FootPrinting CS391.

Slides:

Advertisements

Similar presentations

Module II Footprinting

Advertisements

NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.

This module will familiarize you with the following:  Overview of the Reconnaissance Phase  Footprinting: An Introduction  Information Gathering Methodology.

Chapter 2 Gathering Target Information: Reconnaissance, Footprinting, and Social Engineering.

Essential NetTools Pranay Kumar. Essential NetTools  This tool is a set of network tools useful in diagnosing networks and monitoring your computer's.

TA : Eng.Hala O. Abu Radi.. Nslookup Command SYNOPSIS nslookup [-option... ] [host-to-find | -[server ] ] DESCRIPTION Nslookup is a program to query Internet.

Footprinting February 16, 2010 MIS 4600 – MBA © Abdou Illia.

Week 2 -1 Week 2: Footprinting What is Footprinting? –Systematic collection of information on an intended target with the goal to create a complete profile.

Chapter 5 Phase 1: Reconnaissance. Reconnaissance  Finding as much information about the target as possible before launching the first attack packet.

Reconnaissance Steps. EC-Council Gathering information from Open Sources  Owner of IP-address range  Address Range  Domain Names  Computing Platforms.

Penetration Testing.

Networking Basics: DNS IP addresses are usually paired with more human-friendly names: Domain Name System (DNS). internet.rutgers.edu HostnameOrganizationTop-level.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

1 ISA Server 2004 Installation & Configuration Overview By Nicholas Quinn.

 Find out initial information ◦ Open Source ◦ Whois ◦ Nslookup  Find out address range of the network ◦ ARIN (American registry for internet numbers)

Footprinting Richard Newman “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the.

Name Resolution Domain Name System.

CNIT 124: Advanced Ethical Hacking. CASING THE ESTABLISHMENT CASE STUDY.

1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

CS391 Computer & Network Security

CIS 450 – Network Security Chapter 3 – Information Gathering.

Deploying a Web Application Presented By: Muhammad Naveed Date:

DIYTP Assessing a System - Basics  Why?  Vulnerabilities  What to look at:  The six ‘P’s  Patch  Ports  Protect  Policies  Probe  Physical.

Setting up Gmail with Godaddy/Hostgator To use Gmail with your domain (e.g. moonlighthk.com) you will need to add the MX Entry records on your Cpanel.

1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

Network Assessment How intrusion techniques contribute to system/network security Network and system monitoring System mapping Ports, OS, applications.

Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.

Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006.

Network Monitor By Zhenhong Zhao. What is the Network Monitor? The Network Monitor is a tool that gets information off of the host on the LAN. – Enumerating.

ROAD TO EXPLOITATION Dr. Andy Wu BCIS 4630 Fundamentals of IT Security.

Computer Networks Fall, 2007 Prof Peterson. CIS 235: Networks Fall, 2007 Western State College How’s it going??

TCOM Information Assurance Management Casing the Establishment.

Footprinting and Scanning

CS3695 – Network Vulnerability Assessment & Risk Mitigation – Supplemental Slides to Module #2 Footprinting and Reconnaissance Intelligence Gathering CEH.

Network Reconnaissance CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.

Footprinting. Traditional Hacking The traditional way to hack into a system the steps include: Footprint: Get a big picture of what the network is Scan.

Footprinting/Scanning/ Enumeration Lesson 9. Footprinting External attack: Enables attackers to create a profile of an organization’s security posture.

 Terms:  “Security”: is a system’s ability to provide services while maintaining the five IA pillars  “Attack”: an action that violates one of the.

Department of Computer Science Introduction to Information Security Chapter 7 Activity Security Assessment Semester 1.

Chapter 5c.  Upon completion of this chapter, you should be able to:  Configure IP addresses  Identify & select valid IP addresses for networks  Configure.

WHAT IS FOOTPRINTING?. FOOTPRINTING  Active  Passive - Passive footprinting is a method in which the attacker never makes any contact with the target.

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Ip addressing: dhcp & dns

Chapter 3 Intelligence Gathering

Topic 5 Penetration Testing 滲透測試

Everything You need to know

Footprinting and Scanning

Domain Name System DNS - A system for converting host names and domain names into IP addresses on the Internet or on local networks that use the TCP/IP.

OSINT: DNS Module Type: Basic Method Module Number: 0x06

Domain Name Registration, ICANN, Registrars & Hosting Options

Calvin Wilson Craig Delzangle

IMPLEMENTING NAME RESOLUTION USING DNS

Linux Ubuntu Network Commands 3 A.S.

Benefits of Using Domain Name System (DNS)

Footprinting (definition 1)

Client Client 4) Hello , please give me the website

Footprinting and Scanning

2018 Latest Eccouncil Exam Questions Answers - Eccouncil Dumps PDF

Unit 27: Network Operating Systems

Domain Name System (DNS)

Learning objectives By the end of this unit you should: Explain

Passive Research Section 2 11/29/2018.

Unit 2 The Web Book Test.

16, May, 2010 Baseer Ahmad Baheer

Footprinting. Сбор данных

Ip addressing: dhcp & dns

Managing Routing Module 9 In this module we will look at the techniques required to ensure that messages are delivered to their intended destinations.

IPv6 Allocation Service in JPNIC

Presentation transcript:

FootPrinting CS391

Overview What is footprinting? Main steps of footprinting.

What is Footprinting? Create a complete profile of an organization’s security posture using a set of tools and techniques. The profile usually includes detailed information about IP addresses and blocks, range of domain names, remote access, intranet structure, systems connected to the Internet …etc.

Main Steps Usually, the process involves six steps: Determine scope of activities. Get proper authorization. Collect publicly available information WHOIS and DNS enumeration DNS Interrogation Network Reconnaissance

Determine Scope of Activities Organization networks are usually very large. One focuses only on sub-targets.

Get Proper Authorization Try to gain access to the system using a proper account.

Publicly Available Information Company websites and pages. Physical location. Related organizations. Privacy, security policies adopted. Disgruntled employees.

Where can I find the required information?

ICANN Structure

Google Information

Nesma Information

WHOIS and DNS Enumeration Internet domain names. IP address numbers. Protocol parameters and port numbers.

DNS Interrogation: Many people use nslookup for this purpose:

nslookup

Types of Queries Type A A simple query for the IP address corresponding to DNS Type CNAME A given host can have several DNS names. One of these is the canonical or reference name. Type MX A mail exchanger query, to discover the real name of the corresponding mail server Type HINFO An HINFO query. This is only useful if the DNS domain administrator has bothered to create the relevant records and keep them up to date.

Network Reconnaissance Traceroute is the tool.

Superscan:

Supersacn

Enumerate