Footprinting, Scanning, Enumeration
Footprinting: Similar to Windows but using different tools:
Scanning: again similar to Windows with different tools :
- Nmap and Nmapfe: use sudo apt-get install nmap and sudo apt-get install nmapfe to setup. Use sudo nmapfe for graphical interface.
- Countermeasures: Snort and Psionic Port Sentry: documentation. (seen later in IPS/IDS)
Enumeration: UNIX enumeration.
- UNIX Users and group enumeration: finger (see this example) and tftp should be disabled and killed.
- Basic daemons: sendmail, rpc, NFS, NIS -- all have known vulnerabilities, setup and latest security patches should be applied carefully.