CHAPTER-1
FOOTPRINTING
Footprinting is the first and most convenient way that hackers use to gather information
about computer systems and the companies they belong to. The purpose of footprinting to
learn as much as you can about a system, it's remote access capabilities, its ports and
services, and the aspects of its security.
about computer systems and the companies they belong to. The purpose of footprinting to
learn as much as you can about a system, it's remote access capabilities, its ports and
services, and the aspects of its security.
In order to perform a successful hack on a system, it is best to know as much as you can,
if not everything, about that system. While there is nary a company in the world that
isn't aware of hackers, most companies are now hiring hackers to protect their systems.
And since footprinting can be used to attack a system, it can also be used to protect it.
If you can find anything out about a system, the company that owns that system, with the
right personell, can find out anything they want about you.
Techniques used for footprinting
Ping Sweep:
Ping a range of IP addresses to find out which machines are awake.
go cmd type ping {then address}
Eg: ping 192.168.70.14 or ping www.csice.org
TCP Scans:
Scan ports on machines to see which services are offered. TCP scans
can be performed by scanning a single port on a range of IPs, or by scanning a
range of ports on a single IP. Both techniques yield helpful information.
Open Source Footprinting:
It is the easiest and safest way to go about finding information about a company. Information that is available to the public, such as phone numbers, addresses, etc. Performing whois requests, searching through DNS tables are other forms of open source footprinting. Most of this information is fairly easy to get, and within legal limits. One easy way to check for sensitive information is to check the HTML source code of the website to look for links, comments, Meta tags etc.Tools using:
The best tool to get the information about the website is by using whois
go to http://www.allwhois.com/
http://www.internic.net/whois.html
http://www.uwhois.com/
enter the web address then u get the contact number and all about the website
To trace an E-MAIL
eMailTrackerPro : It analyzes the e-mail header and provides the IP Address of the machine that sent the e-mail. This can then be used to track down the sender. This is especially helpful in preventing spamming and spoofing
To knw where all servers u where connected now
use the tool : callerip
TO KNW THE TIMELINE OF A WEBSITE
Enter the url in :http://www.archive.org/index.php , http://www.thememoryhole.org/
Get company's information
Use search engines such as google.com or Wikipedia.org
To study the company's location and infrastructure from a remote place
use google earth
download it from: http://www.google.com/earth/index.html
To get information about a person in that company
. use social networking sites like : http://www.facebook.com/ , http://www.myspace.com/ ect...........
. use websites like : http://www.blackbookonline.info/ ,http://www.peoplesearch.com/ ect.........
these help to get the bank details , credit card details, mobile numbers , past history , ect..................
To trace the path of website
Use avast internet securtiy-->network utlities
or use neo trace
DNS Enumeration
By using sam spade we can do dns in windows
or in cmd : type (nslookup servername)
if u want to know how dns is do in Linux please e-mail me
Reference: CEH slides 5th edition,
McGraw.hill, hacking exposed network security secrets and solution 6th edition
google.co.in
defn from : wikipedia.org
This can be downloaded from torrent http://torrentz.eu/ or mail me : eldho@live.in
ConversionConversion EmoticonEmoticon