Re: What's Next? Attack of Internal IP Disclosure

[Veronica <vero.valeros () gmail com>]

Hi,

On Tue, May 24, 2011 at 6:07 AM, Zaki Akhmad <zakiakhmad () gmail com> wrote:
> Hi all,
>
> I need a hint/idea here.
>
> After I launched a penetration testing attack from Internet, I could
> disclose the internal IP address. What would be the attack after I
> knew the internal IP address? How do I access directly to this machine
> with internal IP address?
>
> --
> Zaki Akhmad
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

If you can recreate the internal structure of the network maybe it
could be a good idea to try some social engineering strategies... It
could be easy to fake a new hired technician that needs to "learn"
"things" from the network... but it's always depend on the company
staff..


Regards,

Verónica Valeros

-- 
---------------------------------------------------------------
http://keyserver.veridis.com:11371/export?id=5229491868415998346&created=1256222534000

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------