The documents distributed by this server have been provided by the contributing authors as a means to ensure timely dissemination of scholarly and technical work on a noncommercial basis. Copyright and all rights therein are maintained by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's copyright. These works may not be reposted without the explicit permission of the copyright holder.
Publications of SPCL
|Remote Network Analysis|
(21. Chaos Communication Congress. In 21C3 Proceedings, presented in Berlin, Germany, pages 33-37, ISBN: 3-934636-02-0, Dec. 2004)
AbstractIt is often necessary to collect information about remote sys- tems without having direct shell access to them. Additional knowledge about the system's (operating system and user space) software and the network structure is very helpful for identifying possible attack scenarios which could finally lead to a compromise of the remote system or network. Most systems are accessible from the internet through the IP protocol suite but often protected by a more or less sophisticated firewall/packetfilter. This paper presents a collection of techniques which can be used to map hosts and networks without leaving any traces to Intrusion Detection Systems (IDS).