Penetration Testing mailing list archives
Re: Topology discover
From: "Laurent Constantin" <infos () aql fr>
Date: Fri, 23 Sep 2005 17:39:42 +0200
Hello,
I am currently performing a pen-test in the internal network of a company. I am used to pen-testing systems and the set of applications they support, looking for vulnerabilities in software version, logic or misconfiguration. I have also considered routing and protocol attacks as ARP spoofing and RIP packet injection. But I think I am missing some techniques to find out what the topology is. [...]
There is a tool in my toolbox netwox which can help you : http://www.laurentconstantin.com/en/netw/ Tool 214 does several traceroutes to a range of computers : - TCP traceroute to port 21 - TCP traceroute to port 22 - TCP etc. - UDP traceroute to port 53 - UDP etc. - ICMP traceroute Then, a text graph, representing each computer, is drawn. This is not very nice, but very useful. For example : netwox 214 --ips "192.168.1.0/24" --tcpports \ "21,22,23,25,53,79,80,88,110,113,119,139,143,389,443,445,1080,2401,6000" \ --udpports "1,53,67,68,123,137,138,161,162,177,514" --icmp --min-ttl 4 \ --max-ttl 7 --max-ms 300 --resolve --verbose Just to be clear, this tool only discover computers, and does not search for any vulnerabilities. Regards, Laurent Constantin -- +--------+ Vigil@nce, vulnerabilities tracking +---------+ | http://vigilance.aql.fr/ tel: 02 99 12 50 00 | | vigilance () aql fr fax: 02 99 63 70 40 | +-------------------+ Personal website +-----------------+ | http://www.laurentconstantin.com/ (main server) | | http://go.to/laurentconstantin/ (first mirror) | +--------------------------------------------------------+ ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Topology discover RSMC (Sep 21)
- <Possible follow-ups>
- Re: Topology discover DMORROW5 (Sep 22)
- Re: Topology discover Laurent Constantin (Sep 23)
- RE: Topology discover Samuel R. Baskinger (Sep 29)
- RE: Topology discover Steve McLaughlin (Sep 29)