Enumeration The First Step.

Slides:

Advertisements

Similar presentations

Introduction to Networking Andrew Hamilton TJ IT Technician.

Advertisements

Cisco 2 - Routers Perrine. J Page 14/30/2015 Chapter 10 TCP/IP Protocol Suite The function of the TCP/IP protocol stack is to transfer information from.

Network Mapping  Identify Live Hosts  Determine running Services TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery  Identify Perimeter.

Precept 3 Host Configuration 1 Peng Sun. What TCP conn. running? Commands netstat [-n] [-p] [-c] (Linux) lsof -i -P (Mac) ss (newer version of netstat)

Hacking Exposed 7 Network Security Secrets & Solutions Chapter 2 Scanning 1.

System Security Scanning and Discovery Chapter 14.

Controlling access with packet filters and firewalls.

Chapter 2 Internet Protocol DoD Model Four layers: – Process/Application layer – Host-to-Host layer – Internet layer – Network Access layer.

Defining Network Protocols Application Protocols –Application Layer –Presentation Layer –Session Layer Transport Protocols –Transport Layer Network Protocols.

Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:

Networking in a Linux Environment Pete Eby Dan Thomas Robert Zurawski.

Penetration Testing.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)

LINUX Security, Firewalls & Proxies. Course Title Introduction to LINUX Security Models Objectives To understand the concept of system security To understand.

1 Figure 5-4: Drivers of Performance Requirements: Traffic Volume and Complexity of Filtering Performance Requirements Traffic Volume (Packets per Second)

Ana Chanaba Robert Huylo

Guide to MCSE , Second Edition, Enhanced1 Windows XP Network Overview Most versatile Windows operating system Supports local area network (LAN) connections.

Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.

Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.

A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 19 PCs on the Internet.

ECE4112 Lab 7: Honeypots and Network Monitoring and Forensics Group 13 + Group 14 Allen Brewer Jiayue (Simon) Chen Daniel Chu Chinmay Patel.

Examining TCP/IP.

CIS 450 – Network Security Chapter 3 – Information Gathering.

Chapter 9 & 10 TCP/IP. TCP/IP Model Application Transport Internet Internet Access.

Snort & Nmap Mike O’Connor Eric Tallman Matt Yasiejko.

Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.

MIS Week 4 Site:

Hands on with BackTrack Information gathering, scanning, simple exploits By Edison Carrick.

Network Assessment How intrusion techniques contribute to system/network security Network and system monitoring System mapping Ports, OS, applications.

Chapter 2 Scanning Last modified Determining If The System Is Alive.

Scanning & Enumeration Lab 3 Once attacker knows who to attack, and knows some of what is there (e.g. DNS servers, mail servers, etc.) the next step is.

1 Figure 4-1: Targeted System Penetration (Break-In Attacks) Host Scanning  Ping often is blocked by firewalls  Send TCP SYN/ACK to generate RST segments.

Basic IP Protocol Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.

IP Telephone Lab 1 Connectivity Test IP Telephone Lab 2 Outline Ping & ICMP Fast Ping (fping) & AutoStatus One-Way Ping.

Unix network Services. Configuring a network interface In Unix there are essentially two commands that are used to enable TCP/IP. ifconfig route.

Telecommunications Essentials John R. Durrett July 5, 2005.

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 1 Essential TCP/IP Network Protocols and.

Network Reconnaissance CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.

Chapter 8 The TCP/IP Protocols Cisco Learning Institute Network+ Fundamentals and Certification Copyright ©2005 by Pearson Education, Inc. Upper Saddle.

Protocols Monil Adhikari. Agenda Introduction Port Numbers Non Secure Protocols FTP HTTP Telnet POP3, SMTP Secure Protocols HTTPS.

Lab #2 NET332 By Asma AlOsaimi. "Security has been a major concern in today’s computer networks. There has been various exploits of attacks against companies,

Introduction1-1 CS 494/594 Internetworking Protocols.

