Topology discover

• Previous message: Skip Carter: "Re: Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP"
• Next in thread: DMORROW5_at_satx.rr.com: "Re: Topology discover"
• Maybe reply: DMORROW5_at_satx.rr.com: "Re: Topology discover"
• Maybe reply: Laurent Constantin: "Re: Topology discover"
• Maybe reply: Samuel R. Baskinger: "RE: Topology discover"
• Maybe reply: Steve McLaughlin: "RE: Topology discover"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 21 Sep 2005 22:57:21 +0200
To: pen-test@securityfocus.com

Hi there,

I am currently performing a pen-test in the internal network of a company.
I am used to pen-testing systems and the set of applications they
support, looking for vulnerabilities in software version, logic or
misconfiguration.
I have also considered routing and protocol attacks as ARP spoofing and
RIP packet injection.

But I think I am missing some techniques to find out what the topology
is. I know about traceroute, firewalk and CDP, but I would like to know
if there is a whitepaper or documentation that explains how to find out
as much as possible about the enviroment I am in. Help about discovering
VLANs is also welcomed.

Thanks in advance.

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

• Previous message: Skip Carter: "Re: Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP"
• Next in thread: DMORROW5_at_satx.rr.com: "Re: Topology discover"
• Maybe reply: DMORROW5_at_satx.rr.com: "Re: Topology discover"
• Maybe reply: Laurent Constantin: "Re: Topology discover"
• Maybe reply: Samuel R. Baskinger: "RE: Topology discover"
• Maybe reply: Steve McLaughlin: "RE: Topology discover"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Penetrating a PC through a printer device ... > compromise the connected target PC if you gained control of the printer? ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on your ... Cross site scripting and other web attacks before hackers do! ... (Pen-Test) Acunetix Web Vulnerability Scanner 4.0 ... Audit your website security with Acunetix Web Vulnerability Scanner ... Web applications are ... against web application attacks since they are launched on port 80 - ... more likely to have undiscovered vulnerabilities. ... (comp.software.shareware.announce) Penetrating a PC through a printer device ... compromise the connected target PC if you gained control of the printer? ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on your ... Cross site scripting and other web attacks before hackers do! ... (Pen-Test) Re: Application Security Scanning ... When you say "non-web based applications" are you talking client server, mainframe, or other? ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ... (Pen-Test) RE: Pre-Scanning for Marketing ... installer there were some Security issue, ... vulnerabilities are easily and efficiently identified. ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Up to 75% of cyber attacks are launched on shopping carts, ... (Pen-Test)