Penetration Testing mailing list archives
RE: Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP
From: "Josh Perrymon" <perrymonj () networkarmor com>
Date: Thu, 22 Sep 2005 06:28:43 -0500
I think there are a couple ways to go about this. Printers are like servers on a network and the IP address should be static not DHCP. What I always do is first perform an nmap scan of the target subnet and perform analysis on the network hosts. I then determine what OS and the function of each server. I then group the machines based on Role / functionality. It's easy to spot printer in the nmap scan- Mostly port 9100 for HP so on... You can manually find this info by telnetting to port 80 to verify. I then create an exclude list for nessus and also ip lists to scan from ... So each nessus scan excludes the printers every time to be safe and only the IPs I specify in the .txt files are scanned. This makes the analysis easier and expected results for a list of web servers. Hope this helps! Joshua Perrymon Network Armor -----Original Message----- From: Marjorie Rintoul [mailto:mrintoul2 () hotmail com] Sent: Tuesday, September 20, 2005 2:35 PM To: pen-test () securityfocus com Subject: Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP DHCP allocates IP addresses dynamically. How does DHCP know which (fixed printer) IP addresses to stay away from? Does anyone know of a way to get this list? ------------------------------------------------------------------------ ------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ------------------------------------------------------------------------ ------- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP Marjorie Rintoul (Sep 21)
- RE: Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP Corey Watts-Jones (Sep 21)
- RE: Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP Dean De Beer (Sep 21)
- Re: Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (Sep 21)
- Re: Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP Skip Carter (Sep 21)
- RE: [lists] Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP Curt Purdy (Sep 21)
- Re: Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP Brendan Murray (Sep 21)
- <Possible follow-ups>
- RE: Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP Josh Perrymon (Sep 22)