Understanding Enumeration in Windows Networks

Slide Note
Embed
Share

Enumeration in Windows networks involves obtaining information about accounts, network resources, shares, users, groups, applications, and banners. Techniques such as Telnet, netcat, Registry enumeration, Windows sources of information like protocols CIFS/SMB and NetBIOS, NetBIOS enumeration, SNMP enumeration, and user and group enumeration are discussed along with countermeasures to secure the network against unauthorized access.

zcout
zcout Follow

Uploaded on Sep 30, 2024 | 1 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Enumeration

  2. Local IP addresses (review) Some special IP addresses localhost 127.0.0.1 (loopback address) Internal networks Class A 10.0.0.0 Class B 172.16.0.0 to 172.31.0.0 Class C 192.168.0.0 to 192.168.255.0 Machines behind a firewall can use these internal IP numbers to communicate among them. Only the firewall machine/device (host) needs to have an IP address valid in the Internet.

  3. What is enumeration? Obtain information about accounts, network resources and shares. Categories network resources and shares users and groups applications and banners Techniques (OS specific) Windows UNIX/Linux

  4. Windows applications and banner enumeration Telnet and netcat: same in Windows and UNIX. Telnet: Connect to a known port and see the software it is running, as in this example. Netcat: similar to telnet but provides more information. Countermeasures: log remotely in your applications and edit banners. FTP (TCP 21), SMTP (TCP 25) : close ftp, use ssh (we will see it later). Disable telnet in mail servers, use ssh. Registry enumeration: default in Windows. Server is Administrators only. Tools:regdmp.exe, DumpSec see an example and limitations (more later). Countermeasures: be sure the registry is set for Administrators only and no command prompt is accessible remotely (telnet, etc). .

  5. Windows sources of information Protocolsproviding information: CIFS/SMB and NetBIOS, through TCP port 139, and another SMB port, 445. Banner enumeration is not the main issue. (UDP 137), Null session command: net use \\19x.16x.11x.xx\IPC$ /u: countermeasures: filter out NetBIOS related TCP, UDP ports 135-139 (firewall). disable NetBIOS over TCP/IP see ShieldsUp! page on binding. restrict anonymous using the Local Security Policy applet. More here. GetAcct bypasses these actions (download the GetAcct tool). .

  6. Windows network resources NetBIOS enumeration (if port closed, none work) NetBIOS Domain hosts: net view NetBios Name Table: nbtstat use and example and nbtscan (download). NetBIOS shares: DumpSec, NetBIOS Auditing Tool (NAT), NBTdump (use, output). ShareEnum (download, example). Countermeasures: as discussed previously => close ports 135-139, disable NetBIOS over TCP/IP SNMP enumeration: SolarWinds IP Network Browser (commercial). Countermeasures: close port 445. Windows DNS Zone Transfers: Active Directory is based on DNS and create new vulnerability, but provides tool -- Computer Management Microsoft Management Console (MMC) -- to restrict zone transfers to certain IP numbers.

  7. Windows: user and group enumeration Enumerating Users via NetBIOS: usernames and (common) passwords. Enum(NBTEnum): use and output. DumpSec: output. Countermeasures: as before (close ports, no NetBIOS over TCP/IP) Usingsid2user and user2sid and download them here. Using Cain and Abel for both network resources and user and group enumeration. See manual and download. We will use it again in future classes for more involved uses. Enumerating Users using SNMP: SolarWinds IP Network Browser. See also snmputil. Windows Active Directory enumeration using ldp: Win 2k on added LDAP through the active directory -- you login once (the good) and have access to all resources (the security problem). close ports 389 and 3268. You will not practice this in the course.

Related


Strategies for Personal Income Tax Enumeration Processes in Lagos State

Strategies for Personal Income Tax Enumeration Processes in Lagos State

rebeca
Effective Management Systems for Field Enumeration in Population and Housing Censuses

Effective Management Systems for Field Enumeration in Population and Housing Censuses

nancie
Understanding Network Analysis: Whole Networks vs. Ego Networks

Understanding Network Analysis: Whole Networks vs. Ego Networks

kayliee
Evolution of Census Mapping in Belize

Evolution of Census Mapping in Belize

beow212
Windows Platforms: A Lucrative Opportunity for Game Publishing

Windows Platforms: A Lucrative Opportunity for Game Publishing

mjeo
Windows 7 User Interface Overview

Windows 7 User Interface Overview

dcobi
Understanding Doors and Windows in Architecture

Understanding Doors and Windows in Architecture

vlad
Understanding GUI in Windows Operating System

Understanding GUI in Windows Operating System

nmoul
Understanding Artificial Neural Networks From Scratch

Understanding Artificial Neural Networks From Scratch

inara
Enhancing Security with Windows Hello for Business

Enhancing Security with Windows Hello for Business

truett
Publish a Windows 10 Game with Unity 5: Step-by-Step Guide

Publish a Windows 10 Game with Unity 5: Step-by-Step Guide

mykelt
Setting Up DHIS2.Live on Windows Laptops/Desktops (November 2013)

