|
Size: 706
Comment:
|
Size: 1416
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 3: | Line 3: |
| == Here are the examples Dr. A gave inclass == | = Ch 3 - Enumeration = Link to PDF of powerpoint presentation http://dl.dropbox.com/u/68566/Enumeration.pdf == Quiz and Answers == 1. What is the “holy grail” to hackers? ||<#32CD32> NetBIOS / SMB / Null NetBIOS Session || 2. What is the main information you can get from a banner grab? ||<#32CD32> Server software and version || 3. Name the two things you need to do to secure the Finger leak? ||<#32CD32> Disable service and block port || 4. What service if set to use a standard community string will return lots of information to any one? ||<#32CD32> SNMP || 5. What two ways can you use to stop access to RPC? ||<#32CD32> Limit to authenticated users and/or use encryption || == Here are the examples Dr. A gave in class == |
Ch 3 - Enumeration
Link to PDF of powerpoint presentation http://dl.dropbox.com/u/68566/Enumeration.pdf
Quiz and Answers
1. What is the “holy grail” to hackers?
NetBIOS / SMB / Null NetBIOS Session |
2. What is the main information you can get from a banner grab?
Server software and version |
3. Name the two things you need to do to secure the Finger leak?
Disable service and block port |
4. What service if set to use a standard community string will return lots of information to any one?
SNMP |
5. What two ways can you use to stop access to RPC?
Limit to authenticated users and/or use encryption |
Here are the examples Dr. A gave in class
(some of these are Linux, others are Windows)
NetCat
nc -v www.scotnpatti.com 80
HEAD / HTTP/1.0 (press enter)
(press enter)
FTP
www.scotnpatti.com (bad) www.cs.southern.edu (good)
SMTP
telnet email.scotnpatti.com
vrfy root
vrfy scot
vrfy jane
DNS
dig @peter.cs.andrews.edu southern.edu axfr //works here, but may not work elsewhere
BindVersion
dig @ns1.someuniversitythatdoesen'texist.edu version.bind txt chaos
Back to Cptr427Winter2010