Krishna Another effective way to gather information about a network and the resources on it is through use of the Network Time Protocol (NTP). Before you look at how to exploit this protocol for information-gathering purposes, you need to understand what the protocol does and what purpose it serves. NTP is a protocol used to synchronize … Read more
The Lightweight Directory Access Protocol (LDAP) is used to interact with and organize databases. LDAP is very widely used due to the fact that it is an open standard that is used by a number of vendors in their own products—in many cases a directory service like Microsoft’s Active Directory. A directory is a database, … Read more
Linux and Unix systems are no different from Windows systems and can be enumerated as well. The difference lies in the tools and the approach. In this section you will take a look at a handful of the tools that have proven useful in exploring these systems. finger The finger command is designed to return … Read more
Another useful mechanism for enumerating a target system is the Simple Network Manage- ment Protocol (SNMP). This protocol is used to assist in the management of devices such as routers, hubs, and switches, among others. SNMP comes in three versions: SNMPv1 This version of the protocol was introduced as a standardized mechanism for managing network … Read more
The Microsoft Windows operating system is designed to be used as either a stand-alone or a networked environment; however, for this discussion you will assume a networked setup only. In the Windows world, securing access to resources, objects, and other components is handled through many mechanisms, but there are some things that are common to … Read more
Enumeration is the process of extracting information from a target system in an organized and methodical manner. During enumeration you should be able to extract information such as usernames, machine names, shares, and services from a system as well as other information depending on the operating environment. Unlike with previous phases, you are initiating active … Read more
How do you check for live systems in a targeted environment? There are plenty of ways to accomplish this. Some common ways to perform these types of scans are: ■ Wardialing ■ Wardriving ■ Pinging ■ Port scanning Each of these techniques, along with others we will explore, offers something that the others don’t, or … Read more
Networking scanning is a methodical process that involves probing a target network with the intent of finding out information about it and using that information for attack phases. If you have a command of network and system fundamentals, coupled with thorough reconnaissance it is possible to get a reasonable picture of a network—in some cases, … Read more
There are many steps in the footprinting process, each of which will yield a different type of information. Remember to log each piece of information that you gather no matter how insignificant it may seem at the time. Using Search Engines One of the first steps in the process of footprinting tends to be using … Read more
Social Engineering One of the easiest ways to gain information about a target or to get information in general is to just ask for it. When asking doesn’t work, you can try manipulating people with the goal of getting that gem of information that can give you useful insight. Network and System Attacks These are … Read more