06- Footprinting Flashcards
active fingerprinting
specially crafted packets are sent to the operating system get a response
Application
Is designed for end user operation. It is a program or collection of programs that provides users with access to word processors, Web browsers, picture viewer, etc.
Attack
occurs when a system is compromised based on a vulnerability by an unknown exploit
banner grabbing
can reveal compromising information about the operating system and the services that are running on the system; works by using Telnet or a proprietary program
BiLE
stands for Bi?directional Link Extractor; includes a couple of Perl scripts used in enumeration processes
DNS footprinting
allows you to obtain information about DNS zone data
DNS zone data
includes DNS domain names, computer names, IP addresses, and more information about the network
DNSstuff
DNS interrogation tool; extracts DNS information about IP addresses, mail server extensions, DNS lookups, WHOIS lookups, etc.
Enumeration
the first attack on a target network; the process to gather the information about a target machine by actively connecting to it
Ethical Hacking
testing the resources for a good cause and for the betterment of technology; another term for ?penetration testing.?
Exploit
written to take advantage of a vulnerability; could be a piece of software; a technology; or data that can cause damage or change the behavior of a computer
Firewall
Is a security system consisting of a combination of hardware and software which limits the exposure of a computer or computer network to attack from crackers; commonly used on local area networks that are connected to the Internet. It is a tool that provides security to a network against unauthorized access from the Internet or other outside networks
footprinting
the first step in hacking; the process of collecting information about a target network and its environment
A popular search engine
Google hacking
refers to creating complex search engine queries; An attacker can try to find websites that are vulnerable to exploits and vulnerabilities
Google Hacks
a compilation of carefully crafted Google searches that expose novel functionality from Google’s search and map services
Goolink Scanner
removes the cache from your searches, and collects and displays only vulnerable site’s links
Gooscan
a tool that automates queries against Google search appliances
Hackers for Charity
a group of technologists who have sourced their information from various sources and maintain a GHDB
Hacking
a loaded term that in some ways defies definition. Very simply, it is an intrusion upon a system. In some cases, as with Certified Ethical Hackers, this intrusion is solicited for the purposes of defining and ultimately resolving network vulnerabilities. Still, in others, hacking denotes unauthorized access. In some cases, the term “hacker” is used synonymously with “programmer”
Initial information gathering
Gathering information available in the outside world about any organization
Intrusion Detection System (IDS)
Can either be implemented as hardware or software and is responsible for monitoring a network and defining various activities as either valid, allowed activities or malicious activities, all based on predefined rules
Intrusion Prevention System (IPS)
an active IDS; the next level of security technology with its capability to provide security at all system levels from the operating system kernel to network data packets
IP addresses
used to find the machines in a network
IPSec (Internet Protocol Security)
a collection of protocols to support data packet exchange at the IP layer
Linux
the number one OS used for hacking and penetration testing; started in 1991 by Finnish student Linus Torvalds
Maltego
a platform that gives you a clear threat picture to the environment that an organization owns and operates; footprinting tool
Malware
any type of program that is created with the intent to cause damage, steal data, or abuse computer system resources; includes computer viruses, worms, and Trojan horses
map
provides the hacker with a blueprint of the organization?s security profile
Metagoofil
performs a search in Google to identify and download the documents to a local disk and then extracts the metadata with different libraries such as Hachoir and PdfMiner
Netcat
known as the Swiss Army knife for hackers because it can perform many different tasks all in one small program
Netcraft
a wide neighborhood watch scheme; enables anyone who is alert at that moment to defend everyone within the community against phishing attacks
network scanning
scanning the private and public network; Most of the techniques are developed to scan internally and quite a few have the ability to scan the public network and give reliable results.
Nmap
considered one the best available tools for security scanning; free and open source and works on Linux, Windows, and Mac OS X
operating system
A software system which manages the interaction between users and hardware
passive fingerprinting
try to sniff a packet and try to understand the operating system and its version
Patch
a fix to a vulnerability
Pen testers
Penetration testers; people who perform penetration testing, also called Ethical Hackers
Penetration testing
also referred to as ethical hacking; however, the validity of the term ?ethical hacker? is debated still today. The primary difference between penetration testing and vulnerability scanning is that penetration testing actually exploits a vulnerability and access to a target resource is obtained to prove without a doubt that the system or resource is vulnerable to attack. As with vulnerability scanning, penetration scanning should occur routinely and only with the permission of the owner whose systems and network are being targeted. Penetration testing can be carried out using a wide range of tools or with a vendor provided solution
Phishing
Any type of situation where an individual or application is posing as something it is not for the purpose of gaining personal information from a user
Ping
used to know if the host computer you are trying reach is actually operating; a built?in command on the Operation System
reconnaissance
The process of information gathering
Security
should protect against vandalism, theft, and attacks by individuals
SiteDigger
searches Google’s cache to look for vulnerabilities, errors, configuration issues, proprietary information, and interesting security nuggets on websites
Sniff
Is the process of monitoring data travel on a network for constructive or malicious purposes
Social engineering
The art of convincing people to disclose sensitive information using social methods of communication. The information is generally exploited by attackers to gain access to a system or network
Social Engineering Attacks
Social engineering is a form of hacking exploiting human vulnerabilities. There are several types of social engineering attacks, such as pretexting (inventing a scenario), phishing (appearing as a legitimate authority) and quid pro quo (offering a service in return for the requested information), but all have the same goal: divulging sensitive information
SQL injection
can give access to the data with privileges to create, read, update, alter, delete, and/or steal data from the database
Telnet
A program that allows for remote access to another system’s terminal. It is a specialized protocol in terminal emulation which allows the client to appear to be directly connected to a server
Vishing
used to get information by calling potential victims to share the confidential information
Vulnerability
a weak link in the software, settings, etc., through which, if not fixed early, someone can get access to the computer, application, and/or network and can cause damage
WHOIS
a query and response based protocol used to query databases that store registered users,assignees, and owners of internet resources