Presentation is loading. Please wait.

Presentation is loading. Please wait.

Reconnaissance Steps. EC-Council Gathering information from Open Sources  Owner of IP-address range  Address Range  Domain Names  Computing Platforms.

Published byAugust Norton Modified over 9 years ago

Similar presentations

Presentation on theme: "Reconnaissance Steps. EC-Council Gathering information from Open Sources  Owner of IP-address range  Address Range  Domain Names  Computing Platforms."— Presentation transcript:

1 Reconnaissance Steps

2 EC-Council Gathering information from Open Sources  Owner of IP-address range  Address Range  Domain Names  Computing Platforms  Network Architecture  User(name) Information  Physical Location  Active Services

3 EC-Council Gathering information from Open Sources  Technical Contact  Business Partners  Administrative Contacts  Email Addresses  Technology being used  Phone No's  Route to target's  Internet Accessible data

4 EC-Council Gathering information from Open Sources  Public Server's Banner Information.  DNS Servers  WEB Servers  SMTP Servers  Zones & Sub-domains  Locate Firewalls/Perimeter devices.

5 EC-Council Target's Website  Mirror the web  Use Grep or Similar  Scan for keywords  Banner Information  Applications  Cgi's  Cookie style  Scripting language  Code-reading  Weblogs info

6 EC-Council DNS  AXFR  Version  Zones & Sub-domains  Nmap -sL  DNSDig  Nslookup  Dig commands  Host commands  Active services

7 EC-Council SMTP  Verfy; email enumeration  Banner information  Bounced Emails  Email Header  Email mapping

8 EC-Council Search Engines (Google)  intitle: "index of /etc"  inurl: "config.php.bak"  site:"target.com"  filetype:".bak"  Cross-Links  Search for group postings  News Articles

9 EC-Council Traceroute  ISP information  Locate Firewalls  Network Infrastructure  Tcptraceroute  Firewalk

10 EC-Council Job Databases  Job requirements  Employee profile  Hardware information  Software information

11 EC-Council Personal Website  Employee job profile  Hardware information  Software information

12 EC-Council Ping  List of live systems  RTT, delays  N/W connectivity

Download ppt "Reconnaissance Steps. EC-Council Gathering information from Open Sources  Owner of IP-address range  Address Range  Domain Names  Computing Platforms."

Similar presentations

Let's say we want to access domain - reliablescribe.com First we need to buy a computer We need to subscribe to an Internet Service Provider (ISP) The.

Let's say we want to access domain - reliablescribe.com First we need to buy a computer We need to subscribe to an Internet Service Provider (ISP) The.
NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.

NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.
 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
This module will familiarize you with the following:  Overview of the Reconnaissance Phase  Footprinting: An Introduction  Information Gathering Methodology.

This module will familiarize you with the following:  Overview of the Reconnaissance Phase  Footprinting: An Introduction  Information Gathering Methodology.
Chapter 2 Gathering Target Information: Reconnaissance, Footprinting, and Social Engineering.

Chapter 2 Gathering Target Information: Reconnaissance, Footprinting, and Social Engineering.
Chapter 14: Troubleshooting and Problem Resolution.

Chapter 14: Troubleshooting and Problem Resolution.
Week 2 -1 Week 2: Footprinting What is Footprinting? –Systematic collection of information on an intended target with the goal to create a complete profile.

Week 2 -1 Week 2: Footprinting What is Footprinting? –Systematic collection of information on an intended target with the goal to create a complete profile.
Chapter 5 Phase 1: Reconnaissance. Reconnaissance  Finding as much information about the target as possible before launching the first attack packet.

Chapter 5 Phase 1: Reconnaissance. Reconnaissance  Finding as much information about the target as possible before launching the first attack packet.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Domains and Hosting Randolph Technical Career Center Bobby Erwin.

Domains and Hosting Randolph Technical Career Center Bobby Erwin.
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.
By: Marcus Owens. Essential Components Your computer depends on two things: hardware and software. Hardware are physical components that make up your.

By: Marcus Owens. Essential Components Your computer depends on two things: hardware and software. Hardware are physical components that make up your.
IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)

IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)
مقدمه ای بر طراحی صفحات وب. 2 Web Components  Clients and Servers  Internet Service Providers  Web Site Hosting Services  Domains Names, URL ’ s and.

مقدمه ای بر طراحی صفحات وب. 2 Web Components  Clients and Servers  Internet Service Providers  Web Site Hosting Services  Domains Names, URL ’ s and.
Basic Network Training. Cable/DSL Modem The modem is the first link in the chain It is usually provided by the ISP and often has a coax cable connector.

Basic Network Training. Cable/DSL Modem The modem is the first link in the chain It is usually provided by the ISP and often has a coax cable connector.
EC-Council’s Certified Ethical Hacker (CEH) Richard Henson May 2012.

EC-Council’s Certified Ethical Hacker (CEH) Richard Henson May 2012.
Data Gathering A hacker can’t do anything to you if they don’t know anything about you. The hacker requires: –A target –Your ip address –Your OS type –What.

Data Gathering A hacker can’t do anything to you if they don’t know anything about you. The hacker requires: –A target –Your ip address –Your OS type –What.
A brief walkthrough the world of the internet.  TCP/IP stands for Transmission Control Protocol/Internet Protocol  TCP/IP is the standard for transmitting.

A brief walkthrough the world of the internet.  TCP/IP stands for Transmission Control Protocol/Internet Protocol  TCP/IP is the standard for transmitting.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
Chapter 10 Networking and the Internet ITSC 1458.

Chapter 10 Networking and the Internet ITSC 1458.

Similar presentations

Ads by Google