Penetration Testing mailing list archives
Re: Identifying Machines
From: "Jeremy Sanders" <jsanders () newsouthfederal com>
Date: Tue, 19 Jun 2001 16:41:54 -0500
If you can find an ftp server on the subnet you might try an ftp bounce scan to bypass some of the filtering. I would also try to map out all of the firewall rules first. Jeremy
"Rick Who Else?" <myworld () hotmail com> 06/19/01 07:55AM >>>
Let me clarify somewhat. Lets imagine a scenario, of being on a seperate network of your target network. So sniffing traffic and MAC addresses don't apply. And you wish to see how many machines on are a certain subnet. So you wish to scan the entire range of a class C, lets say. ICMP is filtered out. And some of the machines may have no ports open. What I mean by that, as someone asked, would be no services running on any port. Therefore there are no banners. Thanks for all the replies so far.
I'm looking for as many ways as possible to identify machines on a > network. Considering ICMP is disabled, and all ports on the end > machine are closed. Ideas? the more the merrier. This question goes for NT, 2K, and Unix/Unix-like machines. Thanks, Rick
_________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com
Current thread:
- Identifying Machines Rick Who Else? (Jun 18)
- Re: Identifying Machines Blake Frantz (Jun 19)
- Re: Identifying Machines Don Tansey (Jun 19)
- Re: Identifying Machines Lance Spitzner (Jun 19)
- <Possible follow-ups>
- Re: Identifying Machines Rick Who Else? (Jun 19)
- Re: Identifying Machines Jose Nazario (Jun 19)
- Re: Identifying Machines Crist Clark (Jun 19)
- Re: Identifying Machines Blake Frantz (Jun 20)
- Re: Identifying Machines Ryan Russell (Jun 19)
- RE: Identifying Machines Yonatan Bokovza (Jun 19)
- Re: Identifying Machines Jeremy Sanders (Jun 19)
- Re: Identifying Machines Victor A. Rodriguez (Jun 19)