Presentation is loading. Please wait.

Presentation is loading. Please wait.

Learning objectives By the end of this unit you should: Explain

Published byPhilip Alexander Modified over 5 years ago

Similar presentations

Presentation on theme: "Learning objectives By the end of this unit you should: Explain"— Presentation transcript:

1 Learning objectives By the end of this unit you should: Explain
Computer Science – Term 2 Learning objectives By the end of this unit you should: Explain Explain the concept of footprinting. Identify Identify the process of footprinting. List List the different types of footprinting. Identify the tools of footprinting. Understand Understand the footprinting search engine method. 11/28/2018

2 Key Terms Footprinting DNS Host Command prompt Social engineering
Computer Science – Term 2 Key Terms Footprinting DNS Host Command prompt Social engineering 11/28/2018

3 Computer Science – Term 2
Footprinting: Is uncovering and collecting as much information as possible regarding a target network. The first key Term 11/28/2018

4 Computer Science – Term 2
What is footprinting? Footprinting (also known as Reconnaissance) is the first and most convenient critical component of penetration testing. An ethical hacker uses this to gather information about: a computer system. a company. an organization or government network system. The purpose of footprinting is to learn as much as you can about the target system, its remote access capabilities, ports and services. 11/28/2018

5 What is footprinting? Footprinting can be both active or passive.
Computer Science – Term 2 What is footprinting? Footprinting can be both active or passive. Active footprinting is creating devices, endpoints or systems and services within the target environment directly which can be logged. Passive footprinting is using publicly available information on the internet which often doesn’t even come close to the target environment. Active footprinting Passive footprinting 11/28/2018

6 Why is footprinting necessary?
Computer Science – Term 2 Computer Science – Term 2 Why is footprinting necessary? Footprinting is performed in the pre-attack phase and is necessary to: systematically and methodically ensure that all pieces of information related to the technologies are identified. build a database of information about the target. help in the reporting phase at the end of the penetration test. show how much information is publicly available. 11/28/2018

7 Why do businesses need to do footprinting?
Computer Science – Term 2 Computer Science – Term 2 Why do businesses need to do footprinting? Businesses must use this technique to see what their vulnerabilities are and where they are located. A question form the book : They can address them and make changes in the business policy and To protect their business. 11/28/2018

8 Computer Science – Term 2
The UAE Cyber Security The UAE Cyber Security Law enforces strict punishments for: the violation of ethics. gaining unauthorized access to any computer system, network or organisation. related illegal activities. 11/28/2018

9 Objectives of footprinting
Computer Science – Term 2 Computer Science – Term 2 Objectives of footprinting What information does the ethical hacker try to gather in footprinting? A question form the book 11/28/2018

10 Objectives of footprinting
Network DNS IP Networks Accesable System Website Access Control VPN End Point Firewall Vendors IDS Systems Routing /Routed Protocols Phone System (Analog, VoIP) Host Listening Services Operating System Versions Internet Reachability Enumerated Information SNMP Users/Groups Mobile devices Organisation Organisation Structure Websites Phone Numbers Directory Information Office Location Company History Business Associations Financial Information Computer Science – Term 2 Objectives of footprinting The main objective of footprinting is to get a complete view and as much information as possible about the specific target to set up the path that will be taken to execute the attack in the later phase. The information that the ethical hacker is trying to collect is: network information. information about the host (System Information). Information about the organization. 11/28/2018

11 Host: A computer or other device connected to a computer network.
Computer Science – Term 2 Computer Science – Term 2 Host: A computer or other device connected to a computer network. Second Key Term 11/28/2018

12 Exercise 2.1: The objectives of footprinting.
Computer Science – Term 2 Computer Science – Term 2 Exercise 2.1: The objectives of footprinting. Check the appropriate field next to each Collected information to indicate the type of Footprinting it describes. Collected information Network Information Host information Organisation Information Domain name User and group names ACLs SNMP information Company directory News articles/press releases Passwords System names Location details Address and phone numbers TCP and UDP services running Routing tables 11/28/2018

13 Process of footprinting
Computer Science – Term 2 Computer Science – Term 2 Process of footprinting Find vulnerabilities and exploits for launching attacks. Perform techniques such as Whois, DNS, network and organizational queries. Determine the operating system used, platforms running, web servers version, etc. Collect basic information about the target and its network. During footprinting, an ethical hacker essentially attempts to gather as much information about a target system as possible, using the following steps: 11/28/2018

14 Computer Science – Term 2
DNS (domain name system): Is hierarchical naming system built on a distributed database. Transforms domain names to IP addresses and makes it possible to assign domain names to groups of internet resources and users, regardless of the entity’s physical location. Third Key Term 11/28/2018

