Differences between revisions 5 and 6
Revision 5 as of 2010-02-24 02:02:37
Size: 1415
Editor: c-71-226-185-105
Comment: This wiki page not completed yet, going to add more later tonight.
Revision 6 as of 2010-02-24 03:21:52
Size: 1416
Editor: c-71-226-185-105
Comment:
Deletions are marked like this. Additions are marked like this.
Line 22: Line 22:
== Here are the examples Dr. A gave inclass == == Here are the examples Dr. A gave in class ==

Ch 3 - Enumeration

Link to PDF of powerpoint presentation http://dl.dropbox.com/u/68566/Enumeration.pdf

Quiz and Answers

1. What is the “holy grail” to hackers?

NetBIOS / SMB / Null NetBIOS Session

2. What is the main information you can get from a banner grab?

Server software and version

3. Name the two things you need to do to secure the Finger leak?

Disable service and block port

4. What service if set to use a standard community string will return lots of information to any one?

SNMP

5. What two ways can you use to stop access to RPC?

Limit to authenticated users and/or use encryption

Here are the examples Dr. A gave in class

(some of these are Linux, others are Windows)

NetCat

nc -v www.scotnpatti.com 80
    HEAD / HTTP/1.0 (press enter)
       (press enter)

FTP

www.scotnpatti.com   (bad)
www.cs.southern.edu  (good)

SMTP

telnet email.scotnpatti.com
    vrfy root
    vrfy scot
    vrfy jane

DNS

dig @peter.cs.andrews.edu southern.edu axfr 
//works here, but may not work elsewhere

BindVersion

dig @ns1.someuniversitythatdoesen'texist.edu version.bind txt chaos

Back to Cptr427Winter2010

HackingExposedChapter03 (last edited 2010-03-09 22:35:34 by c-71-226-185-105)