"The wise intrusion analyst will devote a lot of attention to the prevention, detection, and reporting of mapping techniques. They know that recon is just part of the game. As attackers amass high-quality information about the layout of networks and distribution of operating systems, they allow themselves to specifically target their attacks. You do not want to allow your organization to get in a one exploit, one kill situation!
The line between exploit/denial of service and recon probe couldn't be thinner. Any exploit that fails (or succeeds) also provides intelligence about the target.
This chapter contains many traces showing information gathering techniques. We will consider some of the ways an attacker might map the network and its hosts. We will take a short look at NetBIOS-specific issues since there are so many deployed Windows systems, and finally examine some of the so-called "stealth" mapping techniques..."
Read the rest of this chapter at:
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer