Lesson 3:Reconnaissance and Intelligence Gathering Flashcards
The process of attempting to contact each network port on the target system and see which ones are open is called as
port scanning.
There are 1,024 well-known ports that are
usually associated with specific services.
The Metasploit framework is a very powerful tool that can be used by cybercriminals as well as ethical hackers to
probe systematic vulnerabilities on networks and servers.
Syslog is a protocol used to send
system log or event messages to a specific server.
netstat
A command-line tool for monitoring network connections both incoming and outgoing as well as viewing routing tables, interface statistics, and so on.
access control list (ACL)
A list that specifies which users or system processes have access to a specific object, such as an application or a process, in addition to what operations users can perform.
Whois
provides information about a domain’s registrar and physical location. This information includes an organization’s physical address, registrar, contact information, and other details.
netflow
A Cisco network protocol that collects IP traffic information, allowing network traffic monitoring.
passive fingerprinting
A type of fingerprinting that relies on logs and other existing data, which may not provide information needed to fully identify targets.
nmap
A command-line port scanner that provides a broad range of capabilities, such as multiple scan modes, intended to bypass firewalls and other network protection devices.
operating system (OS) fingerprinting
The ability to identify an operating system based on network traffic that it sends.
active reconnaissance
A type of computer attack that uses host scanning tools to gather information about systems, services, and vulnerabilities.
According to Cisco log levels, level 4 represents
a warning. The example for warning is a configuration change.
A scanning technique, like Transmission Control Protocol synchronize (TCP SYN), is the most popular scan method because it
uses a TCP SYN packet to verify a service response. TCP SYN is quick and unobtrusive.
Nmap’s operating system identification flag is
–o and it enables the operating system (OS) detection.
–A also enables OS identification and other features.
Domain Name System (DNS) zone transfers provide a method to replicate DNS information between DNS servers but they are also a
tempting target for attackers due to the amount of information that they contain.
A heuristic analysis is used to detect threats based on
their behavior instead of looking for a specific package.
The axfr flag indicates
a zone transfer in the dig utilities
IANA manages
the global IP address space and also manages the Domain Name System (DNS) Root Zone,
The Internet Archive helps a user to find
an older copy of their website. It maintains copies from across the Internet and is used to review the historical content of a site.
Log level 0 is the most critical level because
it is used for emergencies in Cisco’s logging level scheme.
Microsoft Windows security log can capture
login events, resources, and rights usage, and events like open, creation, and deletion of a file.
Metadata scrubbing removes hidden content about a document, such as
a creator, creation time, system used to create the file, and a host of other information.
Exif often includes location and camera data, allowing
images to be mapped and identified to a specific device or a type of camera.
