User Info and User Dump Tutorial The UserInfo and UserDump tools enumerate user credentials on Microsoft OS's as null sessions. Null sessions allow an anonymous attackers to extract a great deal of information about a system, most importantly, account names. They are dangerous because they allow attackers to pull juicy user data from the machine. Windows NT, 2000 and even Server 2003 domain controllers are susceptible to enumeration using null sessions. The key point to take away on null sessions and enumeration is that you can obtain account names to use on dictionary attacks and other information like last logon, privileges, and when and if the password expires. It even gives you the logon hours so we aren't knocking on the door when the user should be asleep and not able to log in.
Sniffing in a Switched Network - Arp Spoofing Using Ettercap and Ethereal Many of us know that sniffing is possible in a shared i.e. non-switched ethernet environment. But only few of us know that sniffing is also possible in a switched ethernet environment. One of the reasons is that it's not that straighforward. But it's not impossible or difficult. You can use man in the middle technique like ARP spoofing to sniff in a switched environment. This presentation is an attempt to explain how can somebody sniff in a switched ethernet using ARP spoofing. Dsniff has existed for long as a tool for various sniffing activities. But recently, tools like EttercapNG have made it easier.
Monitoring Network Traffic Reading network traffic is essential for system administrators, network engineers, and security analysts. At some point there will be a need to read the network traffic directly instead of monitoring application level details. Examples of situations that might require monitoring network traffic are, auditing network security, debugging network configurations, and analyzing usage patterns.
Security Tool Review and Howto: kismet/gkismet Kismet is an open source utility used for monitoring wireless network traffic. It is a popular choice for detecting/enumerating wireless access points and wireless clients.
Security Tool Review and Howto: nbtscan As security conscious administrators or information security professionals we must remain up to date in the world of vulnerabilities. Knowing where these vulnerabilities lie in your I.T. infrastructure is an essential step to successful risk mitigation. This section will be dedicated to reviewing tools that will help us in identifying and locate various security vulnerabilities.
Security Tool Review and Howto: scanssh As security conscious administrators or information security professionals we must remain up to date in the world of vulnerabilities. Knowing where these vulnerabilities lie in your I.T. infrastructure is an essential step to successful risk mitigation. This section will be dedicated to reviewing tools that will help us in identifying and locating various security vulnerabilities.
Actions
Category Stats