What Is Enumeration?

Enumeration is the process of extracting information from a target system in an organized and methodical manner. During enumeration you should be able to extract information such as usernames, machine names, shares, and services from a system as well as other information depending on the operating environment. Unlike with previous phases, you are initiating active connections to a system in an effort to gather the information you are seeking. Consequently you should consider this phase a high-risk process. Take extra effort to be precise lest you risk detection.

During this phase you are using active connections to the system to perform more aggressive information gathering. The active connections allow you to perform directed queries at the system to extract more information about the target environment. Having retrieved sufficient information, you can assess the strengths and weaknesses of the system. Information gathered during this phase generally falls into the following types:
■ Network resources and shares
■ Users and groups
■ Routing tables
■ Auditing and service settings
■ Machine names
■ Applications and banners
■ SNMP and DNS details