What is Enumeration? Explain

Enumeration

In the enumeration phase, the attacker creates active connections with the system and performs directed queries to gain more information about the target.

An attacker uses the extracted information to identify points of the system attack and perform password attacks to gain unauthorized access to information system resources.

Enumeration techniques are conducted in an internet environment.

Also Read: How to hack wifi using kali

Information Enumerated by Intruders

  • Network resources
  • network shares
  • Routing tables
  • Audit and service setting
  • SNMP and FQDN details
  • Machine names
  • Users and groups
  • Applications and banners

What is Enumeration?

Enumeration is the process of extracting user names, machine names, network resources, shares, and services from a system or network. In the enumeration phase, the attacker creates active connections with the system and performs direct queries to gain more information about the target.

The attacker uses the information collected by means of enumeration to identify the vulnerabilities or weak points in the system security, which helps them exploit the target system. It allows attackers to perform password attacks to gain unauthorized access to information system resources. Enumeration techniques work in an internet environment.

Techniques for Enumeration

Extract user names using email IDs

Extract information using the default password

Brute force active Directory

Extract information using DNS Zone Transfer

Extract user groups from Windows

Extract user names using SNMP

These are the main Techniques of Enumeration If you need brief information about each term you can comment below.

Services and Ports to Enumerate

TCP/UDP 53

Domain Name System (DNS) Zone Transfer.

TCP/UDP 135

Microsoft RPC Endpoint Mapper.

UDP 137

NetBIOS Name Service (NBNS)

TCP 139

NetBIOS Session Service (SMB over NetBIOS)

TCP/UDP 445

SMB over TCP (Direct Host)

UDP 161

Simple Network Management Protocol(SNMP)

TCP/UDP 389

Lightweight Directory Access Protocol (LDAP)

TCP/UDP 3268

Global catalog service.

TCP25

Simple Mail Transfer Protocol

What is NetBIOS?

NetBIOS stands for Network Basic Input Output System. IBM developed it along with Sytek. The primary intention of NetBIOS was developed as Application Programming Interface (API) to enable access to LAN resources by the client’s software.

NetBIOS naming convention starts with 16-ASCII character string used to identify the network devices over TCP/IP; 15-characters are used for the device name, and the 16th character is reserved for the service or name record type.

NetBIOS Enumeration Tools:

The following table shows the list of tools to perform NetBIOS Enumeration:

1. Nbtstat

2. SuperScan

3. Hyena

4. Winfingerprint

5. NetBIOS enumerator

What is SNMP?

SNMP stands for Simple Network Management Protocol is an application-layer protocol that runs on User Datagram Protocol (UDP). It is used for managing network devices which run on IP layer like routers. SNMP is based on a client-server architecture where SNMP client or agent is located on every network device and communicates with the SNMP managing station via requests and responses. Both SNMP request and responses are configurable variables accessible by the agent software. SNMP contains two passwords for authenticating the agents before configuring the variables and for accessing the SNMP agent from the management station.

Also Read This :- What is Footprinting?

If you need more information about Enumeration or any topic you can comment below we will help you soon. And to learn hacking check more.

Related posts

Leave a Comment