What types of connection does an attacker initiate during the Enumeration phase of an attack?

What kinds of information are attackers looking for during this phase?

How would you enumerate and prevent enumeration with:

  • Email IDs
  • Default Passwords
  • SNMP
  • Brute Forcing Active Directory
  • DNS Zone Transfer

What are protocol types and ports for for:

  • DNS Zone Transfer
  • DNS Queries
  • SNMP
  • SNMP Trap
  • MS RPC Endpoint Mapper
  • LDAP
  • NBNS
  • Global Catalog Service
  • NetBIOS
  • SMTP

How does NetBIOS identify devices over TCP/IP?

What ports does NetBIOS over TCP use and over which protocol types are used?

What information can an attacker discover with NetBIOS?

What classifications are there for NetBIOS types?

What is SMB?

  • What ports does it run over?
  • What kinds of things are handled through it?
  • How would you connect to SMB through a Linux command line?

What is SNMP?

  • What are the 3 components involved in an SNMP deployment?
    • What are the two types of MIBs?
  • What are the features of the different versions of SNMP?

What is LDAP?

  • What type of port and number does it live on?
  • What standard does LDAP use to communicate between server and client?
  • What are examples of services using LDAP?

What is NTP?

  • What type of port and number does NTP communicate over?
  • What is the NTP equivalent of a “hop count” or TTL?
  • What version of NTP supports cryptographic authentication?

What is NFS?

  • What type of port and numbers does an NFS server use?
    • What information do you find on an NFS server?

What is SMTP?

  • What are SMTP commands and their function?

What is DNS?

  • What type of port and numbers are used for DNS?

Leave a Reply

Your email address will not be published. Required fields are marked *