Ads Here

Friday, 19 July 2019

Enumeration and its Types || ec council ceh training

July 19, 2019 Advance Security , CEH Introduction 0 Comments
Enumeration and its Types

Enumeration is defined as the process of extracting user names, machine names, network resources, shares and services from a system. In this phase, the attacker creates an active connection to the system and performs directed queries to gain more information about the target. The gathered information is used to identify the vulnerabilities or weak points in system security and tries to exploit in the System gaining phase.
ceh training ethical hacking pdf ec council ceh training enumeration in ceh
  ceh training
ethical hacking pdf
ec council ceh training
enumeration in ceh

Types of information enumerated by intruders: 

  • Network Resource and shares
  • Users and Groups
  • Routing tables
  • Auditing and Service settings
  • Machine names
  • Applications and banners
  • SNMP and DNS details 
 ceh training
ethical hacking pdf
ec council ceh training
enumeration in ceh

Techniques for Enumeration 

  • Extracting user names using email ID's
  • Extract information using the default password 
  • Brute Force Active Directory              
  • Extract user names using SNMP
  • Extract user groups from Windows
  • Extract information using DNS Zone transfer

ceh training
ethical hacking pdf
ec council ceh training
enumeration in ceh


Services and Port to Enumerate 

  • TCP 53: DNS Zone transfer
  • TCP 135: Microsoft RPC Endpoint Mapper
  • TCP 137: NetBIOS Name Service
  • TCP 139: NetBIOS session Service (SMB over NetBIOS)
  • TCP 445: SMB over TCP (Direct Host)
  • UDP 161: SNMP
  • TCP/UDP 389: LDAP
  • TCP/UDP 3368: Global Catalog Service
  • TCP 25: Simple Mail Transfer Protocol (SMTP)

ceh training
ethical hacking pdf-
ec council ceh training
enumeration in ceh



By v�o l�c
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)