CEHv8 BOOTCAMP: MODULE 02-FOOTPRINTING AND RECONNAISSANCE_SET-1 Flashcards
What is Open Source (Passive) Information Gathering?
Collecting information about a target from the publicly accessible sources.
What is Anonymous Footprinting?
Gathering information from sources where the author of the information can’t be identified or traced.
What is Organizational (Private) Footprinting?
Collecting information from an organizations web-based calendar and email services.
What is Active Information Gathering?
Gathering information through social engineering on-site visits, interviews, and questionnaires.
Pseudonymous Footprinting?
Collecting information that might be published under a different name in an attempt to preserve privacy.
Internet Footprinting?
Collecting information about a target from the internet.
What is Footprinting?
The process of collecting as much information as possible about a target network, for identifying various ways to intrude into an organization’s network system.
What are the processes involved in Footprinting a target?
- Collect basic information about the target and it’s network.
- Determine the OS used, platforms running, web server versions, etc.
- Perform techniques such as WHOIS, DNS, network and organizational queries.
- Find vulnerabilities and exploits for launching attacks.
What are 4 things that Footprinting does for an attacker?
- Know Security Posture
- Reduced Attack Area
- Build Information Database
- Draw Network Map
What are the 3 objectives of Footprinting?
- Collect Network Information
- Collect System Information
- Collect Organization’s Information
What information can be gathered when collecting Network Information?
- Domain name
- Internal Domain names
- Network blocks
- IP addresses of the reachable systems
- Rogue websites/private websites
- TCP and UDP services running
- Access control Mechanisms and ACL’s
- Network Protocols
- VPN Points
- ACL’s
- IDS’s running
- Analog/Digital telephone numbers
- Authentication mechanisms
- System Enumeration
What information can be gathered when collecting System Information?
- User and group names
- System banners
- Routing tables
- SNMP Information
- System architecture
- Remote system type
- System names
- Passwords
What information can be gathered when Collecting Organization’s Information?
- Employee details
- Organization’s website
- Company Directory
- Location details
- Address and phone numbers
- Comments in HTML source code
- Security Policies Implemented
- Web server links relevant to the organization
- Background of the organization
- News articles/press releases
What can an attacker gather from Footprinting techniques?
Valuable system and network information such as account details, operating system and installed applications, network components, server names, database schema details, etc.
What are 6 types of Footprinting Threats?
- Social Engineering
- System and Network Attacks
- Information Leakage
- Privacy Loss
- Corporate Espionage
- Business Loss
What information can be collected through use of Footprinting through Search Engines?
Information about a target such as: • Technology platforms • Employee details • Login pages • Intranet portals, etc.
What can search engines provide?
Sensitive information that has been removed from the World Wide Web (WWW).
What can the information collected from a target’s website enable an attacker to do?
To build a detailed map of website’s structure and architecture.
What do web mirroring tools allow you to do?
- Download a website to a local directory.
- Building recursively all directories.
- HTML.
- Images.
- Flash
- Videos
- And other files from a computer.
What can mirroring an entire website can enable an attacker to do?
- Dissect and identify vulnerabilities.
* Assists in finding directory structure and other valuable information without multiple requests to web servers.
Where can you find archived versions of websites?
http://www.archive.org
What does Website Watcher do?
Automatically checks website pages for updates and changes.
