Basics of Ethical Hacking Chapter 2: Footprinting

 

 

Footprinting

·       Footprinting is the first and most convenient way that hackers use to gather information about computer systems or a network and about the devices that are attached to this network.

·       In footprinting a penetration tester used to evaluate the security of any IT infrastructure.

·       Footprinting is a first and the important step because after a penetration tester know how the hacker sees this network.

 

Types of footprinting

·       Passive footprinting: in passive footprinting attacker collect information without knowing target. In other words we can say that in passive footprinting attacker don’t know about the target, collect information from different activities lik google search, IP address, DNS lookup etc.

·       Active footprinting: in active footprinting attacker knows about the target and collect the information by mirroring websites, e-mail tracing, pinging etc.

Various steps of information gathering

·       Website footprinting

·       E-mail footprinting

·       Footprinting through search engine

·       DNS footprinting

·       Network footprinting

·       People search online service (zaba search, 123people search, white pages, yellow pages etc.)

·       Footprinting through social networking sites (facebook, linkdin, twitter etc.)

Website footprinting

·       Mirroring websites (websites ripper copier, teleport pro, imiser, httrack, gnu Wget etc.)

·       Extract website information (archieve.org, waybackmachine, website watcher)

·       Whois lookup (smart whois)

E-mail footprinting

·       Collect information from e-mail header.

·       E-mail tracking tools (rrad notify, who readme, get notify, zendio etc.)

Footprinting using google

·       Using google hack database

·       Google dork

·       Google hcking tool (metagoofil, BILE suite, Gmap catcher etc.)

DNS footprinting

·       DNS Interrogration tools (dnsstuff.com,network-tool.com)

·       MX-Points to domains mail server

·       QNS-Points to host name server

·       QCNAME-Canonical naming g allows aliases to a host

·       QSOA-Indicate authority fordomain

·       QSRV-Servicere cords

·       QPTR-Maps IP  address to a host name

·        

·       6RP-Responsiple person

Network footprinting

·       Tracert tools (visual route, path analyser pro, magic NETtrace, ping plotter)

·       SHOWDAN search engine (operating system information)

Other ways to gain information

Eavesdropping

·       Eavesdropping is the act of secretly listening to the conversations of the people over a phone or video conference without their consent it also includes reading secret massages from communication medi a such as instant messaging or fax transmissions. Thus , it is basically the act of intercepting communication without the consent of the communicating parties.

·       The attacker gains confidential information by tapping the phone.

 

Shoulder surfing

With this technique, an attacker stands behind the victim and secretly observes the victim’s activities on the computer such key strokes while entering usernames, passwords etc. this technique is commonly used to gain passwords, PINs, security codes, account numbers, credit card information and similar data. It can be performed in a crowded place as it is relatively easy to stand behind the victim without his or her knowledge

 

Dumpster diving

This technique is also known as trashing, where the attacker looks for information in the target company’s dumpster. The attacker may gain vital information such as phone bill, contact information, financial information, operations-related information, printouts of source codes, sensitive information etc. from the target company’s trash bins, printer trashbins etc

The obtained info can be helpful for the attacker to commit attacks.