What is Enumeration?!! + Quick Fix
You can use the enumeration to retrieve information:
- Network shares
- SNMP data, if they are not secured properly
- IP tables
- Usernames of different systems
- Passwords policies lists
Enumeration depends on the services provided by the system. They can:
- DNS enumeration
- NTP enumeration
- SNMP enumeration
- Linux/Windows enumeration
- SMB enumeration
Let us now discuss some of the tools that are widely used for Enumeration.
NTP Suite
The NTP suite is used for NTP enumeration. This is important because in a network environment you can find other master servers that will help to update the host's time and can do without verifying the system.
See the example below.
ntpdate 192.168.1.100 01 Sept 12:50:49 ntpdate[627]:adjust time server 192.168.1.100 offset 0.005030 secorntpdc [-ilnps] [-c command] [hostname/IP_address]root@test]# ntpdc -c sysinfo 192.168.1.100***Warning changing to older implementation***Warning changing the request packet size from 160 to 48system peer: 192.168.1.101system peer mode: clientleap indicator: 00stratum: 5precision: -15root distance: 0.00107 sroot dispersion: 0.02306 sreference ID: [192.168.1.101]reference time: f66s4f45.f633e130, Sept 01 2016 22:06:23.458system flags: monitor ntp stats calibratejitter: 0.000000 sstability: 4.256 ppmbroadcastdelay: 0.003875 sauthdelay: 0.000107 s
enum4linux
enum4linux is used to enumerate Linux systems. Please see the screenshot below and check the method of searching for the user name on the target host.
smtp-user-enum
smtp-user-enum attempts to guess the user name using the SMTP service. Look at the screenshot below and see how it is done.
Quick Fix
We recommend that you disable all unused services. This reduces the likelihood that the operating system will be enumerating the services it is running.
If you find it helpful then do follow us on Facebook Click Here :) that would be a great support from you guys.
Comments
Post a Comment