Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IP Range

From: Jason <security () brvenik com>
Date: Fri, 30 Aug 2002 10:40:55 -0400
One way is you could get the ASN then use some human cycles.

use any of the many public route servers available.

on a cisco you could try

sho ip bgp [dest netblock] <== the last ASN is the target below
sho ip bgp regexp [ASN] <== should show all routes services by that ASN.

and use contact correlation in arin/ripe/apnic whois for netblocks...


John Madden wrote:

Hello,

Where just about to begin a pentest engagement and the
client wants us to know if we can find out how many IP
blocks they have. Is there a way to find out all the
IP blocks of a company ? You've got the usual e-mail
domain name to find at least one but what if they have
2,3 + IP blocks ?

Any ideas ?
thanks 
__________________________________________________
Do You Yahoo!?
Yahoo! Finance - Get real-time stock quotes
http://finance.yahoo.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/





----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: