Become a Ethical Hacker Step by Step Learning....

What is Footprinting?

  1. Footprinting is the technique of gathering information about computer systems and the entities they belong to. This is done by employing various computer security techniques, as:-- DNS queries. Network enumeration.

  2. Why Is Footprinting Necessary?

  3. Footprinting is necessary for one basic reason: it gives you a picture of what the hacker sees. And if you know what the hacker sees, you know what potential security exposures you have in your environment. And when you know what exposures you have, you know how to prevent exploitation.
  4. Hackers are very good at one thing: getting inside your head, and you don’t even know
    it. They are systematic and methodical in gathering all pieces of information related to
    the technologies used in your environment. Without a sound methodology for performing
    this type of reconnaissance yourself, you are likely to miss key pieces of information
    related to a specific technology or organization—but trust me, the hacker won’t.
  5. Be forewarned, however, footprinting is often the most arduous task of trying to
    determine the security posture of an entity; and it tends to be the most boring for freshly
    minted security professionals eager to cut their teeth on some test hacking. However,
    footprinting is one of the most important steps and it must be performed accurately and
    in a controlled fashion.

INTERNET FOOTPRINTING:

It is difficult to provide a step-by-step guide on footprinting because it is an activity
that may lead you down many-tentacled paths. However, this article delineates basic
steps that should allow you to complete a thorough footprinting analysis. Many of these
techniques can be applied to the other technologies mentioned earlier.

Step 1: Determine the Scope of Your Activities:

The first item of business is to determine the scope of your footprinting activities. Are
you going to footprint the entire organization, or limit your activities to certain subsidiaries
or locations? What about business partner connections (extranets), or disaster-recovery
sites? Are there other relationships or considerations? In some cases, it may be a daunting
task to determine all the entities associated with an organization, let alone properly
secure them all. Unfortunately, hackers have no sympathy for our struggles. They exploit
our weaknesses in whatever forms they manifest themselves. You do not want hackers
to know more about your security posture than you do, so figure out every potential
crack in your armor.

Step 2: Get Proper Authorization:

One thing hackers can usually disregard that you must pay particular attention to is
what we techies affectionately refer to as layers 8 and 9 of the seven-layer OSI Model—Politics and Funding. These layers often find their way into our work one way or another,
but when it comes to authorization, they can be particularly tricky. Do you have
authorization to proceed with your activities? For that matter, what exactly are your
activities? Is the authorization from the right person(s)? Is it in writing? Are the target IP
addresses the right ones? Ask any penetration tester about the “get-out-of-jail-free card,”
and you’re sure to get a smile.While the very nature of footprinting is to tread lightly (if at all) in discovering publicly available target information, it is always a good idea to inform the powers that
be at your organization before taking on a footprinting exercise.

Step 3: Publicly Available Information:

After all these years on the web, we still regularly find ourselves experiencing moments
of awed reverence at the sheer vastness of the Internet—and to think it’s still quite young!
Setting awe aside, here we go…
Publicly Available Information
Popularity: 9
Simplicity: 9
Impact: 2
Risk Rating: 7
The amount of information that is readily available about you, your organization, its
employees, and anything else you can image is nothing short of amazing.
So what are the needles in the proverbial haystack that we’re looking for?

Company web pages
• Related organizations
• Location details
• Employees: phone numbers, contact names, e-mail addresses, and personal
details
• Current events: mergers, acquisitions, layoffs, rapid growth, and so on
• Privacy or security policies and technical details indicating the types of security
mechanisms in place
• Archived information
• Disgruntled employees
• Search engines, Usenet, and resumes
• Other information of interest

Company Web Pages

In addition, try reviewing the HTML source code for comments. Many items not
listed for public consumption are buried in HTML comment tags, such as <, !, and --.
Viewing the source code offline may be faster than viewing it online, so it is often
beneficial to mirror the entire site for offline viewing, provided the website is in a format
that is easily downloadable—that is, HTML and not Adobe Flash, usually in a Shockwave
Flash (SWF) format. Having a copy of the targeted site locally may allow you to
programmatically search for comments or other items of interest, thus making your
footprinting activities more efficient. A couple of tried and true website mirroring tools are

• Wget (http://www.gnu.org/software/wget/wget.html) for UNIX
• Teleport Pro (http://www.tenmax.com) for Windows

Be sure to investigate other sites beyond the main “http://www” and “https://
www” sites as well. Hostnames such as www1, www2, web, web1, test, test1, etc., are all
great places to start in your footprinting adventure. But there are others, many others.
Many organizations have sites to handle remote access to internal resources via a
web browser. Microsoft’s Outlook Web Access is a very common example. It acts as a
proxy to the internal Microsoft Exchange servers from the Internet. Typical URLs for this
resource are https://owa.example.com or https://outlook.example.com. Similarly,
organizations that make use of mainframes, System/36s or AS/400s may offer remote
access via a web browser via services like WebConnect by OpenConnect (http://www
.openconnect.com), which serves up a Java-based 3270 and 5250 emulator and allows for
“green screen” access to mainframes and midrange systems such as AS/400s via the
client’s browser.Virtual Private Networks (VPN) are very common in most organizations as well, so
looking for sites like http://vpn.example.com, https://vpn.example.com, or http://www
. example.com/vpn will often reveal websites designed to help end users connect to their
companies’ VPNs. You may find VPN vendor and version details as well as detailed
instructions on how to download and configure the VPN client software. These sites may
even include a phone number to call for assistance if the hacker—er, I mean, employee—
has any trouble getting connected.

