Reconnaissance

Question 1

What are attackers looking for before they make an attack?

Answer 1

Attackers preform recon before they attack because they don’t want to rush blindly into battle. They try to learn everything they can about the systems they attack. They want to know what security tools are in place, firewalls, security configs. This is the time they decide which devices to focus their attack on. They will create a network map, identify routers, remote sites, etc.

Question 2

Passive information

Answer 2

They will look at open sources to find information. Social media, corporate web pages, forums, reddit, social engineering, dumpster diving.

Question 3

Open Source Intelligence (OSINT)

Answer 3

Much of your digital footprint is all over the web and can be found through Passive Information but also from dating websites, emails, darkweb, public records, etc. There are already existing pre-designed tools to find all this information.

Question 4

Wardriving or warflying

Answer 4

Combine WiFi monitoring and a GPS. Searches from a car or plane moving by. Search from a drone flying around. They are looking for access points, strength of signal. The software is free online.

Question 5

Active Footprinting

Answer 5

Actively sending information into the network in order to find out what’s in there. Monitors will be able to detect the activity. The attackers are basically poking the bear to see what they can find. They want to do ping scans, port scans, DNS queries, find out what OS is being used, learn what versions of software is being used etc.