15 Activity 2.1: The first step for an ethical hacker.
Computer Science – Term 2 Computer Science – Term 2 Activity 2.1: The first step for an ethical hacker. Imagine that you started your job as an ethical hacker in a company. Imagine your manager asks you to do a penetration test to for a target. Specify the information you would gather first. Answer: Checking if the company has a firewall, intrusion detection system or any sort of preventive mechanisms, that will prevent the attack. 11/28/2018

16 Computer Science – Term 2
Internet Intranet Extranet Remote access Footprinting types domain names, network blocks, IP addresses of reachable systems, the TCP and UDP services running, system architecture, the ACL, IDS running, and system enumeration. networking protocols, internal domain names, network blocks, IP addresses of reachable systems, TCP and UDP services running, system architecture, the ACL, IDS running, and system enumeration. connection origination and destination, the type of connection, and access control mechanisms. analog/digital telephone numbers, the remote system type and authentication mechanisms. 11/28/2018

17 Computer Science – Term 2
There are two ways of collecting information from a network, organisation or host. Footprinting types: 11/28/2018

18 Exercise 2.2: Footprinting types.
Computer Science – Term 2 Computer Science – Term 2 Exercise 2.2: Footprinting types. For each kind of information collected, check the appropriate box to indicate the area from where the ethical hacker gathered it. Collected information Internet Intranet Extranet Remote access Networking protocols Analog/Digital telephone numbers The type of connection User and group names Internal domain names Access control mechanisms Authentication mechanisms Routing tables System banners 11/28/2018

19 Footprinting techniques/tools
Computer Science – Term 2 Computer Science – Term 2 Footprinting techniques/tools There are different tools\techniques for identifying IP addresses, sub-domains, devices and technologies. WHOIS Lookup Technique Search Engine technique Netcraft technique DNS Footprinting – MX Entry Technique Network Technique Social Engineering Technique 11/28/2018

20 WHOIS Lookup Technique
Computer Science – Term 2 Computer Science – Term 2 WHOIS Lookup Technique Whois lookup is a technique for gathering information in the footprinting phase. Whois information is based upon a tree hierarchy. There are many Whois lookup tools available on the net in the form of websites but some operating systems like Windows and Linux, have them in the form of a command line program. Whois can reveal information about servers, which website is hosted and its location, and also display the name, address and contact numbers of technical staff, the domain owner and the domain registrar. 11/28/2018

21 Computer Science – Term 2
Whois lookup tool For lookup in or You can type in the domain name or IP address. To search for a domain name registration record, enter the URL in the search field and click on search. When you perform a domain lookup, you get information regarding that domain. It will show you the domain, organisation, domain name server details, phone numbers, fax and other details. Sometimes it will show the administrator details which can be very useful if you want to perform social engineering activities. 11/28/2018

22 Computer Science – Term 2
UAE Law Article (5) Whoever gains access to a website without authorization intending to change its designs, or delete, destroy or modify it, or occupy its address shall be punished by imprisonment and by a fine not less than one hundred thousand dirhams and not in excess of three hundred thousand dirhams or either of these two penalties. 11/28/2018

23 Computer Science – Term 2
whois Command The domain information will show up as below: For lookup in an operating system type the following command: Syntax: whois [URL] 11/28/2018

24 Search engine technique
Computer Science – Term 2 Computer Science – Term 2 Search engine technique Use a search engine to gather information about the target, such as technology platforms, employee details, login pages, intranet portals, and more. Any search engine has its own syntax. To search and collect information, you can use some of the search operators\commands as follows. This can reveal a great amount of information, and help the ethical hacker to locate detailed information such as employee details, company policies and online hidden webpages. 11/28/2018

25 Example 2.1: List the available domains
Computer Science – Term 2 Computer Science – Term 2 Example 2.1: List the available domains To list the available domains under the smartcarsuae website go to a search engine and write ‘smartcaruae’ in the search field. Then, press enter. The website information will show up like this. 11/28/2018

26 Computer Science – Term 2
Ethilab Activity : Search engine Imagine you are an ethical hacker hired by the Futuresmarteducation.com company in the UAE to assure the security of the company information system. Today you are going to perform footprinting using search engine commands, and your target is to collect the information below. Futuresmarteducation.com is the company’s website. The website The list of website directories The list of the configuration files The list of the database files The list of the log files The list of the backup and old files The list of the login pages The list of the document files 11/28/2018

27 Computer Science – Term 2
Netcraft Technique Netcraft tool This technique provides data about nearly every website and can be extremely useful for penetration testers. On the right side of the website, there is a prompt which asks: What is the site running? This is the Netcraft site’s report toolbar in which you can type the domain or site and it will return information about it. If you type in the domain, it will present the websites that are related to that specified domain. You can click on those websites to open a site report about them. 11/28/2018

