In: Computer Science
Cybersecurity: Ethical Hacking
1. Authenticated vs. Unauthenticated Enumeration
a. What is the difference?
i. Give one example of a service and what additional information would be available once authenticated.
In Ethical Hacking,the initial phase is "Information Gathering" of the victim .Enumeration belongs to this first phase of Ethical Hacking. Information gathered in Enumeration:-
a)
Authenticated Enumeration | Unauthenticated Enumertion |
Only authorized/verified users access the information | Anyone can access the information |
Extra features like privacy | No extra feature available |
additional information available | No additional information available |
i)An example of a service: LDAP(Lightweight Directory Access Protocol)
:: Additional Information ::
Once authenticated ,the user can access a variety of attributes stored in the LDAP directory database.
For example -- Once you get authenticated you can now have access to different attributes like address,phone number,group associations andmore apart from the username and password you had earlier.