Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Mapping a network

From: Lee <ler762 () gmail com>
Date: Tue, 22 Sep 2009 11:05:24 -0400
On 9/22/09, Zack Payton <zpayton () gmail com> wrote:

Very nice idea.  counter: SNMP string just for the NMS, access list
allowing just the NMS to use that string and uRPF enabled on all user
subnets


Generally they won't have passive-interface enabled.  Hint: dynamips
-> route injection.
Bypass all ip filtering.


And if they're using eigrp and passive-interface is enabled?

I got a perl script for attacking eigrp from a hacking cisco web site,
but everything seems to depend on establishing an adjacency first.  As
far as I can tell, the neighbor has to be on the same subnet & eigrp
won't establish an adjacency if the interface is passive, so it seems
like route injection is blocked.  Is there some way around
passive-interface?

Lee

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: