Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS391 Computer & Network Security

Published byGrant Flynn Modified over 9 years ago

Similar presentations

Presentation on theme: "CS391 Computer & Network Security"— Presentation transcript:

1 CS391 Computer & Network Security
enumeration CS391 Computer & Network Security

2 What is enumeration? Enumeration Techniques.

3 What is Enumeration? Having identified live hosts and running services, enumeration is the task of probing the identified services for known weaknesses. The main difference between enumeration and the previous techniques is the level of intrusiveness. Enumeration involves active connections to systems and directed queries, and accordingly will be logged by target systems.

4 Banner Grabbing We have seen examples of banner grabbing in the previous lecture. In addition, telenet and netcat may be used.

5 Banner Grabbing telnet example

6 Smtp enumeration Tcp port 25 Two commands: vrfy and expn Use telenet

7 Zone transfers Dns server port 53 Nslookup Ls –d server name

8 Null session enumeration
Server Message Block (SMB) Protocol. Forms the basis for file and printer sharing. First step: connect to the protocol using the null session command: Net use \\IP address\IPC$ “” /u:” Enumaerate file shares on a host Net view \\host

9 Use DumpSec One can use Dumpsec tool to enumerate file shares.
Another tool is legion Another attack is to dump the Windows registry. A number of tools can be used, e.g. regdmp

10 Trusted Domains Enumerating trusted domains:
Once a null session is established, nltest and /server:server_name and /trusted_domains may be used to learn about further domains related to the current domians

11 Users Enumerating users: Use dumpsec

Download ppt "CS391 Computer & Network Security"

Similar presentations

Ethical Hacking Module IV Enumeration.

Ethical Hacking Module IV Enumeration.
Hacking Exposed 7 Network Security Secrets & Solutions

Hacking Exposed 7 Network Security Secrets & Solutions
METEOROLOGICAL TELECOMMUNICATION AND METCAP A GLANCE TO NETWORK BRIEFLY Ömer Hüdai ALBAYRAK 2010ALANYA.

METEOROLOGICAL TELECOMMUNICATION AND METCAP A GLANCE TO NETWORK BRIEFLY Ömer Hüdai ALBAYRAK 2010ALANYA.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.

ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
CLIENT / SERVER ARCHITECTURE AYRİS UYGUR & NİLÜFER ÇANGA.

CLIENT / SERVER ARCHITECTURE AYRİS UYGUR & NİLÜFER ÇANGA.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.
Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.

Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.
Enumeration. Local IP addresses Local IP addresses (review)  Some special IP addresses  localhost 127.0.0.1 (loopback address)  Internal networks 

Enumeration. Local IP addresses Local IP addresses (review)  Some special IP addresses  localhost (loopback address)  Internal networks 
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
CS 497C – Introduction to UNIX Lecture 35: - TCP/IP Networking Tools Chin-Chih Chang

CS 497C – Introduction to UNIX Lecture 35: - TCP/IP Networking Tools Chin-Chih Chang
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
How does it differ from footprinting and scanning? – Footprinting did not necessarily attempt to access the target system(s) directly – Scanning involved.

How does it differ from footprinting and scanning? – Footprinting did not necessarily attempt to access the target system(s) directly – Scanning involved.
Enumerating slides (c) 2012 by Richard Newman based on Hacking Exposed 7 by McClure, Scambray, and Kurtz.

Enumerating slides (c) 2012 by Richard Newman based on Hacking Exposed 7 by McClure, Scambray, and Kurtz.
Chapter 6 Enumeration Modified 9-28-09. Objectives  Describe the enumeration step of security testing  Enumerate Microsoft OS targets  Enumerate NetWare.

Chapter 6 Enumeration Modified Objectives  Describe the enumeration step of security testing  Enumerate Microsoft OS targets  Enumerate NetWare.
Module 7: Configuring TCP/IP Addressing and Name Resolution.

Module 7: Configuring TCP/IP Addressing and Name Resolution.
Guide to MCSE 70-270, Second Edition, Enhanced1 Windows XP Network Overview Most versatile Windows operating system Supports local area network (LAN) connections.

Guide to MCSE , Second Edition, Enhanced1 Windows XP Network Overview Most versatile Windows operating system Supports local area network (LAN) connections.
Hands-On Ethical Hacking and Network Defense

Hands-On Ethical Hacking and Network Defense
Chapter 3 Enumeration Last modified 8-30-12.

Chapter 3 Enumeration Last modified

Similar presentations

Ads by Google