For security testers as well as hackers, after making themselves adept at performing zone transfers, using the Dig command, and discovering which systems are live in the nonce in a network, the logical next step for them is learning and perfecting the art of enumeration. The process of Enumeration is that of extracting the following info from any given network: the shares or resources associated with the network, the groups or usernames assigned on the above-mentioned network, and the recent login times and passwords of the users.
In order to determine the resources or shares that are there on some network, a security tester must always make use of port scanning and footprinting both so as to first get to know what OS is being used on the systems in the network. For instance, if the network has Windows OS running on it, the testers may use tools specific to it in order to see the shares and perhaps even access its resources if possible.
The Enumeration process, which security testers should beware of, is an intrusive process in terms of its nature and this is even truer because the attempts on the resources are not done just to identify them; they are done also to access them. It is much more serious than any process of passive scanning of some network for finding open ports ever could be.
For instance, at times the process of Enumeration even involves getting to know passwords with the help of guesswork after the username in use at some system has been determined. The NBTscan (“the “NBT” is for NetBIOS over the TCP/IP) is one of the tools that can be used for enumerating Windows OSs.
Once again, this tool may be found among the other, also very useful, tools on board the BackTrack 4 suite for security tools. It is good to learn this process in pairs to have two computers that can enumerate one another.