Breaking into corporate enterprises, governments etc.

euser1984

Firstly, please don't make assumptions about me or my motives but I am curious as to how potential attackers would get ip address' of target networks...

I know many things about this area (it's an area I am constantly close to due to working in the industry) - what baffles me is the idea that companies or organisations like these would host email or their website on their own dmz zones on their own networks....even for files these days and the benefits of the cloud (with encrypted data of course)...so, where do they get ip address'? What kind of machines are exposed to the internet that are directly connected to sensitive internal networks.

I know that you have factors like ERP systems and the like but your talking about VPN's there and finding the ip address of mobile computers?

I know that money is always going to be a factor but I imagine that's where the price is based "somewhat" to get the business for these hosting companies? Plus the likes of expertise and redundancy you get with some of the bigger companies.

Gone Drinking

I work in the enterprise IT sector. From my limited knowledge on the security side of things I can say that believe it or not there's a lot of social engineering involved in many cases. People ringing pretending to be an employee, name dropping someone who they know works in a certain department and saying that they said you're to give me the following details. A lot of information has been gotten through this sort of method.

Other than that, looking for holes/back doors in sites. Port scanning the internet and just getting lucky that a certain company has a certain port open to a certain back end device.

There's alot to it I'd imagine, i'm just skimming the surface on the methods I'm aware of.

[Edit: For some reason I thought this was Afterhours, which is why I annouced that I work in the IT sector. I also dumbed it down a bit as well! ]

JuneJones

euser1984 wrote: »

Firstly, please don't make assumptions about me or my motives but I am curious as to how potential attackers would get ip address' of target networks...

I know many things about this area (it's an area I am constantly close to due to working in the industry) - what baffles me is the idea that companies or organisations like these would host email or their website on their own dmz zones on their own networks....even for files these days and the benefits of the cloud (with encrypted data of course)...so, where do they get ip address'? What kind of machines are exposed to the internet that are directly connected to sensitive internal networks.

I know that you have factors like ERP systems and the like but your talking about VPN's there and finding the ip address of mobile computers?

I know that money is always going to be a factor but I imagine that's where the price is based "somewhat" to get the business for these hosting companies? Plus the likes of expertise and redundancy you get with some of the bigger companies.

if you send them an email and they reply isn't their ip in the header?

Cuddlesworth

Larger cooperation's have IP address blocks assigned to them. So its easy enough to target them. Most vulnerabilities are simply picked up through IP scanners which run scripts on known weak points.