Uses TTL (time to live) option in the IP packet as a “hop counter”. traceroute: lets you view the route that an IP packet follows from one host to another. Once we have identified potential networks we need to determine potential access paths into the network. Textbook has discussion of how to do this. One way to accomplish zone transfer is to use nslookup. This is akin to providing a blueprint of your internal network to anybody who asks. – Thus, internal hostnames and IP addresses may be revealed to external sources. Potential problem occurs if zone transfer is allowed and the organization hasn’t segregated its internal (private) network information from its external (public) information. A zone transfer allows a secondary server to update its info from the primary master. (Some misconfigured systems may allow server to provide zone transfer to anyone who asks.) A security problem is to allow DNS zone transfers from unknown/untrusted Internet users. DNS is a distributed database used for mapping IP addresses & hostnames. Download and run programs that will help. Access web sites with capability to search. Whois databases valuable in this search. Goal is to identify domain names and associated networks. Start with the organization’s web page if they have one. IDS, firewalls, and other security devices. 
TCP and UDP services for internal systems.IP addresses for system on internal network.
Internal attack: same goal but from inside of the security perimeter – map out the network and determine current security posture. Possible security HW/SW (firewalls, IDS). System HW and SW (OS and applications). TCP and UDP services running on systems. 
IP addresses for Internet connected systems.External attack: Enables attackers to create a profile of an organization’s security posture including:.Footprinting/Scanning/Enumeration Lesson 9
0 kommentar(er)
