Defining Foot printing

Posted: May 24, 2013 in Uncategorized

image

* Foot printing is the
blueprinting of the security profile of an organization, undertaken in a methodological manner.
*Foot printing is one of the
three pre-attack phases. The others are scanning and enumeration.
*Foot printing results in a
unique organization profile with respect to networks (Internet / Intranet / Extra net / Wireless) and systems involved.
There is no single methodology for foot printing, as a hacker can
choose several routes to trace the information. Foot
printing therefore, needs to be carried out precisely and in an organized manner. The information unveiled at various network levels can include details of domain name, network blocks, network services and applications, system
architecture, intrusion
detection systems, specific IP addresses, access control mechanisms and related lists, phone numbers, contact addresses, authentication mechanisms and system enumeration.
The information gathering
activity can be broadly
divided into seven phases:
The attacker would first unearth initial information (such as domain name),locate the network range of the target system (using tools such as Nslookup, whois etc), ascertain the active machines (for instance by pinging the machine), discover open ports or access points (using tools such as port scanners), detect operating systems (for instance querying with telnet), uncover services on ports and ultimately map the network.
This not only speeds up the real attack process, but also aids in helping the attacker prepare better for covering his tracks and thereby leave a smaller or minimal footprint.
Initial Information Commonly includes:

*Domain name lookup
*Locations
*Contacts (Telephone / mail)
Information Sources:
Open source
Who is
Nslookup
Hacking Tool: Sam Spade
Open Source Foot printing is the easiest and safest way to go about finding information about a company Information that is available to the public, such as phone numbers, addresses, etc.
Performing whois requests searching through DNS tables are other forms of open source foot printing. Most of this information is fairly easy to get, and within legal limits. One easy way to check for sensitive information is to check the HTML source code of the website to look for links, comments, Meta. tags etc

image

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s