4 - FootPrinting and Social Engineering Flashcards
What is ‘casing the joint’
– Look over the location
– Find weakness in security systems
– Types of locks and alarms used
What is footprinting?
Finding information on company’s network. It can be Passive and nonintrusive eg. you aren’t accessing information illegally or gathering unauthorized information with false credentials
– Several available Web tools eg. Google groups, FOCA
Conducting Competitive Intelligence
A means of gathering information about a business or an industry
by using observation, accessing public information, speaking with employees, and so on.
As a security tester you should be able to explain methods used to gather information.
Analyzing company’s website
Easy way for attackers to discover critical information about an organization. Tools: Paros - Powerful tool for UNIX and Windows OSs - Requires Java J2SE Whois - Commonly used - Gathers IP address and domain information - Attackers can also use it
How can you use email addresses?
- Help retrieve even more information
- You can find e-mail address format and guess other employees’ e-mail accounts
- Tool to find corporate employee information: Groups.google.com
HTTP operates on port ____
80
Name a HTTP method
GET/ HTTP/1.1
What is a HTTP command
A security tester can pull information from a Web server by using HTTP commands.
Other methods of gathering information?
A URL: – Web server – OS – Names of IT personnel Other methods: – Cookies – Web bugs
What is Social Engineering?
“Why try to crack a password when you can simply ask for it?”
Using an understanding of human nature to get information from people. eg. Obtaining passwords/personal information through different tactics.
Tactics used in social engineering?
– Persuasion
– Intimidation
– Coercion
– Extortion/blackmailing
Social engineers study human behavior.
They can recognise personality traits such as shyness or insecurity, they can also understand body language such as slouched shoulders, avoidance of eye contact, nervous fidgeting.
5 Techniques?
- Urgency
- Quid pro quo
- Status quo
- Kindness
- Position
Shoulder surfing
Skilled at reading what users enter on their keyboards, especially logon names and password. eg. PINs at ATM machines.
Tools used for shoulder surfing
- ## Binoculars or high-powered telescopes to observe PINs being entered
How to prevent shoulder surfing?
- Educate users to avoid typing when someone is nearby or talking on cell phone nearby.
- Make sure all computer monitors face away from the door or the cubicle
entryway
What is dumpster diving?
Attacker examines and finds information in victim’s trash. eg. – Discarded computer manuals – Passwords jotted down – Company policy – Utility bills – Resumes
How to prevent dumpster diving?
- Educating your users on the importance of proper trash disposal
– Format disks before disposing them
– Discard computer manuals offsite
– Shred documents before disposal
What is piggybacking?
A method attackers use to gain access to restricted areas in a company. The
attacker follows an employee closely and enters the area with that employee
How to prevent piggybacking?
- Use turnstiles
– Train personnel to notify security about strangers
– Do not hold secured doors for anyone, even people they know
– All employees must use access cards
Phishing
A type of attack carried out by e-mail; e-mails includes links to fake Web sites intended to entice victims into disclosing private information or installing malware
What is DNS?
Domain Name System (DNS) resolves host names to IP addresses
What is Zone transfer
It can be used to get information about a network’s topology and view all the network’s host computers and domains.
Determine a company’s primary DNS server,
You can look for a DNS server containing a Start of Authority (SOA) record. You can perform another zone transfer to see all host computers on the company network