Skip to main content

Footprinting In Hacking

Footprinting in hacking is the process of studying an organization or system, with the aim of collecting valid or genuine information, which gives the attacker a clue and can help him find the vulnerability in the system.

This is the first step in any systematic hacking approach. Attacker or ethical hacker will spent time in this stage carefully, because slit mistake in footprinting might leads to wastage of time, which can lead to the failure of the attack.

After collecting data, hacker needs to spend time verifying and updating the extracted data. Attacker that doesn't update the data collected, might end-up doing nothing. How? Because the organization or individual can migrate from the known system. Thus leaving him with useless information.

Steps to ensure Proper Information retrieval

Since this stage is all about passive information gathering, below are the best practice that will leads to extracting the most genuine information.

Carefully collect public available information regarding the target system or organization. Information like host, network information, location of devices, physical security etc.
Attacker must find out the OS (operating system) used on the host devices and the server respectively. Applications installed on the server are also not left out. Remember servers are as important as the application software installed.
Attacker have to get an insight regarding the network. Knowing whether the organization permits remote network access, uses WIFI, knows the network topologies in use etc.
Extracting the IP address and other network information. Networking tools like Traceroute (tracert in windows), Ping, tenet etc. will really give a helping hand here.
Study the organization set-up. Sometimes the simplest way to hack into any system is to meet non technical staff of an organization.
In the case of web hacking, online tool like builtwith can surely help in information gathering.
Issue queries like Whois, DNS, network and organizational queries, will definitely help. especially regarding knowing the networking strength and how to overcome it.
Certain sites helps in getting information on the target. Site like zabasearch.com (this contains names, addresses, phone numbers, date of birth and other individuals information), anywho.com (this offer phone book forwards and lookup) will really help in getting information on the employees.
Attacker should locate vulnerability on the existing system which can help in success of the attack.

References: Sybex CEH, Ehacking
Tobe continued
Join Us on Facebook: ICTmagazine BBM Chanel: ICTmagazine

Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

Powerful words from Steve Jobs on his sick bed

Powerful message. Steve Jobs’ Last Words - I reached the pinnacle of success in the business world. In others’ eyes, my life is an epitome of success. However, aside from work, I have little joy. In the end, wealth is only a fact of life that I am accustomed to. At this moment, lying on the sick bed and recalling my whole life, I realize that all the recognition and wealth that I took so much pride in, have paled and become meaningless in the face of impending death. In the darkness, I look at the green lights from the life supporting machines and hear the humming mechanical sounds, I can feel the breath of god of death drawing closer… Now I know, when we have accumulated sufficient wealth to last our lifetime, we should pursue other matters that are unrelated to wealth… Should be something that is more important: Perhaps relationships, perhaps art, perhaps a dream from younger days ... Non-stop pursuing of wealth will only turn a person into a twisted being, just l...
Post a Comment
Read more

How to Send SMS to any number anonymously

In this technology era, many of us want to send messages anonymously! the reasons might be maintaining privacy, franking etc. But many sees it as impossible! Today I'm going to take you through steps to send SMS/Text message without exposing your identity. This method is actually based on sending SMS using some online websites that will allow you to send SMS without entering any personal details. So just have a look on the websites to send free Anonymous SMS. List of Websites To Send Anonymous SMS To Any Number :- 1   Seasms.com This is the one of the best site that supports 160 character message to send to any number online and you will not need to register any personal details and can send free SMS to any of number. Must try this. 2   Spicesms.com This site only allows you to send SMS in india. The message service of this site is very fast as the message will be send instantly to the receiver end. 3   Smsti.in This website allows to send SMS in...
Post a Comment
Read more

Turn your Word doc into a PDF with a live table of contents

A long report needs to be broken up into sections. Readers will want shortcuts to the chapters that most interest them. So, if you’re distributing your reports as PDFs, you’ll want live tables of contents in which readers can easily go to the chapters they want to read. Fortunately, this is easy to do in Word 2010 or 2013 (I haven’t tested this in earlier versions). First of all, you need to set up your document properly. Use Word’s outline styles— Heading 1, Heading 2 , and so on—to organize your report. For instance, you might want to assign large section titles as Heading 1, chapter titles as Heading 2, sub-chapters as Heading 3, and so on. By the way, using these headings has other advantages. You can select View>Outline and work on your document as a collapsible outline. Also, the left tab of the Navigation pane uses these styles. But back to the table of contents. When you’re ready to distribute your document, select the References tab and click...
Post a Comment
Read more