Presentation is loading. Please wait.

Presentation is loading. Please wait.

FootPrinting CS391.

Published byBrianna Skinner Modified over 6 years ago

Similar presentations

Presentation on theme: "FootPrinting CS391."— Presentation transcript:

1 FootPrinting CS391

2 Overview What is footprinting? Main steps of footprinting.

3 What is Footprinting? Create a complete profile of an organization’s security posture using a set of tools and techniques. The profile usually includes detailed information about IP addresses and blocks, range of domain names, remote access, intranet structure, systems connected to the Internet …etc.

4 Main Steps Usually, the process involves six steps:
Determine scope of activities. Get proper authorization. Collect publicly available information WHOIS and DNS enumeration DNS Interrogation Network Reconnaissance

5 Determine Scope of Activities
Organization networks are usually very large. One focuses only on sub-targets.

6 Get Proper Authorization
Try to gain access to the system using a proper account.

7 Publicly Available Information
Company websites and pages. Physical location. Related organizations. Privacy, security policies adopted. Disgruntled employees.

8 Where can I find the required information?

9 ICANN Structure

10 Google Information

11 Nesma Information

12 WHOIS and DNS Enumeration
Internet domain names. IP address numbers. Protocol parameters and port numbers.

13 DNS Interrogation: Many people use nslookup for this purpose:

14 nslookup

15 Types of Queries Type A A simple query for the IP address corresponding to DNS Type CNAME A given host can have several DNS names. One of these is the canonical or reference name. Type MX A mail exchanger query, to discover the real name of the corresponding mail server Type HINFO An HINFO query. This is only useful if the DNS domain administrator has bothered to create the relevant records and keep them up to date.

16 Network Reconnaissance
Traceroute is the tool.

17 Superscan:

18 Supersacn

19 Enumerate

Download ppt "FootPrinting CS391."

Similar presentations

Module II Footprinting

Module II Footprinting
NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.

NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.
This module will familiarize you with the following:  Overview of the Reconnaissance Phase  Footprinting: An Introduction  Information Gathering Methodology.

This module will familiarize you with the following:  Overview of the Reconnaissance Phase  Footprinting: An Introduction  Information Gathering Methodology.
Chapter 2 Gathering Target Information: Reconnaissance, Footprinting, and Social Engineering.

Chapter 2 Gathering Target Information: Reconnaissance, Footprinting, and Social Engineering.
Essential NetTools Pranay Kumar. Essential NetTools  This tool is a set of network tools useful in diagnosing networks and monitoring your computer's.

Essential NetTools Pranay Kumar. Essential NetTools  This tool is a set of network tools useful in diagnosing networks and monitoring your computer's.
TA : Eng.Hala O. Abu Radi.. Nslookup Command SYNOPSIS nslookup [-option... ] [host-to-find | -[server ] ] DESCRIPTION Nslookup is a program to query Internet.

TA : Eng.Hala O. Abu Radi.. Nslookup Command SYNOPSIS nslookup [-option... ] [host-to-find | -[server ] ] DESCRIPTION Nslookup is a program to query Internet.
Footprinting February 16, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Footprinting February 16, 2010 MIS 4600 – MBA © Abdou Illia.
Week 2 -1 Week 2: Footprinting What is Footprinting? –Systematic collection of information on an intended target with the goal to create a complete profile.

Week 2 -1 Week 2: Footprinting What is Footprinting? –Systematic collection of information on an intended target with the goal to create a complete profile.
Chapter 5 Phase 1: Reconnaissance. Reconnaissance  Finding as much information about the target as possible before launching the first attack packet.

Chapter 5 Phase 1: Reconnaissance. Reconnaissance  Finding as much information about the target as possible before launching the first attack packet.
Reconnaissance Steps. EC-Council Gathering information from Open Sources  Owner of IP-address range  Address Range  Domain Names  Computing Platforms.

Reconnaissance Steps. EC-Council Gathering information from Open Sources  Owner of IP-address range  Address Range  Domain Names  Computing Platforms.
Penetration Testing.

Penetration Testing.
Networking Basics: DNS IP addresses are usually paired with more human-friendly names: Domain Name System (DNS). internet.rutgers.edu HostnameOrganizationTop-level.

Networking Basics: DNS IP addresses are usually paired with more human-friendly names: Domain Name System (DNS). internet.rutgers.edu HostnameOrganizationTop-level.
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.
DNS.

DNS.
1 ISA Server 2004 Installation & Configuration Overview By Nicholas Quinn.

1 ISA Server 2004 Installation & Configuration Overview By Nicholas Quinn.
 Find out initial information ◦ Open Source ◦ Whois ◦ Nslookup  Find out address range of the network ◦ ARIN (American registry for internet numbers)

 Find out initial information ◦ Open Source ◦ Whois ◦ Nslookup  Find out address range of the network ◦ ARIN (American registry for internet numbers)
Footprinting Richard Newman “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the.

Footprinting Richard Newman “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the.
Name Resolution Domain Name System.

Name Resolution Domain Name System.
CNIT 124: Advanced Ethical Hacking. CASING THE ESTABLISHMENT CASE STUDY.

CNIT 124: Advanced Ethical Hacking. CASING THE ESTABLISHMENT CASE STUDY.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

Similar presentations

Ads by Google