Penetration Testing mailing list archives
Host discovery
From: Oliver Kindernay <oliver.kindernay () gmail com>
Date: Tue, 23 Feb 2010 00:27:49 +0100
Hi, Let's imagine this situation. Some small company has internal network with some servers directly connected to the internet. Company's web is on the webhosintg. How can attacker now identify company's systems? I thought about something like sending email to employee with link to website which will log an ip address and hope employee will click on that link in work. But what are some more passive methods for this? ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Host discovery Oliver Kindernay (Feb 22)
- Message not available
- Re: Host discovery Oliver Kindernay (Feb 23)
- Re: Host discovery Pete Herzog (Feb 25)
- Re: Host discovery Adam Mooz (Feb 25)
- Re: Host discovery Oliver Kindernay (Feb 25)
- Re: Host discovery Oliver Kindernay (Feb 23)
- Message not available
- <Possible follow-ups>
- RE: Host discovery Ron Yount (Feb 23)
- Re: Host discovery chr1x (Feb 25)
- Re: Host discovery Oliver Kindernay (Feb 25)
- Re: Host discovery chr1x (Feb 25)
- Re: Host discovery Marco Ivaldi (Feb 25)
- Re: Host discovery chr1x (Feb 25)
- Re: Host discovery Oliver Kindernay (Feb 25)