Wednesday, January 19, 2011

[net-security] Internal Network Scan : major NeXpose work

Even if a network has strong intrusion detection and prevention mechanism implemented, it is as safe as machines present within the network. If any network device within the network is infected with Trojan, Virus or even running a vulnerable service; it could lead to the compromise of entire network.

Execution Method:
Rapid7 team of Metasploit, have a network vulnerability assessment tool named 'NeXpose'.
It has a huge, regularly updating database of exploits and vulnerabilities to be tested against limited set of machines in its Community Version.

First start scanning the subnets with the best network scanner, NMap revealing some interesting information about Machines, Ports and services running on those ports.

Next, launch NeXpose Scans for all machines identified in the first step in small batches. Here, NeXpose will again do some NMap like testing and a lot more extra self-checking of whether certain exploit is useful against the machine.
Keep a record of all machines with exploitable services and tried hacking those using Metasploit and tools specific to vulnerabilities.

Also use tools like SNMPFuzz, Hunt mainly on server like machines... say AD Server, etc.; you could get lucky anytime.

Tools/Technology Used:
NMap, Rapid7's NeXpose, Metasploit, SNMP Fuzzer, SNScan, Hunt

No comments:

Post a Comment