Windows Enumeration Tools Roy Introduction SMB Protocol Inter Process Communication(IPC)

Slides:

Advertisements

Similar presentations

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.

Advertisements

Ethical Hacking Module IV Enumeration.

Guide to Computer Forensics and Investigations Fourth Edition Chapter 11 Virtual Machines, Network Forensics, and Live Acquisitions.

Configuring Windows to run Dr.Web scanner remotely.

Cosc 4765 Windows Forensics Techniques. A case study First this lecture should not be confused with Computer Forensics for criminal prosecution. –That.

Essential NetTools Pranay Kumar. Essential NetTools  This tool is a set of network tools useful in diagnosing networks and monitoring your computer's.

Windows NT Security Holes Windows NT is getting more popular. More and more companies use NT as their platform of the Internet.They also use NT as the.

COEN 250 Computer Forensics Windows Life Analysis.

COEN 250 Computer Forensics Windows Life Analysis.

11 ADMINISTERING MICROSOFT WINDOWS SERVER 2003 Chapter 2.

Guide to Computer Forensics and Investigations Third Edition Chapter 11 Network Forensics.

Enumeration. Local IP addresses Local IP addresses (review)  Some special IP addresses  localhost (loopback address)  Internal networks 

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.

1 GFI LANguard Network Security Scanner. 2 Contents Introduction Features Source & Installation Testing environment Results Conclusion.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 7 Configuring File Services in Windows Server 2008.

Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.

Adrian Crenshaw.  I run Irongeek.com  I have an interest in InfoSec education  I don’t know everything - I’m.

Monitoring and Troubleshooting Chapter 17. Review What role is required to share folders on Windows Server 2008 R2? What is the default permission listed.

Workshop 1: Introduction to TCP/IP

Week 8-1 Week 8: Denial of Service (DoS) What is Denial of Service Attack? –Any attack that causes a system to be unavailability. This is a violation of.

Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Unit OS4: Scheduling and Dispatch 4.6. Demos.

ADM291 A Tour of Sysinternals Tools Mark Russinovich Winternals Software.

Services and Disk Management. Default Services (some) Alerter ClipBook Server Computer Browser DNS Client Event Log Messenger Net Logon Network DDE Network.

PRACTICAL STEPS IN SECURING WINDOWS NT Copyright, 1996 © Dale Carnegie & Associates, Inc. TIP For additional advice see Dale Carnegie Training® Presentation.

CS391 Computer & Network Security

CIS 460 – Network Design Seminar Network Security Scanner Tool GFI LANguard.

ECE4112 Lab 7: Honeypots and Network Monitoring and Forensics Group 13 + Group 14 Allen Brewer Jiayue (Simon) Chen Daniel Chu Chinmay Patel.

Shadow Security Scanner Li,Guorui. Introduction Remote computer vulnerabilities scanner Runs on Windows Operating Systems SSS also scans servers built.

Network Security SSH Tunneling David Funk Matt McLaughlin Systems Administrators Computer Systems Support COE, University of Iowa.

Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Unit OS2: Operating System Principles 2.5. Demos.

COEN 250 Computer Forensics Windows Life Analysis.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

Lesson 17-Windows 2000/Windows 2003 Server Security Issues.

© 1999 Ernst & Young LLP e e treme hacking Black Hat 1999 Over the Router, Through the Firewall, to Grandma’s House We Go George Kurtz & Eric Schultze.

System Hacking Active System Intrusion. Aspects of System Hacking System password guessing Password cracking Key loggers Eavesdropping Sniffers Man in.

Linux Networking and Security

Network Assessment How intrusion techniques contribute to system/network security Network and system monitoring System mapping Ports, OS, applications.

SCSC 555 Frank Li.  Introduction to Enumeration  Enumerate Microsoft OS  Enumerate *NIX OS  Enumerate NetWare OS (skip) 2.

A powerful network monitoring system

Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.

1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments.

Securing New Technology Dominique Brezinski. Introduction We all have a few questions about Windows NT security: Is it really secure Should we be deploying.

1 Linux Networking and Security Chapter 5. 2 Configuring File Sharing Services Configure an FTP server for anonymous or regular users Set up NFS file.

Penetration Testing 101 (Boot-camp)

COEN 250 Computer Forensics Windows Life Analysis.

NMS Case Study-I NetScreen Global Manager CS720H.

Using Event Viewer Event Levels Creating Custom Views Windows Logs Monitoring Performance.

Week 4-1 Week 4: Enumeration What is Enumeration? –Now that you have a live target the next step is find what services are running and what version.

TCOM Information Assurance Management System Hacking.

Guide to Computer Forensics and Investigations, Second Edition Chapter 12 Network Forensics.

Retina Network Security Scanner

CS3695/M6-109 – Network Vulnerability Assessment & Risk Mitigation–

L Identify the “out-of-the-box” audit settings l Identify recommended minimum audit settings l Configure security event log settings to meet recommendations.

Асоциация за информационна сигурност Мрежова сигурност 1 изборен курс във ФМИ на СУ понеделник, зала 325, ФМИ, 19:00 четвъртък, зала 200,

Module 3 l Objectives –Identify the security risks associated with specific NT Services –Understand the risk introduced by specific protocols –Identify.

Windows 2000/XP Internet Protocol Security IPSec Mike Chirico M.S. souptonuts.sourceforge.net/chirico/ December 18, 2003.

Hacking 101, Boot-camp Computer Security Group March 10, 2010 Mitchell Adair.

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

Nessus Vulnerability Scan

Module Overview Installing and Configuring a Network Policy Server

Exercise 7 Samba.

Network Operating Systems Examples

Incident Detection and Response

Hands-On Ethical Hacking and Network Defense

Lesson 16-Windows NT Security Issues

Windows desktop sharing

Bro, I Can See You Moving Laterally

SharePoint Server Assessment Results

Presentation transcript:

Windows Enumeration Tools Roy

Introduction SMB Protocol Inter Process Communication(IPC)

Winfingerprint SMB, TCP, UDP, ICMP, RPC, and SNMP scans nfingerprint.php Ping Response NetBIOS Share Fingerprint NetBIOS Share Password Policy Running Services Users SID Groups Network Service Pack Session Disks Ports

GetUserInfo TCP port UserInfo.zip

Enum AZOR/Files/enum.tar.gz

PsTools Using NetBIOS port Services –NetLogon –Server –RemoteRegistry IPC$ share must be available

Psfile shows files opened remotely

PsLoggedon see who's logged on locally and via resource sharing FATCAT-E6GDFAFE CAT User:Administrator

PsGetSid mike

PsInfo Get information about local or remote windows system

PsService local and remote services viewer/controller

PsList List the Process information Open taskmgr.exe

PsKill kill processes by name or process ID

PsSuspend suspend or resume processes on a local or remote NT system.

PsLogList local and remote event log viewer System Security Application I->Information E->Errors W->Warning Audit Success Audit Failure Clean Log -> -c

PsExec executes a program on a remote system Access to the ADMIN$ share

PsShutdown Shutdown, logoff and power manage local and remote systems

Summary SMB