Enumeration p5

Lab 4

Enumerating a Network Using SoftPerfect Network Scanner

SoftPerfect Netirork Scanner is a free multi-threaded IP, NetBIOS, and SNMP scanner nith a modern interface and many advanced feat!ires.

Lab Scenario
To be an expert ethical hacker and penetration tester, you must have sound knowledge of enumeration, which requires an active connection to the machine being attacked. A hacker enumerates applications and banners IN  addition to identifying user accounts and shared resources, hi this lab we try to resolve host names and auto-detect vour local and external IP range.

Lab Objectives

The objective of this lab is to help students learn and perform NetBIOS enumeration. NetBIOS enumeration is carried out to detect:
■ Hardware MAC addresses across routers
■ Hidden shared folders and writable ones
■ Internal and external IP address

Lab Environment

To carry out the lab, you need:

■ SoftPerfect Network Scanner is located at D:\CEH-Tools\CEHv8 Module 04 Enumeration\SNMP Enumeration Tools\SoftPerfect Network Scanner
■ You can also download the latest version of SoftPerfect Network Scanner from the link http: / /www.sottpertect.com/products/networkscanner/

■ If you decide to download the latest version, then screenshots shown 111 the lab might differ
■ Run tliis tool 111 Windows 2012 server
■ Administrative privileges are required to run this tool

Lab Duration

Tune: 5 A !unites

Overview of Enumeration

Enumeration involves an active connection so diat it can be logged. Typical information diat attackers are looking for nicludes user account names for future password-guessnig attacks.

Lab Task

1. To launch SoftPerfect Network Scanner, navigate to D:\CEH-Tools\CEHv8 Module 04 Enumeration\SNMP Enumeration Tools\SoftPerfect Network Scanner
2. Double-click netscan.exe

FIGURE 4.1: SoftPerfect Network Scanner main window

3. To start scanning your network, enter an IP range IN THE Range From field
and click Start Scanning.

FIGURE 4.2: SoftPerfect setting an IP range to scan

4. The status bar displays the status ot the scamied IP addresses at die bottom of die window.

FIGURE 4.3: SoftPerfect status bar

5. To view die properties of an individual IP address, nght-click diat particular IP address

FIGURE 4.4: SoftPerfect IP address scanned details

Lab Analysis

Analyze and document die results related to die lab exercise.

Questions
1. Examine die detection of die IP addresses and MAC addresses across routers.
2. Evaluate die scans for listening ports and some UDP and SNMP services.
3. How would you launch external third-party applications?