Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Finding Virtual ips

from [Clemens, Dan] Network Security [Permanent Link]
Subject: RE: Finding Virtual ips
Date: Wed, 22 Feb 2006 10:33:50 -0600 
 

Josh,


Hey guys,
What techniques do you recommend to find virtual IPs on a specific host

IP address?

Ex- victim 10.1.1.1   


In this case is 10.1.1.1 a metaphor for a external IP or internal IP?
If you are looking for virtual hosts being hosted on a webserver you may
want to look for tools on the internet that will let you view ( multiple
)previously cached A records that will map to one particular IP, this
would indicate virtual hosting is going on a webserver so you can look
for multiple vulnerabilities on each hosted environment.

Also try looking at the victims website and see if they give up a list
of their customers, or search google for customers that may have
brand-x's (hosting companies) logo on their site stating they host with
brand-x.


If you browse directly you get an ISA error saying that you must

provide the specific URL.. This makes me think it >is a virtual host

If you are getting ISA server errors then you are probably wanting to
ask the question 'what uri's will this ISA server pass to the app
server'.


Have used the MSNpawn program with no luck.. also IP:10.1.1.1 searches

on the net...

Try asking more questions about what you can see on the server and see
how it is setup before jumping to using 'insert tool here'.

-Daniel


-----------------------------------------
Confidentiality Notice: This e-mail communication and any
attachments may contain confidential and privileged information for
the use of the designated recipients named above. If you are not
the intended recipient, you are hereby notified that you have
received this communication in error and that any review,
disclosure, dissemination, distribution or copying of it or its
contents is prohibited. If you have received this communication in
error, please notify me immediately by replying to this message and
deleting it from your computer. Thank you.


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Bootable CD Attack disk - Bootable USB, Petr . Kazil
Next by Date:  Re: Finding Virtual ips, thomas springer
Previous by Thread:  Re: Finding Virtual ips, Cedric Blancher
Next by Thread:  Reason 0.4.0 Nessus Client (new Command Line Interface), jszatmary
Indexes:  [Date] [Thread] [Top] [All Lists]