Foot Printing / Scanning Tools Lect 4 – NETW 4006

Slides:



Advertisements
Similar presentations
NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.
Advertisements

Computer Security Fundamentals
Scanning Determining if the system is alive IP Scanning Port Scanning War Dialing.
Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.
System Security Scanning and Discovery Chapter 14.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
1 Colorado University Guest Lecture: Vulnerability Assessment Chris Triolo Spring 2007.
Week 3-1 Week 3 Scanning Determine if system is alive Determine which services are running or listening Determine the OS.
SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.
Computer Security and Penetration Testing
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Penetration Testing.
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.
Topics  Definitions  Introduction  Structure of Web Site –Mirror Site vs Public Site –Intranet & Extranet –Information  Available tools.
 Find out initial information ◦ Open Source ◦ Whois ◦ Nslookup  Find out address range of the network ◦ ARIN (American registry for internet numbers)
By Julia Nguyen B2. What is it?  Networking is two or more computers linked together  Two common types are Local Area Network (LAN) and Wide Area Network.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
What is FORENSICS? Why do we need Network Forensics?
Attack Lifecycle Many attacks against information systems follow a standard lifecycle: –Stage 1: Info. gathering (reconnaissance) –Stage 2: Penetration.
CIS 450 – Network Security Chapter 3 – Information Gathering.
INTRODUCTION TO SERVERS & INSTALLATION OF WINDOWS SERVER 2008 R2 Network Administration and Maintenance.
# Ethical Hacking. 2 # Ethical Hacking - ? Why – Ethical Hacking ? Ethical Hacking - Process Ethical Hacking – Commandments Reporting.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
Linux Networking and Security
IT Essentials 1 Chapter 9 JEOPADY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.
Network Assessment How intrusion techniques contribute to system/network security Network and system monitoring System mapping Ports, OS, applications.
CHAPTER 3 Classes of Attack. INTRODUCTION Network attacks come from both inside and outside firewall. Kinds of attacks: 1. Denial-of-service 2. Information.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006.
1 Security Penetration Testing Angela Davis Mrinmoy Ghosh ECE4112 – Internetwork Security Georgia Institute of Technology.
Module 3 – Information Gathering  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability Identification.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
Retina Network Security Scanner
Footprinting and Scanning
Network Reconnaissance CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.
Footprinting/Scanning/ Enumeration Lesson 9. Footprinting External attack: Enables attackers to create a profile of an organization’s security posture.
Kali Linux BY BLAZE STERLING. Roadmap  What is Kali Linux  Installing Kali Linux  Included Tools  In depth included tools  Conclusion.
COMP1321 Digital Infrastructures Richard Henson University of Worcester April 2016.
 Terms:  “Security”: is a system’s ability to provide services while maintaining the five IA pillars  “Attack”: an action that violates one of the.
General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use.
Department of Computer Science Introduction to Information Security Chapter 7 Activity Security Assessment Semester 1.
WHAT IS FOOTPRINTING?. FOOTPRINTING  Active  Passive - Passive footprinting is a method in which the attacker never makes any contact with the target.
Routers and Redundancy
Enumeration The First Step.
Seminar On Ethical Hacking Submitted To: Submitted By:
Port Scanning James Tate II
Footprinting and Scanning
Secure Software Confidentiality Integrity Data Security Authentication
Footprinting (definition 1)
Vulnerability Scanning with Credentials
An Introduction to the Basics
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
GCE Applied ICT G053: Lesson 01 Introduction To The Unit
Footprinting and Scanning
Welcome To : Group 1 VC Presentation
Client-Server Computing
Network Security and Monitoring
Intro to Ethical Hacking
RECONNAISSANCE & ENUMERATION
FootPrinting CS391.
Learning objectives By the end of this unit you should: Explain
Traffic Analysis– Wireshark Simple Example
Internet Protocols IP: Internet Protocol
How hackers do it Ron Woerner Security Administrator CSG Systems, Inc.
Unit 32 Every class minute counts! 2 assignments 3 tasks/assignment
Advantages & Disadvantages
EVAPI - Enumeration Auburn Hacking club
Presentation transcript:

Foot Printing / Scanning Tools Lect 4 – NETW 4006

Reconnaissance

photographic print of plans or technical drawings . Foot printing Blueprint - photographic print of plans or technical drawings etc. photographic print of plans or technical drawings .

Why ? foot printing necessary photographic print of plans or technical drawings : - something intended as a guide for making something else

Areas & Information which Attackers Seek Enumeration – Details An intranet is a computing service that is run over a local area network, containing files within a webpage that is not publicly accessible to the public and requires authentication. If the intranet service can be accessed outside of a company, than it becomes an extranet, meaning that it would have a gateway to and from the internet, allowing public access to the service. Rather than being stored onto a public internet server, the extranet would be stored normally in the company's private server.

Information Gathering

People search www.peoplefinders.com www.Spokeo.com

Extracting Archive of a Website Archive – Records, Files, documents Archive – Records, Files, documents

Switchboard http://www.switchboard.com

Foot printing Thorough Job Sites

Cont.

Passive Information Gathering A penetration test, occasionally pentest, is a method of evaluating the security of a computer system or network by simulating an attack from malicious outsiders (who do not have an authorized means of accessing the organization's systems) and malicious insiders (who have some level of authorized access). A penetration test, is a method of evaluating the security of a computer system or network by simulating an attack from malicious outsiders (who do not have an authorized means of accessing the organization's systems) and malicious insiders (who have some level of authorized access).

Competitive Intelligence Gathering Subtle – slight

Why do you need Competitive Intelligence http://www.bidigital.com/ci/

Foot Printing Tools

Steps to perform Foot Printing

Scanning

Scanning - Definition

Types of scanning

Objective of scanning

Methodology

Checking for Live systems – ICMP Scanning

Examples of Scanning Tools Angry IP Scanner Ping Sweep NMAP NetScan WUPS-UDP Scanner IP Scanner Global Network Inventory Scanner Inflirtrator LanView WotWeb

Banner Grabbing OS Fingerprinting

Active & Passive Passive foot printing means there’s no direct touch to the target. It’s information that you gather from other sources, not the target itself. So, going to a company’s website would be a direct touch. That wouldn’t be passive, that would be an active foot printing technique. Further examples in this distinction of passive vs. active foot printing are that active foot printing techniques directly touch things like websites. Web servers, banner grabbing web servers, banner grabbing FTP servers are examples of this. Those are the types of active foot printing. They’re still not attacks or penetration, but they’re gathering information in a more direct fashion. So pinging a site and trace routing a site so you are actually grabbing all of the information from a site is a technique called mirroring where you’re downloading every bit of data you possibly can find from a website. It may not be a security violation, but it is certainly an active attack or an active foot printing technique. Passive foot printing means there’s no direct touch to the target

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.