CEH v12 Module 04: Enumeration is a crucial phase in ethical hacking and penetration testing, where the goal is to gather information about a target network or system.
During this phase, an attacker aims to discover as much detail as possible about the target, such as active hosts, open ports, services running on those ports, and potential vulnerabilities.
Here is an overview of CEH Module 4 enumeration techniques for Border Gateway Protocol (BGP) and Network File Sharing (NFS), along with associated countermeasures:
- Border Gateway Protocol (BGP) Enumeration: BGP is a standardized exterior gateway protocol used to exchange routing and reachability information among autonomous systems (ASes) on the internet. Attackers may try to enumerate information related to BGP for various reasons, including identifying potential points of network manipulation.
- Techniques:
- Route Table Analysis: Analyzing BGP route tables can reveal information about the network’s topology and potential points of compromise.
- BGP Route Injection: Attempting to inject malicious BGP routes to manipulate traffic and redirect it through controlled systems.
- Countermeasures:
- BGP Monitoring: Regularly monitor BGP route tables for any unexpected changes.
- BGP Prefix Filtering: Implement prefix filters to restrict the acceptance of unauthorized BGP route advertisements.
- Resource Public Key Infrastructure (RPKI): Use RPKI to cryptographically verify the authenticity of BGP route announcements.
- Techniques:
- Network File Sharing (NFS) Enumeration: NFS allows file systems to be shared over a network, and improper configurations can lead to unauthorized access and potential exploits.
- Techniques:
- Port Scanning: Identify systems with open NFS ports (e.g., TCP/UDP 2049).
- Mount Point Enumeration: Enumerate available NFS mount points on a target system.
- File and Directory Enumeration: List files and directories accessible through NFS shares.
- Countermeasures:
- Firewall Configuration: Restrict access to NFS ports based on trusted IP addresses.
- Secure NFS Configurations: Implement secure NFS configurations, such as using the secure NFS version (NFSv4) and enforcing authentication mechanisms.
- Access Controls: Set proper access controls on NFS shares to limit unauthorized access.
- Techniques:
- General Enumeration Countermeasures:
- Regular Audits: Conduct regular security audits to identify and rectify vulnerabilities.
- Intrusion Detection Systems (IDS): Implement IDS to detect and respond to suspicious activities during the enumeration phase.
- Network Segmentation: Segregate network segments to limit the impact of unauthorized access.
- Regular Patching: Keep systems and software up-to-date to patch known vulnerabilities.
It’s important to note that all penetration testing activities should be performed with proper authorization, following ethical guidelines, and by legal and regulatory requirements. Unauthorized access to computer systems is illegal and unethical.
