Reconnaissance Steps. EC-Council Gathering information from Open Sources  Owner of IP-address range  Address Range  Domain Names  Computing Platforms.

Slides:

Advertisements

Similar presentations

Let's say we want to access domain - reliablescribe.com First we need to buy a computer We need to subscribe to an Internet Service Provider (ISP) The.

Advertisements

NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

This module will familiarize you with the following:  Overview of the Reconnaissance Phase  Footprinting: An Introduction  Information Gathering Methodology.

Chapter 2 Gathering Target Information: Reconnaissance, Footprinting, and Social Engineering.

Chapter 14: Troubleshooting and Problem Resolution.

Week 2 -1 Week 2: Footprinting What is Footprinting? –Systematic collection of information on an intended target with the goal to create a complete profile.

Chapter 5 Phase 1: Reconnaissance. Reconnaissance  Finding as much information about the target as possible before launching the first attack packet.

Computer Security and Penetration Testing

Domains and Hosting Randolph Technical Career Center Bobby Erwin.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

By: Marcus Owens. Essential Components Your computer depends on two things: hardware and software. Hardware are physical components that make up your.

IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)

مقدمه ای بر طراحی صفحات وب. 2 Web Components  Clients and Servers  Internet Service Providers  Web Site Hosting Services  Domains Names, URL ’ s and.

Basic Network Training. Cable/DSL Modem The modem is the first link in the chain It is usually provided by the ISP and often has a coax cable connector.

EC-Council’s Certified Ethical Hacker (CEH) Richard Henson May 2012.

Data Gathering A hacker can’t do anything to you if they don’t know anything about you. The hacker requires: –A target –Your ip address –Your OS type –What.

A brief walkthrough the world of the internet.  TCP/IP stands for Transmission Control Protocol/Internet Protocol  TCP/IP is the standard for transmitting.

1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

Chapter 10 Networking and the Internet ITSC 1458.

Attack Lifecycle Many attacks against information systems follow a standard lifecycle: –Stage 1: Info. gathering (reconnaissance) –Stage 2: Penetration.

CIS 450 – Network Security Chapter 3 – Information Gathering.

Attack Methods Chapter 4 Corporate IT Security Copyright 2002 Prentice-Hall.

Here you are at your computer, but you don’t have internet connections. Your ISP becomes your link to the internet. In order to get access you need to.

Web-site Design Strategy.  For P4, learners are required to design a website for LocalBiz - Manningham, this is for a specified purpose and a defined.

Component 4: Introduction to Information and Computer Science Unit 7: Networks & Networking (Part 2 of 5)

DIYTP Assessing a System - Basics  Why?  Vulnerabilities  What to look at:  The six ‘P’s  Patch  Ports  Protect  Policies  Probe  Physical.

Internet Vocabulary CTE Intro. URL  The “address” of a website. Entering this address in the Address Bar will take you directly to a particular website.

Internet Vocabulary CTE Intro. URL  The “address” of a website. Entering this address in the Address Bar will take you directly to a particular website.

The Internet The internet is simply a worldwide computer network that uses standardised communication protocols to transmit and exchange data.

# Ethical Hacking. 2 # Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting.

Network Assessment How intrusion techniques contribute to system/network security Network and system monitoring System mapping Ports, OS, applications.

Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.

Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006.

Module 3 – Information Gathering  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability Identification.

How the Web Works Building a Website – Lesson 1. How People Access the Web Browsers People access websites using software called a web browser. To view.

ROAD TO EXPLOITATION Dr. Andy Wu BCIS 4630 Fundamentals of IT Security.

IT ELECTRONIC COMMERCE THEORY NOTES

Jeopardy ProtocolsPartsPrograms General Internet HTML Q $100 Q $200 Q $300 Q $400 Q $500 Q $100 Q $200 Q $300 Q $400 Q $500 Final Jeopardy.

Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets.

Footprinting and Scanning

CS3695 – Network Vulnerability Assessment & Risk Mitigation – Supplemental Slides to Module #2 Footprinting and Reconnaissance Intelligence Gathering CEH.

