Manualshelf

User's Manual

ManualsBrandsSolaris ManualsSoftwareCX-310-301
11121314151617181920
Solaris 9 Security CX-310-301 19
information for example, the attacker would consult publicly available sites such as www.cert.org
or www.sans.org
for news on vulnerabilities.
Attackers choose their targets based on a variety of criteria, depending on the overall objective. A terrorist
will target a specific company or type of company, whereas a cracker will just scan around looking for a
vulnerable site to break into and cause damage.
Gathering Techniques
Attackers use three main techniques for gathering information:
¾ Social Engineering – This technique takes advantage of human nature and is used to
unintentionally reveal vital information. This includes:
¾ Shoulder Surfing – Looking over a user’s shoulder as a password is entered for
example.
¾ Helpdesk Call – Logging an urgent call with the helpdesk, posing as another user and
getting the password reset for example.
¾ Post-It Notes – It is amazing how much sensitive information can be found on notice
boards or people’s desks.
¾ Email Deception – This is where an attacker sends a user an email requesting
authentication (username and password) before the user can continue.
¾ Technical Engineering – Hosts that are connected to a network, particularly the Internet, have to
give out a certain amount of information. Most though, give out far too much. An attacker can
exploit this to gain technical information about the system and other systems connected to it on
the local network. These include:
¾ ping – Using the ping command with various options tests not only the reachability of a
system, but also other information, such as the route taken to get to the system and the
IP address of the hostname.
¾ tracerouteUsing this utility traces the precise route to the target system, identifying
all the routers on the way.
¾ rpcinfo – The rpcinfo command provides details of a remote host and the RPC services
it is running, as shown here when using the –p option, it reveals a large amount of
information:
# rpcinfo -p ultra10
program vers proto port service
100000 4 tcp 111 rpcbind
100000 3 tcp 111 rpcbind