Enumeration is the process of merging process information that we can have from the previous process, resulting in exploitation that can be used. Example of scanning the information we get the IP Address that port 80 (http) open, then from that information we can find exploits for port 80. Or the scanning process, we obtain IP Address information port 3306 (MySQL) is open, then we are now looking for information about pengeksploitasiannya or abuse on the port 3306.
Scanning is Network scanning is a procedure for identifying active hosts
on a network, either for the purpose of attacking them or for network
security assessment. Scanning procedures, such as ping sweeps and port scans, return information about which IP addresses map to live host
s that are active on the Internet and what services they offer. Another scanning method, inverse mapping,
returns information about what IP addresses do not map to live hosts;
this enables an attacker to make assumptions about viable addresses.
- Identifying Live systems
- Discovering open ports
- Identify teh OS and Services
- Scan for vulnerabilities
- Common tools
Tidak ada komentar:
Posting Komentar