Week 5 Takeaways

Reading Summary: Enumeration and Footprinting

The Enumeration process identifies valid user accounts or any weak component/resource. Some of the key areas of information include user and groups, network resources, and applications and banners. There are various tools used for this process such as Windows NT/2000 Enumeration which contains remote admin tools and port assignments for common UNIX utilities. Another tool is called NetWare Enumeration which is a Novell based tool that checks the status of all the servers on the opponent’s network as well browse he NDS trees all the way to the end lead using this tool. UNIX Enumeration displays user’s home directory, login and idle time, office location, etc. via the “finger” command.

Footprinting is the initial step in hackers information gathering which displays critical information regarding remote access capabilities, profile of the company’s Intranet/extranet, etc.  This will then allow hackers to build a database with all of the company’s security weaknesses. Footprinting is accomplished various ways such as via open source searching, network enumeration, DNS interrogation and network reconnaissance. Companies are struggling and in need of protection their infrastructure against Denial of Service attacks. The installation of an anti-virus is no longer as critical as having a holistic approach in place that provides layers of security posture (attributes ranging from policy, procedures, awareness, and technology) which will prevent the hacker to footprint the company’s network, if not, make it a harder process of obtaining critical information.
Article: Military Battles to Man its Developing Cyber Force

The U.S. Defense Department is assembling 133 Cyber Mission Force teams to defend military networks, protect critical U.S. infrastructure, and strike back in cyberspace when necessary. This team was to be in place by the end of 2016, however, with the requirements of fully manned, trained, and equipped it will now be extended by fiscal year 2018. In addition, there will be 5,825 cyber personnel to join by 2018 ranging in each division: army, air power, navy, and marines. The last resource of seeking civilians is within the reserve where six of the Air Forces cyber teams will reside, as well as up to 2,000 Reserve and National Guard personnel. It is important to note that these are people who currently work in the cyber field which means their skills and training are current.

Interested in reading more about this article? If so, you can do so here.

Question for the class:

Have you previously been exposed, or are currently, in using an enumeration tool for your company? If so, what have you found to be the weakest components of the company’s infrastructure?