Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13

Thread: Finding IP addresses

  1. #11
    Senior Member secure_it's Avatar
    Join Date
    Feb 2010
    Location
    在這兩者之間 BackTrack是4 FwdTrack4
    Posts
    854

    Post

    Quote Originally Posted by tarantula78 View Post
    Hi all,

    Quick Q.

    If you have a network to attack. How would you go about it? I tend to use social engineering on companies that arent so big (auditing nothing illegal). Because if they arent big they will most likely not host their own website so I couldnt take that route. What id usually do is use some buffer overflow exploit and hope some employee opens it.

    So my question is. How would you go about attacking a network and finding the IP address that will get you in. Medium and small businesses usually have one router or so directing all their traffic. Not all have wireless networks either. So how would you go about it when you dont have any physical access or wireless access?

    Please dont think im asking for some sort of tutorial i just wanted to know what your preffered methods are/would be.

    Thanks

    Tarantula78
    What do you mean by attacking it.A pen-tester won't use such n00b terms.its better known as Vulnerability Assessment and Penetration testing.which can be done using
    white box testing(you are aware of network infrastructure,IP Scheme,routers,switches,firewalls,IDS/IPS,HIPS in place)

    black box testing(Dont have any idea of network scheme,infrastructure,kinda blind testing and simulate the real hacker penetration,more dangerous and chances of resource unavaliablity is high in network)
    gray box testing(internal VA PT Testing,using social engineering)

    For performing these you need to sign a Non-disclosure Legal Document between you and vendor and for that you must be having legal license for performing Pen-Testing.like thorn said C|EH,CPTS,LPT,ECSA,SANS GIAC Ethical Hacker or Offensive Security OSCP,OWSP etc.
    the basic steps are
    Footprinting
    Reconnaissance
    Scanning
    Gaining entry and maintaning access
    Clearing footprints

    so if you know about these steps preety sure you are aware of pen-testing and VA.for getting IP there is many ways
    sites like readnotify.com provides self-destruction mail service.which you can send to victim so when he will open it.you will get a notification of reading mail and will get the ip.another way is social engineering.

  2. #12
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Quote Originally Posted by secure_it View Post
    What do you mean by attacking it.A pen-tester won't use such n00b terms.its better known as Vulnerability Assessment and Penetration testing.which can be done using
    white box testing(you are aware of network infrastructure,IP Scheme,routers,switches,firewalls,IDS/IPS,HIPS in place) ...
    Geez pot calling the kettle black?

    Along the same lines lets point out that although some valuable information was passed along, the above is probably not the best way to demonstrate professionalism.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  3. #13
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by thorin View Post
    Geez pot calling the kettle black?

    Along the same lines lets point out that although some valuable information was passed along, the above is probably not the best way to demonstrate professionalism.
    Pretty much goes hand in hand with continually calling Windows, Winblows.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •