Your SlideShare is downloading. ×
0
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Module 2   Foot Printing
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Module 2 Foot Printing

5,168

Published on

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
5,168
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
238
Comments
0
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. MODULE 2 FOOT PRINTING
  • 2. Objective <ul><li>Overview of the Reconnaissance Phase </li></ul><ul><li>Introducing Footprinting </li></ul><ul><li>Understanding the information gathering methodology of hackers </li></ul><ul><li>Comprehending the Implications </li></ul><ul><li>Learning some of the tools used for reconnaissance phase </li></ul><ul><li>FootPrinting steps </li></ul>
  • 3. Defining Footprinting <ul><li>Footprinting is the blueprinting of the security profile of an organization, undertaken in a methodological manner. </li></ul><ul><li>Footprinting is one of the three pre-attack phases. The others are scanning and enumeration. </li></ul><ul><li>Footprinting results in a unique organization profile with respect to networks (Internet / Intranet / Extranet / Wireless) and systems involved. </li></ul><ul><li>An attacker will spend 90% of the time in profiling an organization and another 10% in launching the attack </li></ul>
  • 4. Information Gathering Methodology <ul><li>Unearth initial information </li></ul><ul><li>Locate the network range </li></ul><ul><li>Ascertain active machines </li></ul><ul><li>Discover open ports / access points </li></ul><ul><li>Detect operating systems </li></ul><ul><li>Uncover services on ports </li></ul><ul><li>Map the Network </li></ul>
  • 5. Unearthing Initial Information <ul><li>Commonly includes : </li></ul><ul><li>Domain name lookup </li></ul><ul><li>Locations </li></ul><ul><li>Contacts (Telephone / mail) </li></ul><ul><li>Information Sources : </li></ul><ul><li>Open source </li></ul><ul><li>Whois </li></ul><ul><li>Nslookup </li></ul><ul><li>Hacking Tool : </li></ul><ul><li>Sam Spade </li></ul>
  • 6. Finding a Company’s URL &amp; Info. <ul><li>Search for a company’s URL using a search engine such as www.google.com </li></ul><ul><li>Type the company’s name in the search engine to get the company URL </li></ul><ul><li>Google provides rich information to perform passive reconnaissance </li></ul><ul><li>Check newsgroups, forums, and blogs for sensitive information regarding the network </li></ul>
  • 7. People Search
  • 8. People Search Website
  • 9. Satellite Picture of a Residence
  • 10. Public and Private Websites
  • 11. DNS Enumerator
  • 12. SpiderFoot <ul><li>SpiderFoot is a free, open-source, domain footprinting tool which will scrape the websites on that domain, as well as search Google,Netcraft, Whois, and DNS to build up information like: </li></ul><ul><ul><li>Subdomains </li></ul></ul><ul><ul><li>Affiliates </li></ul></ul><ul><ul><li>Web server versions </li></ul></ul><ul><ul><li>Users (i.e. /~user) </li></ul></ul><ul><ul><li>Similar domains </li></ul></ul><ul><ul><li>Email addresses </li></ul></ul><ul><ul><li>Netblocks </li></ul></ul>
  • 13. SpiderFoot
  • 14. Web Data Extractor Tool
  • 15. Additional Footprinting Tools <ul><li>Whois </li></ul><ul><li>Nslookup </li></ul><ul><li>ARIN </li></ul><ul><li>Neo Trace </li></ul><ul><li>VisualRoute Trace </li></ul><ul><li>SmartWhois </li></ul><ul><li>eMailTrackerPro </li></ul><ul><li>Website watcher </li></ul><ul><li>Google Earth </li></ul><ul><li>GEO Spider </li></ul><ul><li>HTTrack Web Copier </li></ul><ul><li>E-mail Spider </li></ul>
  • 16. Whois Lookup <ul><li>With whois lookup, you can get personal and contact information </li></ul><ul><ul><li>For example, www.samspade.com </li></ul></ul>
  • 17. Whois Registrant: targetcompany (targetcompany-DOM) # Street Address City, Province State, Pin, Country Domain Name : targetcompany.COM Domain servers in listed order: NS1.WEBHOST.COM XXX.XXX.XXX.XXX NS2.WEBHOST.COM XXX.XXX.XXX.XXX Administrative Contact: Surname, Name (SNIDNo-ORG) t [email_address] targetcompany (targetcompany-DOM) # Street Address City, Province, State, Pin, Country Telephone: XXXXX Fax XXXXX Technical Contact : Surname, Name (SNIDNo-ORG) t [email_address] targetcompany (targetcompany-DOM) # Street Address City, Province, State, Pin, Country Telephone: XXXXX Fax XXXXX
