Enumeration

3.1. Introduction

The goal of enumeration is to gather more detailed information on both devices and resources attached to the network. This includes account names, shares, misconfigured services and so on. Like the scanning phase, enumeration involves active connections to the remote devices in the network.

There are may protocols on networked systems that none can easily exploit if administrators do not take the necessary steps to either secure protocols or disable them.

For example, NetBIOS (Network Basic Input Output Systems) is the service that allows Windows systems to share files, folders, and printers among machines on a LAN. If not properly configured, it can lead to large amount of information leakage.

NetBIOS can be extremely useful in determining types of system information such as user IDs and open shares.

In addition to NetBIOS, a protocol that we will explore in this module is SNMP (Simple Network Management Protocol). It is a protocol used to both gather information and configure network devices (printers, switches, servers)