What is Footprinting?

·       


Footprinting refers to the process of gathering information about a specific computer system or a network environment and the company it belongs to.


·    This is the preparatory phase for the hacker where he gathers as much information as he can so as to find ways to intrude into the target.


·    Footprinting can reveal the vulnerabilities of the target system and improve the ways in which they can be exploited.


     Footprinting has to be done in a slow and methodological manner where the hacker spends 90% of his time in blueprinting the security profile of the target and only 10% in launching the attack. Footprinting can actually help hacker decide on the type of attack that is most suitable for the target.


INFORMATION GATHERING METHODOLOGY

Obtaining the Domain Name Information

Various background information about the target website (domain name) such as the name of its owner and registrar, date of its registration, expiry date, name servers associated, contact details associated with it such as email, phone and address can be found out by performing a Whois lookup. The following are some of the popular websites where you can perform Whois lookup on any domain to uncover its background information:



https://who.is/

A sample Whois Lookup performed on “www.info-website.net” at http://www.whois.com/whois/ shows the following information:





Finding IP Address and Hosting Provider

Information such as the IP address of the website and its hosting provider can be very crucial. This can be easily found out using the following website:

Just visit the above website and enter the domain name of your choice to obtain its IP address as well as the name of its hosting provider as shown below.
          


As you can see from the above snapshot, a query on “www.info-website.net” reveals its IP addresshosting provider and also the name servers associated with it.

Finding IP Address Location

Finding out the physical location of the IP address is very simple. Just visit the following website and enter the target IP address to reveal its physical location:


A snapshot of sample query for the IP address 199.79.62.128 on ip2location.com website is shown below:



Finding IP Address Range

While small websites may have a single IP address, big players such as Google, Facebook and Microsoft have a range of IP addresses allocated to their company for hosting additional websites and servers. This range of information can be obtained from the official website of American Registry for Internet Numbers (ARIN). The URL for the
ARIN website is listed below:

ARIN Website: https://www.arin.net/

Visit the above URL and insert the IP address of any given website in the “Search Whois” box found at the top right corner of the web page. Here is a snapshot showing the results of a sample query performed on the Info-website's IP address 199.79.62.128




Traceroute
Traceroute is a network diagnostic tool to identify the actual path (route) that the information (packets) takes to travel from source to destination. The source will be your own computer called localhost. The destination can be any host or server on the local network or Internet.
The traceroute tool is available on both Windows and Linux. The command syntax for

Windows is as follows:
tracert target-domain-or-IP


The command syntax for Linux is as follows:
traceroute target-domain-or-IP

Usually, the transfer of information from one computer to another will not happen in a single jump. It involves a chain of several computers and network devices called hops to transmit information from source to destination. Traceroute identifies each hop on that list and the amount of time it takes to travel from one hop to another. A snapshot of the traceroute performed on "www.info-website.net” using a Windows computer is shown below:


As shown in the above snapshot, the traceroute tool identifies all the hops present in the path traversed by packets from source to destination. Here 10.0.63.254 is the private IP and 14.140.14.13 is the public IP of the source (my computer). 199.79.62.128  is the destination IP address (Info-website's server). All the remaining IP addresses shown in between the source and the destination belong to computers that assist in carrying the information.


Obtaining Archive of the Target Website

Getting access to the archive of the target website will let you know how the website was during the time of its launch and how it got advanced and changed over time. You will also see all the updates made to the website, including the nature of updates and their dates. You can use the WayBackMachine tool to access this information.

WayBackMachine: http://archive.org/web/

Just use the above link to visit the WayBackMachine website and type in the URL of the target website. You should get a list of archives of the website listed in a month by month and yearly basis as shown in the snapshot below:





SHARE

Chetan Sundarde

What's hurts more, the pain of hard work or the pain of regret?

  • Image
  • Image
  • Image
  • Image
  • Image