From: Samuel R. Baskinger (sbaskinger@lumeta.com)
Date: Wed Sep 28 2005 - 10:20:27 EDT
Lumeta does this. :D
(How's that for a shameless plug? ;) )
Sam
-----Original Message-----
From: RSMC [mailto:smcsoc@yahoo.es]
Sent: Wednesday, September 21, 2005 4:57 PM
To: pen-test@securityfocus.com
Subject: Topology discover
Hi there,
I am currently performing a pen-test in the internal network of a company.
I am used to pen-testing systems and the set of applications they
support, looking for vulnerabilities in software version, logic or
misconfiguration.
I have also considered routing and protocol attacks as ARP spoofing and
RIP packet injection.
But I think I am missing some techniques to find out what the topology
is. I know about traceroute, firewalk and CDP, but I would like to know
if there is a whitepaper or documentation that explains how to find out
as much as possible about the enviroment I am in. Help about discovering
VLANs is also welcomed.
Thanks in advance.
----------------------------------------------------------------------------
-- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- ---
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:00 EDT