Penetration Testing mailing list archives
Re: Host discovery
From: Pete Herzog <lists () isecom org>
Date: Wed, 24 Feb 2010 12:31:36 +0100
Hi,This is covered in the OSSTMM (osstmm.org). For example, they found you, just review your web server logs. You can still see if there's host info in the email you received from them. That's another clue. Email they read with read receipt or web bugs embedded called from your web server help too. Their documents posted to their website may contain local host information. Check the OSSTMM, there's lots of things to try.
Sincerely, -pete. Managing Director, ISECOM Oliver Kindernay wrote:
Yes but when company use webhosting's mail server this won't work.
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Host discovery Oliver Kindernay (Feb 22)
- Message not available
- Re: Host discovery Oliver Kindernay (Feb 23)
- Re: Host discovery Pete Herzog (Feb 25)
- Re: Host discovery Adam Mooz (Feb 25)
- Re: Host discovery Oliver Kindernay (Feb 25)
- Re: Host discovery Oliver Kindernay (Feb 23)
- Message not available
- <Possible follow-ups>
- RE: Host discovery Ron Yount (Feb 23)
- Re: Host discovery chr1x (Feb 25)
- Re: Host discovery Oliver Kindernay (Feb 25)
- Re: Host discovery chr1x (Feb 25)
- Re: Host discovery Marco Ivaldi (Feb 25)
- Re: Host discovery chr1x (Feb 25)
- Re: Host discovery Oliver Kindernay (Feb 25)
- Re: Host discovery YGN Ethical Hacker Group (Feb 25)