8.2 Conclusion

 <  Day Day Up  >  

These reconnaissance techniques save a lot of time and effort during an actual attack. When you have the proper written permissions, these methods are invaluable in professional penetration testing. To review, the steps may be performed as follows :

  1. Design an attack plan that includes a detailed role for reconnaissance.

  2. Think through the reconnaissance phase.

  3. Start the noninteractive reconnaissance first, with a focus on further reconnaissance steps.

  4. Get closer to your target (e.g., using DNS queries).

  5. Get inside, but stay off the radar with anonymous email reconnaissance.

  6. Get your anonymous proxy list out; probe the target networks (using traceroute, direct DNS queries, web site analysis, etc.).

  7. Analyze the collected material and update the attack plan.

Following this simple recipe saves you from groping around in the dark and, hopefully, leads to cleaner and more effective penetration testing.

 <  Day Day Up  >  


Security Warrior
Security Warrior
ISBN: 0596005458
EAN: 2147483647
Year: 2004
Pages: 211

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net