GATHERING NETWORK AND HOST INFORMATION

Get Started. It's Free
or sign up with your email address
GATHERING NETWORK AND HOST INFORMATION by Mind Map: GATHERING NETWORK AND HOST INFORMATION

1. Define Enumeration

1.1. The process of extracting information from a target system in an organized and methodical manner

1.2. Using active connections to the system to perform more aggressive information gathering

1.3. Information to be collected during the enumeration

1.3.1. Usernames, group names

1.3.2. Hostnames

1.3.3. Network shares and services

2. Significance of Enumeration

2.1. Enumeration is often considered as a critical phase in Penetration testing as the outcome of enumeration can be used directly for exploiting the system

3. Enumeration classification

3.1. NetBios Enumeration

3.2. SNMP Enumeration

3.2.1. Tools

3.2.1.1. SNMPUtil

3.2.1.2. SolarWinds' IP network Browser

3.3. LDAP Enumeration

3.4. NTP Enumeration

3.5. SMTP Enumeration

3.6. DNS Enumeration

3.7. Windows Enumeration

3.8. UNIX /Linux Enumeration

4. Null Sessions

4.1. The problem is that they are also a source of potential abuse as well.

4.2. NULL session can reveal a wealth of information

4.3. Basically a NULL session is something that occurs when a connection is made to a Windows system without credentials being provided.

5. Types of scanning

5.1. Port scanning

5.1.1. Since a port is a place where information goes into and out of a computer, port scanning identifies open doors to a computer.

5.2. Network scanning

5.2.1. Is mainly used for security assessment, system maintenance, and also for performing attacks by hackers

5.3. Vulnerability scanning

5.3.1. A vulnerability scan is used to identify weaknesses or vulnerabilities on a target system

6. Scanning Methodology

6.1. Checking for live system

6.2. Checking for open ports

6.3. Service identification

6.4. Banner grabbing/OS fingerprinting

6.5. Vulnerability scanning

6.6. Draw network diagrams of vulnerable hosts

6.7. Prepare proxies

6.8. Attack