Different from scanning or footprinting, the enumeration process collects information via actively connecting to targeted systems; the data retrieved from this procedure can be user login information, recent login times, settings for audits, groups and usernames on the network, routing tables, machine names, SNMP and DNS details, and the network’s resources. Port scanning and footprinting are excellent first steps prior to performing enumeration as it grants the necessary attack target’s identification. Once enough information is collected, the attacker can use their skills regarding the target’s operating system to attempt to gain access.

In other words, footprinting and port scanning are similar to scouting missions in the military; this is usually accomplished by sending a small squad to perform reconnaissance to decipher where the threats are, what the terrain is, etc. Once the scouting mission is complete, they would head back to the main group and deliver their information; using this data, the main group would then calculate the most optimal route to take and method of attacking their target. Once the plan is created, enumeration would be then the process of extracting information using already-retrieved mission parameters, or in the case of my example, penetrating defenses and capturing the objective. Port scanning and footprinting are usually non-obtrusive and hidden actions performed to gain the intel needed to facilitate an educated attack (enumeration), which is anything but non-intrusive.

References

Simpson, M. T., & Antill, N. (2017). Hands-On Ethical Hacking and Network Defense. Boston, MA. Cengage Learning.