GATHERING NETWORK AND DEFINE ENUMERATION

1. SIGNIFICANCE OF ENUMERATION

1.1. Enumeration is often considered as a critical phase in penetration testing.

2. ENUMERATION CLASSIFICATION

2.1. NetBios Enumeration

2.2. SNMP Enumeration

2.3. DNS Enumeration

2.4. SMTP Enumeration

3. ENUMERATION WITH SNMP

3.1. Another useful mechanism for enumerating a target system Simple Network Management Protocol (SNMP)

3.2. Used to assist in the management of devices such as routers, hubs, and switches, among others

3.3. SNMP is an application layer protocol that functions using UDP.

3.4. SNMP is an application layer protocol that functions using UDP.

4. The following can be extracted through SNMP

4.1. Network resources such as hosts, routers, and devices

4.2. File shares

4.3. ARP tables

4.4. Routing tables

5. SCANNING METHODOLOGY

5.1. a. Checking for live system b. Checking for open ports c. Service identification d. Banner grabbing/OS fingerprinting e. Vulnerability scanning f. Draw network diagrams of vulnerable hosts g. Prepare proxies h. Attack

6. DEFINE ENUMERATION

6.1. The process of extracting information from a target system in an organized and methodical manner

6.2. Able to extract information such as usernames, machine names, shares, and service from a system.

7. INFORMATION TO BE COLLECTED DURING THE ENUMERATION

7.1. Usernames, Group names

7.2. Hostnames

7.3. Network shares and services

7.4. IP tables and routing tables

7.5. Service settings and Audit configurations

8. SNMP ENUMERATION TOOLS

8.1. SNMPUtil

8.2. SolarWinds' IP Network Browser

9. NULL SESSION

9.1. NULL session can reveal a wealth of information.

9.2. Basically a NULL session is something that occurs when a connection is made to a Windows system without credentials being provided.

9.3. Information that may be obtained during this process includes: ■ List of users and groups ■ List of machines ■ List of shares ■ Users and host SIDs

10. TYPES OF SCANNING

10.1. a. Port scanning b. Network scanning c. Vulnerability scanning