CHAPTER 4ENUMERATING A UC NETWORK
It pays to be obvious, especially if you have a reputation for subtlety.
Now that an attacker has developed a list of active IP addresses, ports, services, and phone numbers in the UC environment, the next logical step is to probe these potential targets aggressively in search of known weaknesses and vulnerabilities. This process is called enumeration and is more intrusive and noisy than the reconnaissance techniques we have covered so far. In the last chapter, we compared scanning to a modern military’s effort in performing reconnaissance with troops on the ground by probing locations and determining more information about the enemy. Enumeration can best be compared to the same military going ...