Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Identifying Machines

From: "Jeremy Sanders" <jsanders () newsouthfederal com>
Date: Tue, 19 Jun 2001 16:41:54 -0500
If you can find an ftp server on the subnet you might try an ftp bounce scan to bypass some of the filtering. I would 
also try to map out all of the firewall rules first.

Jeremy


"Rick Who Else?" <myworld () hotmail com> 06/19/01 07:55AM >>>



Let me clarify somewhat. Lets imagine a scenario, of being on a seperate 
network of your target network. So sniffing traffic and MAC addresses don't 
apply. And you wish to see how many machines on are a certain subnet. So you 
wish to scan the entire range of a class C, lets say. ICMP is filtered out. 
And some of the machines  may have no ports open. What I mean by that, as 
someone asked, would be no services running on any port. Therefore there are 
no banners.

Thanks for all the replies so far.


I'm looking for as many ways as possible to identify machines on a > 
network. Considering ICMP is disabled, and all ports on the end > 
machine are closed.


Ideas? the more the merrier.

This question goes for NT, 2K, and Unix/Unix-like machines.

Thanks,
Rick


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
Previous By Date Next
Previous By Thread Next

Current thread: