Penetration Testing mailing list archives

RE: Profiling a Networks Infrastructure

From: "Tom Farrar" <tom.farrar () it-ps com>
Date: Wed, 24 Jun 2009 12:30:52 +0100

Something like:

Nmap -vv -sT -sV -O -p 1521,1526,1575 -P0 --traceroute 'targetname'



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Phil Young
Sent: 22 June 2009 23:35
To: pma111
Cc: pen-test () securityfocus com
Subject: Re: Profiling a Networks Infrastructure

If you're just interested in Oracle couldn't you run an nmap scan for
the specific oracle port with a banner read (and traceroute the whole
thing, output to XML and let nmap map it for you in the gui!)

On Mon, Jun 22, 2009 at 11:18 AM, pma111<pmaneedham () hotmail com> wrote:


Is there a specific tool or procedure you use when you want to

"profile" a

specific network. Namely, I would like to see what options somebody

could

use to identify every internal Oracle Database / Database Server that
resides on the Network. Could this be done without tools by some kind

of

command line instruction, or would it require software installing on

the

network. Or is it no way near as simplistic as this, and even a user

sat

inside the network would need access to network documentation /

diagrams etc

to identify a full list of all internal Oracle DB's / DB Servers.
--
View this message in context:

http://www.nabble.com/Profiling-a-Networks-Infrastructure-tp24148675p241
48675.html

Sent from the Penetration Testing mailing list archive at Nabble.com.

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review

Board


Prove to peers and potential employers without a doubt that you can

actually do a proper penetration test. IACRB CPT and CEPT certs require
a full practical examination in order to become certified.


http://www.iacertification.org

------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board

Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require
a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------





------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------

Current thread:

Profiling a Networks Infrastructure pma111 (Jun 22)
- Re: Profiling a Networks Infrastructure pand0ra (Jun 24)
- Re: Profiling a Networks Infrastructure Paul Melson (Jun 24)
  - Re: Profiling a Networks Infrastructure Adriel T. Desautels (Jun 24)
- Re: Profiling a Networks Infrastructure Muhammad Farooq-i-Azam (Jun 24)
  - [Suspected Spam]RE: Profiling a Networks Infrastructure Syed Khaden (Jun 26)
- Re: Profiling a Networks Infrastructure Phil Young (Jun 24)
  - RE: Profiling a Networks Infrastructure Tom Farrar (Jun 24)
- <Possible follow-ups>
- Re: Profiling a Networks Infrastructure lidlosesauge (Jun 26)