Enumeration
Types
Black Box
Simulate Outsider: no information is given Bug BountyDNS Enumeration
Most Organisations host multiple DNS servers:- Root DNS
- Subordinate DNS
- ISP DNS
- Primary & Secondary - Withing the Organisation
- Broadcast
- Zone Transfer
- Local Host Files
Tools
- dnsenum
- dnsmap
- dnsrecon
- dnswalk
- fierce
White Box
Simulate Internal Attacker: provide some information for example:- wifi passwords
- login info
SNMP Enumeration
Simple Network Management Protocol - it allows for centralised monitoring and forwarding of log files.This protocol normally is installed on Windows Machines.
In ubuntu you can install the software with sudo apt-get install snmp
All Machines on the same network have a shared community name" often called public
Tools
- snmp-bridge-mib snmp-check snmpgetnext snmpstatus snmpusm snmpbulkget snmpconf snmpinform snmptable snmpvacm snmpbulkwalk snmpdelta snmpkey snmptest snmpwalk snmpc snmpdf snmpnetstat snmptranslate snmpcheck snmpget snmpset snmptrap
- snmpenum
Grey Box
Split time 60/40 between Black and White Box scenariosSources
Security Assured Blog28nov16 | admin |