·
Footprinting refers to the process of
gathering information about a specific computer system or a network environment
and the company it belongs to.
Footprinting has to be done in
a slow and methodological manner where the hacker spends 90% of his time in
blueprinting the security profile of the target and only 10% in launching the
attack. Footprinting can actually help hacker decide on the type of attack that
is most suitable for the target.
· This is the preparatory phase for
the hacker where he gathers as much information as he can so as to find ways to
intrude into the target.
· Footprinting can reveal the
vulnerabilities of the target system and improve the ways in which they can be
exploited.
INFORMATION GATHERING METHODOLOGY
Obtaining the Domain Name
Information
Various background information about the target website (domain
name) such as the name of its owner and registrar, date of its
registration, expiry date, name servers associated, contact details associated with it such as email, phone and address can be found out by performing a Whois lookup. The
following are some of the popular websites where you can perform Whois lookup
on any domain to uncover its background information:
https://who.is/
A sample Whois Lookup performed on “www.info-website.net” at http://www.whois.com/whois/ shows
the following information:
Finding IP Address and Hosting Provider
Information such as the IP address of the website and its hosting provider can be very crucial. This can be easily found out using the following website:
Just visit the above website and enter the domain name of your choice to obtain its IP address as well as the name of its hosting provider as shown below.
As you can see from the above snapshot, a query on “www.info-website.net” reveals its IP address, hosting provider and also the name servers associated with it.
Finding IP Address Location
Finding out the physical location of the IP address is very simple. Just visit the following website and enter the target IP address to reveal its physical location:
IP2Location: http://www.ip2location.com/demo
A snapshot of sample query for the IP address 199.79.62.128 on ip2location.com website is shown below:
Finding IP Address Range
While small websites may have a single IP address, big players
such as Google, Facebook and Microsoft have a range of IP addresses allocated
to their company for hosting additional websites and servers. This range of
information can be obtained from the official website of American Registry for Internet Numbers (ARIN). The URL for the
ARIN website is listed below:
ARIN Website: https://www.arin.net/
Traceroute
Traceroute is a network
diagnostic tool to identify the actual path (route) that the information
(packets) takes to travel from source to destination. The source will be your
own computer called localhost.
The destination can be any host or server on the local network or Internet.
The
traceroute tool is available on both Windows and Linux. The command syntax for
Windows
is as follows:
tracert target-domain-or-IP
The
command syntax for Linux is as follows:
traceroute target-domain-or-IP
Usually,
the transfer of information from one computer to another will not happen in a
single jump. It involves a chain of several computers and network devices
called hops to
transmit information from source to destination. Traceroute identifies each hop
on that list and the amount of time it takes to travel from one hop to another.
A snapshot of the traceroute performed on "www.info-website.net” using a Windows computer
is shown below:
Obtaining Archive of the Target Website
Getting access to the archive of the target website will let you
know how the website was during the time of its launch and how it got advanced
and changed over time. You will also see all the updates made to the website,
including the nature of updates and their dates. You can use the WayBackMachine tool to access this information.
WayBackMachine: http://archive.org/web/
What's hurts more, the pain of hard work or the pain of regret?
0 comments:
Post a Comment