Re: Identifying Machines

From: Blake Frantz (blakeat_private)
Date: Tue Jun 19 2001 - 21:00:52 PDT

Next message: NetW3.COM Consulting: "RE: Linksys Pen Test"

Previous message: Eugene Tsyrklevich: "Re: IP forwarding"
In reply to: Crist Clark: "Re: Identifying Machines"
Next in thread: Ryan Russell: "Re: Identifying Machines"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If all of your technical efforts fail try calling up the IS manager and
tell him you are performing a survey pertaining to the "technological
awareness of businesses in <insert organizational type here, ie health
care, ISP, bank>" and you would like to know the number of computers they
have.

-Blake

================================================================= 
The Government, like diapers, should be replaced regularly, and
often for the same reasons. 

On Tue, 19 Jun 2001, Crist Clark wrote:

> Rick Who Else? wrote:
> > 
> > Let me clarify somewhat. Lets imagine a scenario, of being on a seperate
> > network of your target network. So sniffing traffic and MAC addresses don't
> > apply. And you wish to see how many machines on are a certain subnet. So you
> > wish to scan the entire range of a class C, lets say. ICMP is filtered out.
> > And some of the machines  may have no ports open.
> 
> Scanning to see what machines are there should be trivial. A TCP SYN-scan
> (or a variety of more stealthy TCP scans) would do that. More interesting
> TCP scans (X-mas, NULL, surprise-ACK, etc.) can give you more hints about 
> the OS. Of course, once you get any traffic from the hosts, you can also
> look at the IP headers for more clues, TTL, IP ID pattern, DF-bit, etc.
> 
> Of course, I am assuming you mean "closed ports" are really closed
> ports (return RSTs when tickled) as opposed to filtered, firewalled
> TCP ports. If that's the case... good luck. 
> -- 
> Crist J. Clark                                Network Security Engineer
> crist.clarkat_private                    Globalstar, L.P.
> (408) 933-4387                                FAX: (408) 933-4926
> 
> The information contained in this e-mail message is confidential,
> intended only for the use of the individual or entity named above.  If
> the reader of this e-mail is not the intended recipient, or the employee
> or agent responsible to deliver it to the intended recipient, you are
> hereby notified that any review, dissemination, distribution or copying
> of this communication is strictly prohibited.  If you have received this
> e-mail in error, please contact postmasterat_private
>

Next message: NetW3.COM Consulting: "RE: Linksys Pen Test"
Previous message: Eugene Tsyrklevich: "Re: IP forwarding"
In reply to: Crist Clark: "Re: Identifying Machines"
Next in thread: Ryan Russell: "Re: Identifying Machines"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jun 20 2001 - 10:50:52 PDT