Differences between revisions 3 and 5 (spanning 2 versions)
Revision 3 as of 2010-02-03 20:52:40
Size: 620
Editor: anderson-camtasia
Comment:
Revision 5 as of 2010-02-24 02:02:37
Size: 1415
Editor: c-71-226-185-105
Comment: This wiki page not completed yet, going to add more later tonight.
Deletions are marked like this. Additions are marked like this.
Line 2: Line 2:

= Ch 3 - Enumeration =

Link to PDF of powerpoint presentation
http://dl.dropbox.com/u/68566/Enumeration.pdf

== Quiz and Answers ==

1. What is the “holy grail” to hackers?
||<#32CD32> NetBIOS / SMB / Null NetBIOS Session ||
2. What is the main information you can get from a banner grab?
||<#32CD32> Server software and version ||
3. Name the two things you need to do to secure the Finger leak?
||<#32CD32> Disable service and block port ||
4. What service if set to use a standard community string will return lots of information to any one?
||<#32CD32> SNMP ||
5. What two ways can you use to stop access to RPC?
||<#32CD32> Limit to authenticated users and/or use encryption ||
Line 33: Line 52:
`dig @peter.cs.andrews.edu southern.edu axfr` {{{
dig @peter.cs.andrews.edu southern.edu axfr  //works here, but may not work elsewhere
}}}
Line 37: Line 59:
`dig @ns1.swau.edu version.bind txt chaos` {{{
dig @ns1.someuniversitythatdoesen'texist.edu version.bind txt chaos
}}}

Ch 3 - Enumeration

Link to PDF of powerpoint presentation http://dl.dropbox.com/u/68566/Enumeration.pdf

Quiz and Answers

1. What is the “holy grail” to hackers?

NetBIOS / SMB / Null NetBIOS Session

2. What is the main information you can get from a banner grab?

Server software and version

3. Name the two things you need to do to secure the Finger leak?

Disable service and block port

4. What service if set to use a standard community string will return lots of information to any one?

SNMP

5. What two ways can you use to stop access to RPC?

Limit to authenticated users and/or use encryption

Here are the examples Dr. A gave inclass

(some of these are Linux, others are Windows)

NetCat

nc -v www.scotnpatti.com 80
    HEAD / HTTP/1.0 (press enter)
       (press enter)

FTP

www.scotnpatti.com   (bad)
www.cs.southern.edu  (good)

SMTP

telnet email.scotnpatti.com
    vrfy root
    vrfy scot
    vrfy jane

DNS

dig @peter.cs.andrews.edu southern.edu axfr 
//works here, but may not work elsewhere

BindVersion

dig @ns1.someuniversitythatdoesen'texist.edu version.bind txt chaos

Back to Cptr427Winter2010

HackingExposedChapter03 (last edited 2010-03-09 22:35:34 by c-71-226-185-105)