Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Getting Printer IP Addresses Prior to Pen Testing - Question About D

from [Josh Perrymon] Network Security [Permanent Link]
Subject: RE: Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP
Date: Thu, 22 Sep 2005 06:28:43 -0500 
I think there are a couple ways to go about this.

Printers are like servers on a network and the IP address should be
static not DHCP.  What I always do is first perform an nmap scan of the
target subnet and perform analysis on the network hosts. I then
determine what OS and the function of each server. I then group the
machines based on Role / functionality. It's easy to spot printer in the
nmap scan- Mostly port 9100 for HP so on...  You can manually find this
info by telnetting to port 80 to verify.

I then create an exclude list for nessus and also ip lists to scan from
...

So each nessus scan excludes the printers every time to be safe and only
the IPs I specify in the .txt files are scanned. This makes the analysis
easier and expected results for a list of web servers.

Hope this helps!

Joshua Perrymon
Network Armor

-----Original Message-----
From: Marjorie Rintoul [mailto:mrintoul2@hotmail.com] 
Sent: Tuesday, September 20, 2005 2:35 PM
To: pen-test@securityfocus.com
Subject: Getting Printer IP Addresses Prior to Pen Testing - Question
About DHCP

DHCP allocates IP addresses dynamically.  How does DHCP know which
(fixed 
printer) IP addresses to stay away from?  Does anyone know of a way to
get 
this list?



------------------------------------------------------------------------
------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on
your 
website. Up to 75% of cyber attacks are launched on shopping carts,
forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are 
futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before
hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
------------------------------------------------------------------------
-------





------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Passwords with Lan Manager (LM) under Windows, Craig Wright
Next by Date:  PT Activity duration/time, BSK
Previous by Thread:  Re: Getting Printer IP Addresses Prior to Pen Testing - Question About DHCP, Brendan Murray
Next by Thread:  Topology discover, RSMC
Indexes:  [Date] [Thread] [Top] [All Lists]