  • 18. Online Whois Tools
  • 19. Nslookup <ul><li>Nslookup is a program to query Internet domain name servers. Displays information that can be used to diagnose Domain Name System (DNS) infrastructure. </li></ul><ul><li>Helps find additional IP addresses if authoritative DNS is known from whois. </li></ul><ul><li>MX record reveals the IP of the mail server. </li></ul><ul><li>Both Unix and Windows come with a Nslookup client. </li></ul><ul><li>Third party clients are also available – E.g. Sam Spade </li></ul>
  • 20. NSLookup options <ul><li>Switch Function </li></ul><ul><li>nslookup Launches the nslookup program. </li></ul><ul><li>host name Returns the IP address for the specified host name. </li></ul><ul><li>NAME Displays information about the host/domain NAME using default server </li></ul><ul><li>NAME1 NAME2 As above, but uses NAME2 as server </li></ul><ul><li>help or? Displays information about common commands </li></ul><ul><li>set OPTION Sets an option </li></ul><ul><li>domain= NAME Sets default domain name to NAME. </li></ul><ul><li>root = NAME Sets root server to NAME. </li></ul><ul><li>retry= X Sets number of retries to X. </li></ul><ul><li>timeout= X Sets initial timeout interval to X seconds. </li></ul><ul><li>type= X </li></ul>
  • 21. Types of DNS Records
  • 22. Locate the Network Range <ul><li>Commonly includes: </li></ul><ul><li>Finding the range of IP addresses </li></ul><ul><li>Discerning the subnet mask </li></ul><ul><li>Information Sources: </li></ul><ul><li>ARIN (American Registry of Internet Numbers) </li></ul><ul><li>Traceroute </li></ul><ul><li>Hacking Tool : </li></ul><ul><li>NeoTrace </li></ul><ul><li>Visual Route </li></ul>
  • 23. Traceroute <ul><li>Traceroute works by exploiting a feature of the Internet Protocol called TTL, or Time To Live. </li></ul><ul><li>Traceroute reveals the path IP packets travel between two systems by sending out consecutive UDP packets with ever-increasing TTLs . </li></ul><ul><li>As each router processes a IP packet, it decrements the TTL. When the TTL reaches zero, it sends back a &amp;quot;TTL exceeded&amp;quot; message (using ICMP ) to the originator. </li></ul><ul><li>Routers with DNS entries reveal the name of routers, network affiliation and geographic location . </li></ul>
  • 24. Trace Route Analysis
  • 25. Trace Route Analysis
  • 26. Tool: NeoTrace (Now McAfee Visual Trace) NeoTrace shows the traceroute output visually – map view, node view and IP view
  • 27. Tool: VisualRoute Trace
  • 28. Tool: Path Analyzer Pro - http://vostrom.com
  • 29. Path Analyzer Pro Screenshot
  • 30. Path Analyzer Pro Screenshot
  • 31. Path Analyzer Pro Screenshot
  • 32. GoogleEarth
  • 33. GoogleEarth Showing Pentagon
  • 34. Tool: SmartWhois SmartWhois is a useful network information utility that allows you to find out all available information about an IP address, host name, or domain, including country, state or province, city, name of the network provider, administrator and technical support contact information Unlike standard Whois utilities, SmartWhois can find the information about a computer located in any part of the world, intelligently querying the right database and delivering all the related records within a few seconds.
  • 35. Tool: eMailTrackerPro eMailTrackerPro is the e-mail analysis tool that enables analysis of an e-mail and its headers automatically and provides graphical results
  • 36. How to Setup a Fake Website?
  • 37. How to Setup a Fake Website?
  • 38. Website Stealing Tool: Reamweaver <ul><li>Reamweaver has everything you need to instantly “steal&amp;quot; anyone&apos;s website, copying the real-time &amp;quot;look and feel&amp;quot; but letting you change any words, images, etc. that you choose </li></ul><ul><li>When a visitor visits a page on your stolen (mirrored) website, Reamweaver gets the page from the target domain, changes the words as you specify, and stores the result (along with images, etc.) in the fake website </li></ul><ul><li>With this tool your fake website will always look current, Reamweaver automatically updates the fake mirror when the content changes in the original website </li></ul><ul><li>Download: http://www.eccouncil.org/ cehtools/reamweaver.zip </li></ul>

×