Comments

Post a Comment

Popular posts from this blog

Ethical Hacking Tutorials in Hindi Part-1

हैकिंग क्या है ? एक परिचय। ....  दोस्तों हैकिंग के लिए कई परिभाषाये अगर आप किसी समूह में हैकिंग की परिभाषा पूछते है तो आपको सबसे अलग अलग उत्तर मिलेंगे और इसका कारन यह है की हर बार हर कोई इसका जवाब अपनी राय में देता है और मेरी राय यह जायज है क्योकि हैकर की परिभाषा सबकी अपनी सोच की हिसाब से सही है ।  1990 के दसक में हैकर शब्द का उपयोग एक महान प्रोग्रामर का वर्णन करने  के लिए किया गया था जो की एक complex Logic का निर्माण कर सकता था ।लेकिन आज के समय में हैकिंग शब्द का नकारात्मक मतलब समझते है लोग ऐसा समझते है की हैकर  वो होता है जो किसी भी कंप्यूटर को हैक करने के नए नए तरीके ढूंढता है । लेकिन ऐसा नही है कुछ हैकर ऐसे होते है जो किसी कंपनी या फिर सिक्योरिटी के लिए होते और उनके सिस्टम को हैकिंग से बचाने के उनकी मदद करते है । देखा जाये तो आजकल इनको कई केटेगरी में बाँट दिया गया है जो की आप जानते होगे और नाम भी सुना होगा नीचे  मै आपको बताने जा रहा हूँ ।  1. White Hat Hacker :-  दोस्तों इस तरह के हैकर को एक नाम से और जानते है जिन्हे हम Ethical Hacker भी कहते है । इस तरह के हमारी securi
Read more

Indian Cyber Law in Hindi IT Act 2000

अपराध ऐतिहासिक है । यह अतीत से चलता आ रहा है जो की चोरी, धोखाधड़ी, जालसाजी और अवैध गतिविधियों में शामिल है ।  कंप्यूटर से होने वाले अपराध ने एक नए अपराध साइबर अपराध को जन्म दिया । जिसके कारण एक अधिनियम पास किया गया जिसे आईटी अधिनियम २०००  रूप  में जाना जाता है ,  जो की इंटरनेट पर साइबर अपराध को कम करने के  नज़र रखता है । इंटरनेट पर अपराध को कम करने के लिए भारत ने साइबर लॉ पारित किया । लोग अक्सर जाने अनजाने में इंटरनेट पर कुछ गलतिया कर देते है और उन्हें ये नही पता होता की इस गलती की सजा भी हो सकती है , इसलिए अगर आप साइबर नियम के अनुसार चलेंगे तो आप इंटरनेट पर सुरक्षित रह सकते है । आजकल सोशल मीडिया पर हम कुछ भी शेयर कर देते है, लेकिन सबसे जादा अपराध सोशल मीडिया से ही हो रहा है, इसलिए साइबर नियम पालन करते हुए अगर आप सोशल मीडिया उपयोग करते है तो आप उस पर भी सुरक्षित रह सकते है ।  साइबर नियम के प्रति जारुक रहिये और दुसरो को भी जागरूक करिये ।  साइबर नियम कहा कहाँ लागू होता है -  १. बेसिक इंटरनेट सुरक्षा ।  २. भारतीय साइबर कानून पर बुनियादी जानकारी ।  ३. टेक्नोलॉजी की सहायता से अपराध
Read more

Hacking Terminologies

Image
ESSENTIAL TERMINOLOGIES: First important thing is to understand the following terms to know about Security issues and Ethical Hacking. HACK VALUE:  Hack value is the notion among hackers that something is worth doing or is interesting. A solution or feat implies hack value if it is done in a way that has cleverness or brilliance.  Activities with hack value do not depend on being useful or important . They depend on being challenging. They depend on requiring some skill. For Example – Picking a very difficult lock has hack value – it is difficult/challenging to do, and doing it shows off the skill of the doer. Breaking the same lock with something really heavy has zero hack value. EXPLOIT:  An exploit is an attack on a computer system, especially one that takes advantage of a particular vulnerability that the system offers to intruders. Many crackers take pride in keeping tabs of such exploits and post their exploits and discovered vulnerabilities on a Web site t
Read more