Penetration Testing mailing list archives
Re: Mapping a network
From: Lee <ler762 () gmail com>
Date: Tue, 22 Sep 2009 11:05:24 -0400
On 9/22/09, Zack Payton <zpayton () gmail com> wrote:
Very nice idea. counter: SNMP string just for the NMS, access list allowing just the NMS to use that string and uRPF enabled on all user subnetsGenerally they won't have passive-interface enabled. Hint: dynamips -> route injection. Bypass all ip filtering.
And if they're using eigrp and passive-interface is enabled? I got a perl script for attacking eigrp from a hacking cisco web site, but everything seems to depend on establishing an adjacency first. As far as I can tell, the neighbor has to be on the same subnet & eigrp won't establish an adjacency if the interface is passive, so it seems like route injection is blocked. Is there some way around passive-interface? Lee ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Mapping a network arvind doraiswamy (Sep 14)
- Re: Mapping a network Kurt Buff (Sep 15)
- Re: Mapping a network Zack Payton (Sep 17)
- Re: Mapping a network Lee (Sep 22)
- Re: Mapping a network Zack Payton (Sep 22)
- Re: Mapping a network Lee (Sep 22)
- Re: Mapping a network Zack Payton (Sep 22)
- Re: Mapping a network Lee (Sep 22)
- Re: Mapping a network Chris Brenton (Sep 23)
- Re: Mapping a network Zack Payton (Sep 23)
- RE: Mapping a network David_Falloon (Sep 24)
- Re: Mapping a network Elizabeth Greene (Sep 23)
- Re: Mapping a network Zack Payton (Sep 17)
- Re: Mapping a network Kurt Buff (Sep 15)