Enumeration can best be defined as the process of counting. From a security standpoint, it's the process the attacker follows before an attack. The attacker is attempting to count or identify systems and understand their role or purpose. This may mean the identification of open ports, applications, vulnerable services, DNS or NetBIOS names, and IP addresses before an attack.
This chapter looks at the process of enumeration. It explores how enumeration is executed and looks at ways to reduce the effectiveness of enumeration by attackers. In enumeration, the goal is to look for user account information, system groups and roles, passwords, unprotected shares, applications, and banners, and attempt to identify network resources. You also might want to include obtaining Active Directory information. This process fits in well with the network security lab you have constructed, as here is the place to test your enumeration skills, yet also implement different types of defensive measures to see how well they work. The overall goal is to use the lab to learn how to defeat those that attempt enumeration maliciously.
Many people might think of enumeration as just a Windows type of activity. That is actually untrue, as enumeration can be performed against many other different types of systems and services, including the following:
Simple Network Management Protocol (SNMP)
Other vulnerable services (such as web servers, SQL servers, and applications ...