Chapter 5e.  Upon completion of this chapter, you should be able to:  Find IP configuration settings on Windows & Linux  Troubleshoot IP configuration.

Network Overview. Protocol Protocol (network protocols) - a special set of rules that define communication between two or more devices on a network.

Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Lab #2 NET332 By Asma AlOsaimi.

Protection (tools).

CompTIA Security+ Study Guide (SY0-401)

Click to edit Master subtitle style

Troubleshooting ip Chapter 5e.

Introduction to Network Scanning

TCP/IP Utilities Richard Goldman May 29, 2003.

The Linux Operating System

Level 2 Diploma Unit 10 Setting up an IT Network

Data transfer through the internet (OSI Model)

Linux Networking Tools

Introduction to Networking

Troubleshooting IP Communications

NETWORK TROUBLESHOOTING COMMANDS

CompTIA Security+ Study Guide (SY0-401)

בדיקת התקשרות עם מחשב ברשת

6. Operating Systems Finger printing & Scanning

The Siphon Project An Implementation of Stealth Target Acquisition & Information Gathering Methodologies Introduction: Introduce self, Chris introduce.

Intro to Ethical Hacking

Advanced Computer Networks

Metasploit Analysis Report Overview

Troubleshooting ip Chapter 5e.

EVAPI - Enumeration Auburn Hacking club

Presentation transcript:

Enumeration The First Step

Agenda Clerical Stuff Pentest / Scope? The HackLab Networking Basics Basic Host Discovery Nmap Moving Forward

What's a pentest? Scope? White hat Paid to hack people Black box vs White (clear) box Scope? The "things" you're supposed to test In our case: the game, and definitely not AU_WiFi

Hack-Lab auctf / auctf_5ghz !!auctf2016 VPN: Next Week

Points of Interest 10.0.2.0/24 - The Player Network 10.0.2.3 - File Server 10.0.2.4 - Overseer 10.0.1.0/24 - The Scope 10.0.1.4 - 10.0.1.254 Important boxes get reset every 24 hours so don't bother

Networking Basics IP: 192.168.1.124 Netmask: 255.255.255.0 Gateway: 192.168.1.1 Subnet Packet IP Address Ports Router

Networks == Onions Telnet TCP / UDP Ping ARP MAC

Ping ICMP – Layer 3 Most basic host discovery option ping –c 4 10.0.2.2

Tracert Traces routes Good for information gathering / troubleshooting traceroute 10.0.1.15 tracert google.com

ARP Address Resolution Protocol Sits between layer 2 and layer 3 Hardware Addresses <=> Internet Addresses arp -a

Host Discovery With ARP Arp-scan / netdiscover Limited to subnet, so we can only scan 10.0.2.0/24 sudo arp-scan 10.0.2.0/24 -I wlan0 sudo netdiscover -r 10.0.2.0/24 -i wlan0

Port Scanning Probing ports and analyzing responses Open vs Closed vs Filtered Looking for attack vectors

Common Ports Secure vs Insecure SSH vs Telnet SFTP vs FTP vs TFTP

nmap The Go-To port scanning / host discovery utility nmap 10.0.1.16 nmap 10.0.1.0/24 --exclude 10.0.1.1-2 nmap –p 80 10.0.1.0/24 nmap –sV 10.0.1.16

OS Detection Can be used to determine more info nmap –v –A 10.0.1.0/24 xprobe2 10.0.1.xx Sometimes totally breaks

GUI Alternatives Gives you an easier to look at overview Not possible to do when sshing into our network Zenmap Sparta

Other Scanning Stuff Mass-Scan Shodan.io Snmpwalk / finger enumeration / etc Nessus Scanning

Next Steps Can't do much without knowing where you're going Nmap scanning is integral to metasploit / armitage Once you know services and ports you can move towards exploitation

Contacts, Website, Mailing List, etc... V@auburn.edu | mr@auburn.edu | jss0040@auburn.edu Auctf.github.io #auctf on auburnacm.slack.com Goo.gl/HjJW7u - Mailing List