Summary


Recap

  • Information gathering phase can be categorized broadly into seven phases.

  • Footprinting renders a unique security profile of a target system.

  • Whois, ARIN can reveal public information of a domain that can be leveraged further.

  • Traceroute and mail tracking can be used to target specific IP and later for spoofing.

  • Nslookup can reveal specific users and zone transfers can compromise DNS security.

A word of precaution: While using a web interface for reconnaissance, make sure you are on an isolated network or test machine (such as one with a dial-up). This is because though the web server allows for anonymity, the client IP will be registered with the web server. If the web host is someone looking for target machines, the IP might be the first lead in his reconnaissance. Of course, this does not apply to organizations that run this as a professional service.




Staf of EC-Council - Ethical Hacking Student Courseware. Certidied Ethical Hacker-Exam 312-50 (EC-Council E-Business Certification Series)
Staf of EC-Council - Ethical Hacking Student Courseware. Certidied Ethical Hacker-Exam 312-50 (EC-Council E-Business Certification Series)
ISBN: N/A
EAN: N/A
Year: 2003
Pages: 109

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net