Network Reconnaissance. What is?. Military reconnaissance a mission conducted to confirm or deny prior intelligence (if any) about enemy threat and or the terrain of a given area. Network reconnaissance process of acquiring information about a network. Why?.
What range of IP addresses are available for scanning and further enumeration
Common Tools : whois
Google Advanced Operators
> server = A.B.C.D
> ls somedomain.com
> set type = MX
Launch a probe packet towards DST, with a TTL of 1
Every router hop decrements the IP TTL of the packet by 1
When the TTL hits 0, packet is dropped, router sends ICMP TTL Exceed packet to SRC with the original probe packet as payload
SRC receives this ICMP message, displays a traceroute “hop”
Repeat from step 1, with TTL incremented by 1 each time, until..
DST host receives probe, returns ICMP Dest Unreachable
$ traceroute www.hellers.com
$ traceroute www.mit.edu
Gained enough information to build network map
Network mapping provides the hacker with a blueprint of the organization.
May use manual or automated ways to compile this information