Footprinting
   HOME

TheInfoList



Click Here for Items Related To - Footprinting
OR:
Footprinting on:   [Wikipedia]   [Google]   [Amazon]

Footprinting (also known as reconnaissance) is the technique used for gathering information about computer systems and the entities they belong to. To get this information, a hacker might use various tools and technologies. This information is very useful to a hacker who is trying to crack a whole system. When used in the computer security lexicon, "Footprinting" generally refers to one of the pre-attack phases; tasks performed before doing the actual attack. Some of the tools used for Footprinting are
Sam Spade Sam Spade is a fictional character and the protagonist of Dashiell Hammett's 1930 novel '' The Maltese Falcon''. Spade also appeared in four lesser-known short stories by Hammett. ''The Maltese Falcon'', first published as a serial in the pulp ...
,
nslookup nslookup (from ''name server lookup'') is a network administration command-line tool for querying the Domain Name System (DNS) to obtain the mapping between domain name and IP address, or other DNS records. Overview nslookup was a member of the ...
,
traceroute In computing, traceroute and tracert are computer network diagnostic commands for displaying possible routes (paths) and measuring transit delays of packets across an Internet Protocol (IP) network. The history of the route is recorded as th ...
,
Nmap Nmap (Network Mapper) is a network scanner created by Gordon Lyon (also known by his pseudonym ''Fyodor Vaskovich''). Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses. Nmap provides ...
and neotrace.


Techniques used for Footprinting

*
DNS The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to ...
queries *
Network enumeration Network enumeration is a computing activity in which usernames and info on groups, shares, and services of networked computers are retrieved. It should not be confused with network mapping, which only retrieves information about which servers ar ...
*Network queries *
Operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems schedule tasks for efficient use of the system and may also in ...
identification


Software used for Footprinting to get entity information

Wireshark Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, the project was renamed Wireshark in May 2006 d ...


Uses of Footprinting

It allows a hacker to gain information about the target system or network. This information can be used to carry out attacks on the system. That is the reason by which it may be named a Pre-Attack, since all the information is reviewed in order to get a complete and successful resolution of the attack. Footprinting is also used by ethical hackers and penetration testers to find security flaws and vulnerabilities within their own company's network before a malicious hacker does.


Types of Footprinting

There are two types of Footprinting that can be used: active Footprinting and passive Footprinting. Active Footprinting is the process of using tools and techniques, such as performing a
ping sweep In computing, a ping sweep is a method that can establish a range of IP addresses which map to live hosts. The classic tool used for ping sweeps is ,Stuart McClure, Joel Scambray, George Kurtz, ''Hacking Exposed: Network Security Secrets & Solutio ...
or using the traceroute command, to gather information on a target. Active Footprinting can trigger a target's
Intrusion Detection System An intrusion detection system (IDS; also intrusion prevention system or IPS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically rep ...
(IDS) and may be logged, and thus requires a level of stealth to successfully do. Passive Footprinting is the process of gathering information on a target by innocuous, or, passive, means. Browsing the target's website, visiting social media profiles of employees, searching for the website on WHOIS, and performing a Google search of the target are all ways of passive Footprinting. Passive Footprinting is the stealthier method since it will not trigger a target's IDS or otherwise alert the target of information being gathered.


Crawling

Crawling is the process of surfing the internet to get the required information about the target. The sites surfed can include the target's website, blogs and social networks. The information obtained by this method will be helpful in other methods.


WHOIS

WHOIS WHOIS (pronounced as the phrase "who is") is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block or an autonomou ...
is a web application used to get information about the target website, such as the administrator's e-mail address and details about the registration. WHOIS is a very large database and contains information of approximately all clearnet websites. It can be searched by domain name.


Search engines

Search engines such as
Google Google LLC () is an American multinational technology company focusing on search engine technology, online advertising, cloud computing, computer software, quantum computing, e-commerce, artificial intelligence, and consumer electronics. ...
can also be used to gather information about the target system. It depends on how well one knows how to use search engines to collect information. If used properly, the attacker can gather much information about a company, its career, its policies, etc.


Traceroute

Information can also be gathered using the command Tracert ("
traceroute In computing, traceroute and tracert are computer network diagnostic commands for displaying possible routes (paths) and measuring transit delays of packets across an Internet Protocol (IP) network. The history of the route is recorded as th ...
"), which is used to trace a path between a user and the target system on the networks. That way it becomes clear where a request is being forwarded and through which devices. In
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which ...
systems, the tracepath and traceroute commands are also available for doing traceroute operations.


Negative web search

Negative web search will reveal some other websites when performed on the target website. Negative websites can act as resources for insight about the flaws of the target website.


Information to be Gathered

If the attack is to be performed on a company, then the following information will be gathered. *Company details, employee details and their email addresses. *Relation with other companies. *Project details involving other companies. *Legal documents of the company. *News relating company website. *Patents and trademarks regarding that particular company. *Important dates regarding new projects.


See also

*
Digital footprint Digital footprint or digital shadow refers to one's unique set of traceable digital activities, actions, contributions and communications manifested on the Internet or digital devices. Digital footprints can be classified as either passive or ...
*
Network Security Network security consists of the policies, policies, processes and practices adopted to prevent, detect and monitor unauthorized access, Abuse, misuse, modification, or denial of a computer network and network-accessible resources. Network securi ...


References

{{Reflist Computer security Computing terminology