1 / 19

FootPrinting

FootPrinting. CS391. Overview. What is footprinting? Main steps of footprinting. What is Footprinting?. Create a complete profile of an organization’s security posture using a set of tools and techniques.

dlincoln
Download Presentation

FootPrinting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. FootPrinting CS391

  2. Overview • What is footprinting? • Main steps of footprinting.

  3. What is Footprinting? • Create a complete profile of an organization’s security posture using a set of tools and techniques. • The profile usually includes detailed information about IP addresses and blocks, range of domain names, remote access, intranet structure, systems connected to the Internet …etc.

  4. Main Steps • Usually, the process involves six steps: • Determine scope of activities. • Get proper authorization. • Collect publicly available information • WHOIS and DNS enumeration • DNS Interrogation • Network Reconnaissance

  5. Determine Scope of Activities • Organization networks are usually very large. One focuses only on sub-targets.

  6. Get Proper Authorization • Try to gain access to the system using a proper account.

  7. Publicly Available Information • Company websites and pages. • Physical location. • Related organizations. • Privacy, security policies adopted. • Disgruntled employees.

  8. Where can I find the required information?

  9. ICANN Structure

  10. Google Information

  11. Nesma Information

  12. WHOIS and DNS Enumeration • Internet domain names. • IP address numbers. • Protocol parameters and port numbers.

  13. DNS Interrogation: • Many people use nslookup for this purpose:

  14. nslookup

  15. Types of Queries • Type AA simple query for the IP address corresponding to DNS • Type CNAMEA given host can have several DNS names. One of these is the canonical or reference name. • Type MXA mail exchanger query, to discover the real name of the corresponding mail server • Type HINFOAn HINFO query. This is only useful if the DNS domain administrator has bothered to create the relevant records and keep them up to date.

  16. Network Reconnaissance • Traceroute is the tool.

  17. Superscan:

  18. Supersacn

  19. Enumerate

More Related