Presentation is loading. Please wait.

Presentation is loading. Please wait.

Foot Printing / Scanning Tools Lect 4 – NETW 4006

Published byTamsin Henderson Modified over 6 years ago

Similar presentations

Presentation on theme: "Foot Printing / Scanning Tools Lect 4 – NETW 4006"— Presentation transcript:

1 Foot Printing / Scanning Tools Lect 4 – NETW 4006

2 Reconnaissance

3 photographic print of plans or technical drawings .
Foot printing Blueprint - photographic print of plans or technical drawings etc. photographic print of plans or technical drawings .

4 Why ? foot printing necessary
photographic print of plans or technical drawings : - something intended as a guide for making something else

5 Areas & Information which Attackers Seek
Enumeration – Details An intranet is a computing service that is run over a local area network, containing files within a webpage that is not publicly accessible to the public and requires authentication. If the intranet service can be accessed outside of a company, than it becomes an extranet, meaning that it would have a gateway to and from the internet, allowing public access to the service. Rather than being stored onto a public internet server, the extranet would be stored normally in the company's private server.

6 Information Gathering

7 People search

8 Extracting Archive of a Website
Archive – Records, Files, documents Archive – Records, Files, documents

9 Switchboard http://www.switchboard.com

10 Foot printing Thorough Job Sites

11 Cont.

12 Passive Information Gathering
A penetration test, occasionally pentest, is a method of evaluating the security of a computer system or network by simulating an attack from malicious outsiders (who do not have an authorized means of accessing the organization's systems) and malicious insiders (who have some level of authorized access). A penetration test, is a method of evaluating the security of a computer system or network by simulating an attack from malicious outsiders (who do not have an authorized means of accessing the organization's systems) and malicious insiders (who have some level of authorized access).

13 Competitive Intelligence Gathering
Subtle – slight

14 Why do you need Competitive Intelligence

15 Foot Printing Tools

16 Steps to perform Foot Printing

17 Scanning

18 Scanning - Definition

19 Types of scanning

20 Objective of scanning

21 Methodology

22 Checking for Live systems – ICMP Scanning

23 Examples of Scanning Tools
Angry IP Scanner Ping Sweep NMAP NetScan WUPS-UDP Scanner IP Scanner Global Network Inventory Scanner Inflirtrator LanView WotWeb

24 Banner Grabbing OS Fingerprinting

25 Active & Passive Passive foot printing means there’s no direct touch to the target. It’s information that you gather from other sources, not the target itself. So, going to a company’s website would be a direct touch. That wouldn’t be passive, that would be an active foot printing technique. Further examples in this distinction of passive vs. active foot printing are that active foot printing techniques directly touch things like websites. Web servers, banner grabbing web servers, banner grabbing FTP servers are examples of this. Those are the types of active foot printing. They’re still not attacks or penetration, but they’re gathering information in a more direct fashion. So pinging a site and trace routing a site so you are actually grabbing all of the information from a site is a technique called mirroring where you’re downloading every bit of data you possibly can find from a website. It may not be a security violation, but it is certainly an active attack or an active foot printing technique. Passive foot printing means there’s no direct touch to the target

26

Download ppt "Foot Printing / Scanning Tools Lect 4 – NETW 4006"

Similar presentations

NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.

NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.
Computer Security Fundamentals

Computer Security Fundamentals
Scanning Determining if the system is alive IP Scanning Port Scanning War Dialing.

Scanning Determining if the system is alive IP Scanning Port Scanning War Dialing.
Honeypot 서울과학기술대학교 Jeilyn Molina 121336101. Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.

Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.

ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Scanning February 23, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Scanning February 23, 2010 MIS 4600 – MBA © Abdou Illia.
1 Colorado University Guest Lecture: Vulnerability Assessment Chris Triolo Spring 2007.

1 Colorado University Guest Lecture: Vulnerability Assessment Chris Triolo Spring 2007.
Week 3-1 Week 3 Scanning Determine if system is alive Determine which services are running or listening Determine the OS.

Week 3-1 Week 3 Scanning Determine if system is alive Determine which services are running or listening Determine the OS.
SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.

SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Penetration Testing.

Penetration Testing.
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.
Topics  Definitions  Introduction  Structure of Web Site –Mirror Site vs Public Site –Intranet & Extranet –Information  Available tools.

Topics  Definitions  Introduction  Structure of Web Site –Mirror Site vs Public Site –Intranet & Extranet –Information  Available tools.
 Find out initial information ◦ Open Source ◦ Whois ◦ Nslookup  Find out address range of the network ◦ ARIN (American registry for internet numbers)

 Find out initial information ◦ Open Source ◦ Whois ◦ Nslookup  Find out address range of the network ◦ ARIN (American registry for internet numbers)
By Julia Nguyen B2. What is it?  Networking is two or more computers linked together  Two common types are Local Area Network (LAN) and Wide Area Network.

By Julia Nguyen B2. What is it?  Networking is two or more computers linked together  Two common types are Local Area Network (LAN) and Wide Area Network.
1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.

1 Reconnaissance, Network Mapping, and Vulnerability Assessment ECE4112 – Internetwork Security Georgia Institute of Technology.
What is FORENSICS? Why do we need Network Forensics?

What is FORENSICS? Why do we need Network Forensics?

Similar presentations

Ads by Google