Network Reconnaissance CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.

Chapter 2 Rheachel, Jessica, Megan, and Cassidy Communications, Networks, the Internet, and the World Wide Web.

JMU GenCyber Boot Camp Summer, Introduction to Reconnaissance Information gathering – Social engineering – Physical break-in – Dumpster diving Scanning.

Google Hacking University of Sunderland CSEM02 Harry R Erwin, PhD Peter Dunne, PhD.

Footprinting. Traditional Hacking The traditional way to hack into a system the steps include: Footprint: Get a big picture of what the network is Scan.

Copyright © Cengage Learning. All rights reserved.16 | 1 Using Computers and the Internet to Obtain Information Information society –A society in which.

Footprinting/Scanning/ Enumeration Lesson 9. Footprinting External attack: Enables attackers to create a profile of an organization’s security posture.

Uniform Resource Locator URL protocol URL host Path to file Every single website on the Internet has its own unique.

Kali Linux BY BLAZE STERLING. Roadmap  What is Kali Linux  Installing Kali Linux  Included Tools  In depth included tools  Conclusion.

Penetration Testing By Blaze Sterling. Roadmap What is Penetration Testing How is it done? Penetration Testing Tools Kali Linux In depth included tools.

COMP1321 Digital Infrastructures Richard Henson University of Worcester April 2016.

 Terms:  “Security”: is a system’s ability to provide services while maintaining the five IA pillars  “Attack”: an action that violates one of the.

Modern information gathering Dave van Stein 9 april 2009.

Recrusoft A web product developed for Recruitment / Placement Agencies by Gridaxis softwares recrusoft.gridaxis.in Gridaxis Softwares.

WHAT IS FOOTPRINTING?. FOOTPRINTING  Active  Passive - Passive footprinting is a method in which the attacker never makes any contact with the target.

Tools We Are Going To Use

Footprinting and Scanning

The Advantages of a Trial Balance Software

Footprinting and Scanning

FootPrinting CS391.

Learning objectives By the end of this unit you should: Explain

Passive Research Section 2 11/29/2018.

الانترنت والبريد الإلكتروني

Footprinting. Сбор данных

Windows Server Administration Fundamentals

Read this to find out how the internet works!

WJEC GCSE Computer Science

COMPUTER NETWORKS AND THE INTERNET Chapter 6

Presentation transcript:

Reconnaissance Steps

EC-Council Gathering information from Open Sources  Owner of IP-address range  Address Range  Domain Names  Computing Platforms  Network Architecture  User(name) Information  Physical Location  Active Services

EC-Council Gathering information from Open Sources  Technical Contact  Business Partners  Administrative Contacts  Addresses  Technology being used  Phone No's  Route to target's  Internet Accessible data

EC-Council Gathering information from Open Sources  Public Server's Banner Information.  DNS Servers  WEB Servers  SMTP Servers  Zones & Sub-domains  Locate Firewalls/Perimeter devices.

EC-Council Target's Website  Mirror the web  Use Grep or Similar  Scan for keywords  Banner Information  Applications  Cgi's  Cookie style  Scripting language  Code-reading  Weblogs info

EC-Council DNS  AXFR  Version  Zones & Sub-domains  Nmap -sL  DNSDig  Nslookup  Dig commands  Host commands  Active services

EC-Council SMTP  Verfy; enumeration  Banner information  Bounced s  Header  mapping

EC-Council Search Engines (Google)  intitle: "index of /etc"  inurl: "config.php.bak"  site:"target.com"  filetype:".bak"  Cross-Links  Search for group postings  News Articles

EC-Council Traceroute  ISP information  Locate Firewalls  Network Infrastructure  Tcptraceroute  Firewalk

EC-Council Job Databases  Job requirements  Employee profile  Hardware information  Software information

EC-Council Personal Website  Employee job profile  Hardware information  Software information

EC-Council Ping  List of live systems  RTT, delays  N/W connectivity