Footprinting
Download
Report
Transcript Footprinting
Hello, I’m…
Susan Donoho, MBA.
Secure Ruby is a proprietary venture where I provide
consulting in management, information technology, security
education, and fraud prevention
Detective work for a large private retailer focusing in
organized retail crime
Education in Certified Ethical Hacking through EC-Council
EC-Council, USA, Florida , 2502 N. Rock Point Dr., Tampa,
FL 33607, 505-341-3228
Footprinting
SECURITY BEGINS WITH YOU
Beyond Firewalls,
Company Policy, and
Passwords
Company’s work on security measures so why are there hacks,
stolen information, stolen goods?
What is going on? What can I do about it?
Footprinting
An Introduction to Footprinting and Reconnaissance
Footprinting Concepts
What is Footprinting?
Footprinting refers to uncovering and collecting as much
information as possible on:
Organizations Information
Key Personnel’s information
System Information
Network Information
Finding every “IN” there is from the information gathered at
every level (not just firewalls, IP addresses, or passwords)
Organization’s Information
Employee details
Organization’s web site
Company directory
Address, Phone
Background of organization
News articles, press releases
Key Personnel’s Information
Position, Title, Responsibilities
Personal information: address, family members, pets,
hobbies, any relevant that might be used as an “in” to this
persona’s life to manipulate into their lives – as in email on
any real interest to get this person to respond to a
communication through email.
Manipulating a person to through a false impression for the
purpose of disclosing (secure/private) personal information
is called social engineering.
System Information
User and Group members
System Banners
Routing Tables
SNMP Information
System Architecture
Remote System Type
System Names and Passwords
Network Information
Domain Name
Internal Domain Names
Network Blocks
IP Addresses of reachable systems
Rouge Websites and private websites
TCP and UDP services running
Networking protocols
Network Information
VPN Points
ACL’s
IDSes running
Analog, Digital telephone numbers
Authentication Mechanisms
Footprinting Methodologies
Internet Footprinting
Competitive Intelligence
WHOIS Footprinting
DNS Footprinting, Network Footprinting
Website Footprinting
Email Footprinting
Google Hacking
Internet Footprinting
Find a Company’s URL – Google and Bing Internet
Searches
Locate Internal URL – these provide insight into different
departments and business units within an entity
Trial and error, common sense, common knowledge will
provide helpful information
Tool search – http://news.netcraft.com
http://webmaster-a.com/link-extractor-internal.php
Footprinting Tools
Web Data Extraction for company contact data
http://www.webextractor.com
Spiderfoot will scrape web sites on that domain, and also
search Google, Netcraft, Whois, DNS to collect information
http://www.binarypool.com
Robtex This tool utilizes crawl the internet using the
useragent “robtexbot” to get title and metadata
Footprinting Methodologies
Collect Location
Information of the
physical location of the
subject or target
Satellite Pictures of a
building, or residence can
be obtained providing
more information
People Search
http://pipl.com
Web crawlers cannot
search deep web
information such as
underlying content,
documents online
People Search Online Services
People.yahoo.com
Peoplelookup.com
123people.com
Social networking
Services
Wink.com
Peoplefinders.com
Address.com
Zabasearch.com
Publicpeoplefinder.com
Facebook
Linkedin
Twitter
BE CAREFUL
Footprinting through JOB Sites – Some of the most telling
inside information about a firm may be posted through Job
Sites.
An IT Department may advertise for certain skills sets,
which lists out the technology of a company.
This tells hackers what you are all about.
How might an IT dept. hide it’s technology and gain resumes?
Next Talk –
Competitive Intelligence
Footprinting & Reconnaissance