Footprinting mzl


Published on

Footprinting is the blueprint of the security profile of an organization, undertaken in a methodological manner.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Footprinting mzl

  1. 1. IT Security & Ethical Hacking “FOOTPRINTING” BY Er. Mujmmil Shaikh
  2. 2. Appin Tech 2011 Table of Content 1. Introduction. 2. Why Footprinting Necessary? 3. Areas & Information which attackers seek. 4. Information Gathering Methodology. 5. Competitive Intelligence Gathering. 6. Footprinting Tools. 7. Who is Tools? 8. DNS Information Extraction Tools. 9. Locating Network Range. 10. E-mail Spiders. 11. Locating Network Activity. 12. Search Engines. 13. How to Fake Websites? 14. Summary.ER.MUJMMIL SHAIKH
  3. 3. Appin Tech 2011Introduction Footprinting is the blueprint of the security profile of an organization, undertaken in a methodological manner. Footprinting is one of the three pre attack phases; an attacker spends 90% of the time in profiling an organization and another 10% in launching the attack. Footprinting results in a unique organization profile with respect to Networks (Internet/intranet/extranet/wireless) and systems involved.Why Footprinting Necessary? Footprinting is necessary to systematically and methodicallyEnsure that all pieces of information related to the aforementionedtechnologies are identified. Footprinting is often the most difficult task todetermine the security posture of an entity.ER.MUJMMIL SHAIKH
  4. 4. Appin Tech 2011Areas and information which attackers seekINFORMATION GATHERING 1. Information Gathering Methodology  Unearth initial information.  Locate the network range.  Ascertain active machines.  Discover open ports/access points.  Detect operating systems.  Uncover services on ports.  Map the network.ER.MUJMMIL SHAIKH
  5. 5. Appin Tech 2011 2. Passive Information Gathering Passive Information Gathering meansTo understand the current security status of a particularinformation system, organizations perform either a penetrationtesting or other hacking techniques. It is done by finding outthe freely available details over the internet and by various othertechniques without coming in contact with the organizationsservers. Organizational and other informative websites areexceptions as the information gathering activities carried out by anattacker do not raise suspicion.COMPETITIVE INTELLIGENCE GATHERING Business moves fast. Product cycles are measured inmonths, not years. Partners become rivals quicker than you can say„breach of contract.‟ So how can you possibly hope to keep upwith your competitors if you can‟t keep an eye on them? It is the processof gathering information about your competitors from resourcessuch as the internet. The competitive intelligence is non-interferingand subtle in nature. It is both a product and a process.ER.MUJMMIL SHAIKH
  6. 6. Appin Tech 2011Why do you need competitive intelligence?ER.MUJMMIL SHAIKH
  7. 7. Appin Tech 2011Competitive intelligence tool:1. Trellian Trellian compiles and analyzes internet usage statisticsto create a powerful competitive intelligence tool that no businessshould be withoutER.MUJMMIL SHAIKH
  8. 8. Appin Tech 20112. Web InvestigatorScreenshot:-ER.MUJMMIL SHAIKH
  9. 9. Appin Tech 20113. Relevant Noise.Screenshot:-ER.MUJMMIL SHAIKH
  10. 10. Appin Tech 20114. Reputica Dashboard.Screenshot:-ER.MUJMMIL SHAIKH
  11. 11. Appin Tech 20115. My Reputation. My Reputation finds out everything that is being said about you online and gets rid of the content you do not like.Public & private websitesER.MUJMMIL SHAIKH
  12. 12. Appin Tech 2011FOOTPRINTING TOOLS 1. Big Brother Big brother is designed to see how network is performing in near real-time from any web browser. It displays status information as web pages or WML pages for WAP-enabled devices. Big brother uses a client-server architecture combined with methods which push and pull data. Network testing is done by polling all monitored services from a single machine, and reporting these results to a central location (BBDISPLAY). Big brother include support for testing ftp,http,https,smtp,pop3,dns,telnet,imap,nntp and ssh servers.Screenshot:-ER.MUJMMIL SHAIKH
  13. 13. Appin Tech 2011 2. Bile Suite 3. Alchemy Network Tool.ER.MUJMMIL SHAIKH
  14. 14. Appin Tech 2011 4. Advanced Administrative Tool (AA) 5. My IP SuiteER.MUJMMIL SHAIKH
  15. 15. Appin Tech 2011WHOIS TOOLS 1. Active whois.Screenshot:-ER.MUJMMIL SHAIKH
  16. 16. Appin Tech 2011 2. LAN Whois.Screenshot:-ER.MUJMMIL SHAIKH
  17. 17. Appin Tech 2011 3. Country Whois.Screenshot:-ER.MUJMMIL SHAIKH
  18. 18. Appin Tech 2011 4. Whereisip.Screenshot:-ER.MUJMMIL SHAIKH
  19. 19. Appin Tech 2011 5. IP2country. Screenshot:-ER.MUJMMIL SHAIKH
  20. 20. Appin Tech 2011 6. Caller IP. Screenshot:-ER.MUJMMIL SHAIKH
  21. 21. Appin Tech 2011 7. Web Data Extractor Tool. 8. Online Whois Tools.ER.MUJMMIL SHAIKH
  22. 22. Appin Tech 2011DNS INFORMATION EXTRACTION TOOLS1. Spider Foot. Spider foot is a free, open-source, and domainfoot printing tool which will scrape the websites on thatdomain, as well as search Google, Netcraft, Whois, andDNS to build up information like:  Sub domains.  Affiliates.  Web server versions.  Users.  Similar Domains.  Email Addresses.  Net blocks. Screenshot:-ER.MUJMMIL SHAIKH
  23. 23. Appin Tech 20112. Nslookup. Screenshot:-ER.MUJMMIL SHAIKH
  24. 24. Appin Tech 2011 3. Expired Domains. Screenshot:-ER.MUJMMIL SHAIKH
  25. 25. Appin Tech 2011 4. Domain king. Screenshot:-ER.MUJMMIL SHAIKH
