Penetration Testing mailing list archives
Re: Topology discover
From: DMORROW5 () satx rr com
Date: Thu, 22 Sep 2005 10:11:47 -0700
Just a suggestion, but perhaps you should consider looking at any router/switch configurations. Sometimes manually mapping out your network can be just as insightful as automated methods. regards, Dana Morrow ----- Original Message ----- From: RSMC <smcsoc () yahoo es> Date: Wednesday, September 21, 2005 1:57 pm Subject: Topology discover
Hi there, I am currently performing a pen-test in the internal network of a company.I am used to pen-testing systems and the set of applications they support, looking for vulnerabilities in software version, logic or misconfiguration. I have also considered routing and protocol attacks as ARP spoofing and RIP packet injection. But I think I am missing some techniques to find out what the
topology
is. I know about traceroute, firewalk and CDP, but I would like to knowif there is a whitepaper or documentation that explains how to find out as much as possible about the enviroment I am in. Help about discoveringVLANs is also welcomed. Thanks in advance. ------------------------------------------------------------------- ----------- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ------------------------------------------------------------------- ------------
------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Topology discover RSMC (Sep 21)
- <Possible follow-ups>
- Re: Topology discover DMORROW5 (Sep 22)
- Re: Topology discover Laurent Constantin (Sep 23)
- RE: Topology discover Samuel R. Baskinger (Sep 29)
- RE: Topology discover Steve McLaughlin (Sep 29)