GATHERING NETWORK AND DEFINE ENUMERATION

Get Started. It's Free
or sign up with your email address
Rocket clouds
GATHERING NETWORK AND DEFINE ENUMERATION by Mind Map: GATHERING NETWORK AND DEFINE ENUMERATION

1. DEFINE ENUMERATION

1.1. The process of extracting information from a target system in an organized and methodical manner

1.2. Able to extract information such as usernames, machine names, shares, and service from a system.

2. INFORMATION TO BE COLLECTED DURING THE ENUMERATION

2.1. Usernames, Group names

2.2. Hostnames

2.3. Network shares and services

2.4. IP tables and routing tables

2.5. Service settings and Audit configurations

3. SIGNIFICANCE OF ENUMERATION

3.1. Enumeration is often considered as a critical phase in penetration testing.

4. ENUMERATION CLASSIFICATION

4.1. NetBios Enumeration

4.2. SNMP Enumeration

4.3. DNS Enumeration

4.4. SMTP Enumeration

5. ENUMERATION WITH SNMP

5.1. Another useful mechanism for enumerating a target system Simple Network Management Protocol (SNMP)

5.2. Used to assist in the management of devices such as routers, hubs, and switches, among others

5.3. SNMP is an application layer protocol that functions using UDP.

5.4. SNMP is an application layer protocol that functions using UDP.

6. The following can be extracted through SNMP

6.1. Network resources such as hosts, routers, and devices

6.2. File shares

6.3. ARP tables

6.4. Routing tables

7. SNMP ENUMERATION TOOLS

7.1. SNMPUtil

7.2. SolarWinds' IP Network Browser

8. NULL SESSION

8.1. NULL session can reveal a wealth of information.

8.2. Basically a NULL session is something that occurs when a connection is made to a Windows system without credentials being provided.

8.3. Information that may be obtained during this process includes: ■ List of users and groups ■ List of machines ■ List of shares ■ Users and host SIDs

9. TYPES OF SCANNING

9.1. a. Port scanning b. Network scanning c. Vulnerability scanning

10. SCANNING METHODOLOGY

10.1. a. Checking for live system b. Checking for open ports c. Service identification d. Banner grabbing/OS fingerprinting e. Vulnerability scanning f. Draw network diagrams of vulnerable hosts g. Prepare proxies h. Attack