  26. 26. Appin Tech 2011 5. Domain Name Analyzer. Screenshot:-ER.MUJMMIL SHAIKH
  27. 27. Appin Tech 2011 6. Domain Inspect. Screenshot:-ER.MUJMMIL SHAIKH
  28. 28. Appin Tech 2011LOCATING NETWORK RANGE 1. Commonly includes:  Finding the range of IP addresses.  Discerning the subnet mask. 2. Information Sources:  ARIN (American registry of internet Numbers).  Trace route. 3. Hacking Tool:  NeoTrace.  Visual Route.ARIN Arin allows searches on the whois database to locateinformation on a network‟s autonomous system numbers(ASNs), network-related handles, and other related point ofcontact (POC). ARIN whois allows querying the IPaddress to find information on the strategy used for subnetAddressing.ER.MUJMMIL SHAIKH
  29. 29. Appin Tech 2011Trace route Trace route works by exploiting a feature of the internetprotocol called TTL or Time to Live. Trace route reveals the path IP packets travel betweentwo systems by sending out consecutive setsOf UDP or ICMP packets with ever increasing TTLs. As each router processes an IP packet, itdecrements the TTL, when the TTL reaches zero, that router sends back a“TTL exceeded” message (Using ICMP) to the originator. Routers withreverse DNS entries may reveal the name of routers, network affiliation, andgeographic location. Screenshot:-ER.MUJMMIL SHAIKH
  30. 30. Appin Tech 2011Trace Route Analysis It is a program that can be used to determine the pathfrom source to destination. By using this information, an attackerdetermines the layout of a network and the location of each device. For example: after running several trace routes, an attackermight obtain the following information.  Trace route, second to last hop is  Trace route, third to last hop is  Trace route, second to last hop is  Trace route, third to last hop is  Trace route, second to last hop is SHAIKH
  31. 31. Appin Tech 2011E-MAIL SPIDERS Have you ever wondered how spammers generate a hugemailing database? They pick tons of e-mail addresses by searchingin the internet. All they need is a web spidering tool picking up e-mail addresses and storing them to a database. If these tools run theentire night, they can capture hundreds of thousands of e-mailaddresses.Power E-mail Collector Tool o It is a powerful email address harvesting program. o It can collect up to 750,000 unique valid email addresses per hour with a cable/Dsl. o It only collects valid email addresses. o You do not have to worry about ending up with undeliverable addresses.ER.MUJMMIL SHAIKH
  32. 32. Appin Tech 2011LOCATING NETWORK ACTIVITY1. GEO Spider Tool GEO spider helps you to detect, identify, and monitor your network activity on the world map. You can see website‟s IP address location on the earth. Geo spider can trace a domain name.ER.MUJMMIL SHAIKH
  33. 33. Appin Tech 20112. Geo where tool. Geo where handles many popular news groups to find answers to your queries in an easy and fast manner. it can also seek information from country specific search engines for better results. Use Geo where to footprint an organizations:  News groups search  Mailing list finder  Easy web search  Daily newsER.MUJMMIL SHAIKH
  34. 34. Appin Tech 2011SEARCH ENGINES A web search engine is designed to search for information on the WorldWide Web and FTP servers. The search results are generally presented in a list ofresults and are often called hits. The information may consist of web pages,images, information and other types of files. Some search engines also mine data available in databases or opendirectories. Unlike Web directories, which are maintained by human editors, searchengines operate algorithmically or are a mixture of algorithmic and human input. Anew type of search engine has recently been launched where an individual can ownkeywords and profit from that relationship. 1. Kartoo Search Engine. 2. Dogpile Search Engine.Search Engine List 1. 20SEARCH 2. ALL THE WEB 3. ALTA VISTA 4. AOL SEARCH 5. ASK JEEVES 6. DOGPILE 7. EBAY 8. EXCITE 9. GIGABLAST 10.GOOGLE 11.IWON 12.JOEANT 13.LYCOS 14.MAMMA 15.MSN 16.NETSCAPE 17.OPEN DIRECTORY 18.WEBCRAWLER 19.WIKIPEDIA 20.YAHOOER.MUJMMIL SHAIKH
  35. 35. Appin Tech 2011How to fake websites?Website spoofing Website spoofing is the act of creating a website, as a hoax, with theintention of misleading readers that the website has been created by a differentperson or organization. Another meaning for spoof is fake websites. Normally, thewebsite will adopt the design of the target website and sometimes has a similarURL. Another technique is to use a cloaked URL. By using domain forwarding,or inserting control characters, the URL can appear to be genuine while concealingthe address of the actual website. The objective may be fraudulent, often associatedwith phishing or e-mail spoofing, or to criticize or make fun of the person or bodywhose website the spoofed site purports to represent.Steps to create fake login pages: 1. Open any form building website ( & sign up. 2. Login with newly registered account. 3. Click > create first form. 4. Delete all pre-defined entries and just leave „first name‟. 5. Click > first name & click > power tool option. 6. Double click > password Box. 7. Click the newly form password entry to rename it as „password‟. 8. Click > properties option. 9. Give any title to the form. 10.Put any link. 11.Open source code option. 12.Code is save “.html” Format. 13.Using free hosting website upload file.ER.MUJMMIL SHAIKH
  36. 36. Appin Tech 2011Summary:ER.MUJMMIL SHAIKH