4.1 Enumeration Conecpts

What is Enumeration?

  • In the enumeration phase, attacker creates active connections to system and performs directed queries to gain more information about the target.
  • Attackers use extracted information to identify system attack points and perform password attacks to gain unauthorized access to information system resources.
  • Enumeration techniques are conducted in an intranet environment.
  • Information Enumerated by Intruders:
    • Network resources
    • Network shares
    • Routing tables
    • Audit and service settings
    • SNMP and DNS details
    • Machine names
    • Users and groups
    • Applications and banners

Techniques for Enumeration

  • Extract user names using email IDs
  • Extract information using the default passwords
  • Extract user names using SNMP
  • Brute force Active Directory
  • Extract user groups from Windows
  • Extract information using DNS Zone Transfer

Services and Ports to Enumerate

  • TCP/UDP 53: DNS Zone Transfer
  • TCP/UDP 135: Microsoft RPC Endpoint Mapper
  • UDP 137: NetBIOS Name Service (NBNS)
  • TCP 139: NetBIOS Session Service (SMB over NetBIOS)
  • TCP/UDP 445: SMB over TCP (Direct Host)
  • UDP 161: Simple Network Management Protocol (SNMP)
  • TCP/UDP 389: Lightweight Directory Access Protocol (LDAP)
  • TCP/UDP 3268: Global Catalog Service
  • TCP 25: Simple Mail Transfer Protocol (SMTP)
  • TCP/UDP 162: SNMP Trap

results matching ""

    No results matching ""