanning and footprinting Determine OS Enumeration is more intrusive Attempting to access resource NBTscan (NetBIOS over TCP/IP) Tool for enumerating Windows OSs

Figure 6-1 NBTscan finds computers running NetBIOS

Enumerating Windows Operating Systems Enumeration techniques for older Windows OSs Many still work with newer versions This chapter focuses on Windows OS As it relates to enumeration

Table 6-1 Windows OS descriptions

Table 6-1 Windows OS descriptions (cont’d.)

Table 6-1 Windows OS descriptions (cont’d.)

NetBIOS Basics Network Basic Input Output System (NetBIOS) Programming interface Allows computer communication over a LAN Used to share files and printers Requires Server Message Block (SMB) NetBIOS names Computer names on Windows systems Limit of 16 characters Last character identifies type of service running Must be unique on a network

Table 6-2 NetBIOS names and suffixes

Table 6-2 NetBIOS names and suffixes (cont’d.)

NetBIOS Null Sessions Null session Around for over a decade Unauthenticated connection to a Windows computer Does not use logon and passwords values Around for over a decade Still present on Windows XP Disabled by default in Windows Server 2003 Not available in Windows Vista and Server 2008

NetBIOS Enumeration Tools Nbtstat command Powerful enumeration tool Included with Windows Displays NetBIOS table Net view command Shows shared resources on a network host Use port scanning information during enumeration IP address to perform NetBIOS enumeration Net use command Connects computer with shared folders or files

Figure 6-2 Using the Nbstat command

Figure 6-3 Viewing help for the Net view command

Figure 6-4 Using the Net view command with an IP address

Figure 6-5 Viewing help for the Net use command

Additional Enumeration Tools Include: Windows tools included with BackTrack Smb4K tool DumpSec Hyena Nessus and OpenVAS

Using Windows Enumeration Tools Backtrack Smb4K tool Used to enumerate Windows computers in a network Figure 6-6 Using Smb4K on a Windows network

DumpSec Enumeration tool for Windows systems Produced by Foundstone, Inc. Allows user to connect to a server and “dump”: Permissions for shares Permissions for printers Permissions for the Registry Users in column or table format Policies Rights Services

Hyena Excellent GUI product for managing and securing Windows OSs Shows shares and user logon names for Windows servers and domain controllers Displays graphical representation of: Microsoft Terminal Services Microsoft Windows Network Web Client Network Find User/Group

Figure 6-8 The Hyena interface

Nessus and OpenVAS OpenVAS Nessus Server and Client Operates in client/server mode Open-source descendent of Nessus Popular tool for identifying vulnerabilities Nessus Server and Client Latest version can run on Windows, Mac OS X, FreeBSD, and most Linux distributions Handy when enumerating different OSs on a large network Many servers in different locations

Figure 6-10 The Nessus session window

Figure 6-12 The Connection Manager dialog box

Figure 6-13 Nessus ready to scan

Figure 6-14 Nessus enumerates a NetBIOS system

Figure 6-15 Enumerating shares in Nessus

Figure 6-16 Nessus indicates the OS and service pack

Enumerating the NetWare Operating System Novell NetWare Some security professionals see as a “dead” OS Ignoring an OS can limit your career as a security professional NetWare Novell does not offer any technical support for versions before 6.5

Table 6-3 NetWare OS descriptions

NetWare Enumeration Tools Still used on many networks New vulnerabilities are discovered daily Vigilantly check vendor and security sites Example Older version of Nessus to scan a NetWare 5.1 server

Figure 6-17 Nessus enumerates a NetWare server

Figure 6-18 Enumerating eDirectory in Nessus

Figure 6-19 Nessus discovers the FTP account’s username and password

Figure 6-20 Nessus enumerates several user accounts

NetWare Enumeration Tools (cont’d.) Novell Client for Windows Gathers information on shares and resources Vulnerability in NetWare OS You can click Trees, Contexts, and Servers buttons without a login name or password Open dialog boxes showing network information

Figure 6-22 Logging in with credentials supplied by Nessus

Figure 6-23 Information displayed after the NetWare login is accepted

Figure 6-24 Accessing NetWare through mapped drives

Enumerating the *nix Operating System Several variations Solaris and OpenSolaris HP-UX Mac OS X and OpenDarwin AIX BSD UNIX FreeBSD OpenBSD NetBSD Linux, including several distributions

UNIX Enumeration Finger utility Nessus Most popular enumeration tool for security testers Finds out who is logged in to a *nix system Determines who was running a process Nessus Another important *nix enumeration tool

Figure 6-25 Using the Finger command

Figure 6-26 Nessus enumerates a Linux system

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.