28 DNS footprinting – MX entry technique
Computer Science – Term 2 Computer Science – Term 2 DNS footprinting – MX entry technique Domain Name System (DNS) can reveal information about MX (host/domain) mail exchanges which indicates what application services are being used. This information can be used later to exploit mail services and accounts. An example of a DNS lookup website is which is used to search for a domain name and IP address. 11/28/2018

29 Computer Science – Term 2
Network technique This command is used to extract the IP address and identify if the target site is online. Login into the operating system commands prompt screen, and write Ping then the URL. Syntax: Ping [URL] Ping Command 11/28/2018

30 Example 2.2: Gather the IP address
Computer Science – Term 2 Computer Science – Term 2 Example 2.2: Gather the IP address To gather the IP address of the URL smartcarsuae.com. Write ‘ping Smartcarsuae.com’ in the windows command screen. 11/28/2018

31 Computer Science – Term 2
Network technique This command is us to find DNS details, including: the IP addresses of a particular computer. the MX records for a domain. the NS servers of a domain. The name nslookup means: ‘name server lookup’. Login into the operating system command prompt screen and type : server and the IP address. Syntax: Server [IP address] NSLOOKUP Command 11/28/2018

32 Computer Science – Term 2
NSLOOKUP Command For example, to collect the server information using the IP address from the smarcarsuae.com company’s website, type: Server Set q=mx Command This technique is used to retrieve mail server information, you can use the following commands to get the mail server name. Syntax: Set q=mx 11/28/2018

33 Example 2.3: retrieve the mail server information
Computer Science – Term 2 Computer Science – Term 2 Example 2.3: retrieve the mail server information To retrieve the mail server information for smarcarsuae.com company website type: set q=mx 11/28/2018

34 Computer Science – Term 2
Ethilab Activity After collecting the company URL using the search engine command, you now need to collect the following information about Futuresmarteducation.com to ensure the security of the information on the company network. 1. The IP address of the site 2. Identify the hosting site and domain name servers that the Futuresmarteducation.com site is linked to. 3. The IP address of the domain name server 4. Connect to the target’s domain name server 11/28/2018

35 Computer Science – Term 2
Network technique This command is used to show : the IP address. the Name. the time it takes to reach each host and return a response. This gives a clear picture of the path to connect to the remote host and the time it took. Traceroute Command 11/28/2018

36 Social engineering technique
Computer Science – Term 2 Computer Science – Term 2 Social engineering technique Social engineering is a non-technical attack, but it involves tactics for trapping a victim. This is a technique used to gain important information about an organization such as: the departments the employees belong to and their extension numbers. addresses. and their job titles. This is the art of manipulating people to reveal confidential information and involves gaining their trust. 11/28/2018

37 Computer Science – Term 2
Social engineering: An attack vector that relies on human interaction, breaking normal security procedures to obtain confidential information. 4th Key Term 11/28/2018

38 Computer Science – Term 2
Reflection Student reflection List three things you have learned about, and two things you have enjoyed doing. Key skills reflection State what ethical hacking is and identify some advantage for it. Key Terms Integrity: guarding against improper information modification or destruction Confidentiality: preserving authorized restrictions on access and disclosure Availability: ensuring timely and reliable access to and use of information Exploit: defined way to breach the security of an IT system through vulnerability Vulnerability: existence of a weakness, design or implementations error that can lead to an unexpected and undesirable event Attack: any action that violates security 11/28/2018

39 End-of-unit assessment
Computer Science – Term 2 Computer Science – Term 2 End-of-unit assessment 1. Define information security. 11/28/2018

40 End-of-unit assessment
Computer Science – Term 2 Computer Science – Term 2 End-of-unit assessment 2. List the categories of threat. 11/28/2018

41 End-of-unit assessment
Computer Science – Term 2 Computer Science – Term 2 End-of-unit assessment 3. Define attack vector. 11/28/2018

42 End-of-unit assessment
Computer Science – Term 2 Computer Science – Term 2 End-of-unit assessment 4. Define ethical hacking. 11/28/2018

43 End-of-unit assessment
Computer Science – Term 2 Computer Science – Term 2 End-of-unit assessment 5. Draw the process of ethical hacking/penetration testing. 11/28/2018

Download ppt "Learning objectives By the end of this unit you should: Explain"

Similar presentations

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.

Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Network security policy: best practices

Network security policy: best practices
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.

Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.
Penetration Testing.

Penetration Testing.
Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.

Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
1 Kyung Hee University Prof. Choong Seon HONG Network Control.

1 Kyung Hee University Prof. Choong Seon HONG Network Control.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.
Www.TASK.to GOOGLE HACKING FOR PENETRATION TESTERS Chris Chromiak SentryMetrics March 27 th, 2007.

GOOGLE HACKING FOR PENETRATION TESTERS Chris Chromiak SentryMetrics March 27 th, 2007.
Cryptography and Network Security

Cryptography and Network Security

Similar presentations

Ads by Google