Setting Up DHIS2.Live on Windows Laptops/Desktops (November 2013)

ward_rey
How to Record Your Voice: A Comprehensive Guide for Windows, Mac, and Smartphones

How to Record Your Voice: A Comprehensive Guide for Windows, Mac, and Smartphones

wear_ck
Understanding Blood Cell Enumeration Using Haemocytometer

Understanding Blood Cell Enumeration Using Haemocytometer

junia
Importance of Census 2020 for Fair Representation and Federal Funding

Importance of Census 2020 for Fair Representation and Federal Funding

dill_r
Optimizing Join Enumeration in Transformation-based Query Optimizers

Optimizing Join Enumeration in Transformation-based Query Optimizers

vier784
Data-Parallel Finite-State Machines: A Breakthrough Approach

Data-Parallel Finite-State Machines: A Breakthrough Approach

alha_999
Challenges and Methodology of the Indian Census Program

Challenges and Methodology of the Indian Census Program

knightho
Introduction to Neural Networks in IBM SPSS Modeler 14.2

Introduction to Neural Networks in IBM SPSS Modeler 14.2

anouk
Understanding 2D Viewing in Computer Graphics

Understanding 2D Viewing in Computer Graphics

helio
Understanding User Identity and Access Tokens in Windows Security

Understanding User Identity and Access Tokens in Windows Security

lkyi
Understanding Embedded Operating System Security

Understanding Embedded Operating System Security

kace_580
Tutorial: Installing Hadoop 3.3 on Windows 10 and Setting Up Linux Subsystem

Tutorial: Installing Hadoop 3.3 on Windows 10 and Setting Up Linux Subsystem

tassilo
Streamlining Image Deployment with Windows Deployment Service and MDT

Streamlining Image Deployment with Windows Deployment Service and MDT

iver

More Related Content

Essential Tips for Working with Windows and Mac Computers
Essential Tips for Working with Windows and Mac Computers
Windows Azure Recovery Services Overview
Windows Azure Recovery Services Overview
Setting up DHIS2 Live on Windows Desktop/ Laptop (Nov 2011)
Setting up DHIS2 Live on Windows Desktop/ Laptop (Nov 2011)
How to Install WhatsApp on Windows Laptop: Step-by-Step Guide
How to Install WhatsApp on Windows Laptop: Step-by-Step Guide
Windows 10 Installation Guide for Beginners
Windows 10 Installation Guide for Beginners
Developing Apps for Windows Phone 7: A Comprehensive Guide
Developing Apps for Windows Phone 7: A Comprehensive Guide
Indie Game Development: Windows 10, Xbox One, HoloLens & More!
Indie Game Development: Windows 10, Xbox One, HoloLens & More!
Dive into Windows Azure Platform Evolution
Dive into Windows Azure Platform Evolution
Understanding Computer Networks: Types and Characteristics
Understanding Computer Networks: Types and Characteristics
Understanding Interconnection Networks in Multiprocessor Systems
Understanding Interconnection Networks in Multiprocessor Systems
Understanding Overlay Networks and Distributed Hash Tables
Understanding Overlay Networks and Distributed Hash Tables
Understanding Networks: An Introduction to the World of Connections
Understanding Networks: An Introduction to the World of Connections
Computational Physics (Lecture 18)
Computational Physics (Lecture 18)
P-Rank: A Comprehensive Structural Similarity Measure over Information Networks
P-Rank: A Comprehensive Structural Similarity Measure over Information Networks
Understanding Advanced Classifiers and Neural Networks
Understanding Advanced Classifiers and Neural Networks
Understanding Relational Bayesian Networks in Statistical Inference
Understanding Relational Bayesian Networks in Statistical Inference
Understanding Back-Propagation Algorithm in Neural Networks
Understanding Back-Propagation Algorithm in Neural Networks
Understanding Wireless Wide Area Networks (WWAN) and Cellular Network Principles
Understanding Wireless Wide Area Networks (WWAN) and Cellular Network Principles
Understanding Computer Networks in BCA VI Semester
Understanding Computer Networks in BCA VI Semester
Understanding Computer Communication Networks at Anjuman College
Understanding Computer Communication Networks at Anjuman College
Understanding Router Routing Tables in Computer Networks
Understanding Router Routing Tables in Computer Networks
Understanding Graph Theory and Networks: Concepts and Applications
Understanding Graph Theory and Networks: Concepts and Applications
Understanding Bayesian Networks: A Comprehensive Overview
Understanding Bayesian Networks: A Comprehensive Overview
Evolution and Potential of 5G Technology
Evolution and Potential of 5G Technology