[unisog] Re: Coordinated Scan

Anderson Johnston andy at umbc.edu
Thu Apr 4 16:01:38 GMT 2002


There is also a Windows utility called "Winfingerprint" which scans an IP
range for a menu of items like:

NetBios shares
Groups
Users
Null Sessions
Registry
Services
Transports
TCP port scan

See http://sourceforge.net/projects/winfingerprint/

						- andy

On Thu, 4 Apr 2002, Patrick Aland wrote:

> null session enumeration is one easy way.
>
> There is a rather nice perl script called null.pl (don't have url handy)
> that will get you a list of usernames, shares, etc on a machine.
>
>
> On Thu, Apr 04, 2002 at 09:04:10AM -0500, Jenett Tillotson wrote:
> >
> > Let me also add that I think this was the result of poor user habits.  3
> > of the boxes that were broken into had a blank administrator password.
> > Also, there were logs of other attempts on campus where one box had 160
> > attempts to log into an account with administrator privileges.
> >
> > What puzzles me is that none of the accounts involved were actually the
> > administrator account, but another account with administrator privilege.
> > Excuse my ignorance with Microsoft products, but how does a hacker find
> > out the usernames on a Windows box?
> >
> > Jenett Tillotson
> > School of Pharmacy
> > Purdue University
> >
> --
> ------------------------------------------------------------
>  Patrick Aland                          paland at stetson.edu
>  Network Administrator                  Voice: 386.822.7217
>  Stetson University                     Fax: 386.822.7367
> ------------------------------------------------------------
>

------------------------------------------------------------------------------
** Andy Johnston (andy at umbc.edu)          *            pager: 410-678-8949  **
** Manager of IT Security                 * PGP key:(afj2002) 4096/8448B056 **
** Office of Information Technology, UMBC *   4A B4 96 64 D9 B6 EF E3 21 9A **
** 410-455-2583 (v)/410-455-1065 (f)      *   46 1A 37 11 F5 6C 84 48 B0 56 **
------------------------------------------------------------------------------



More information about the unisog mailing list