Results 1 to 3 of 3

Thread: Footprinting tutorial

  1. #1

    Footprinting tutorial

    Basic Footprinting

    What is footprinting?

    Footprinting is basically the digital equivalent of when a robber ‘cases the establishment’ before attempting to burgle a premises. It is where an attacker attempts to get a profile of the companies IT infrastructure, gathering as much information as possible.

    Sam Spade

    The first thing to do is to perform a whois query on the companies internet register. There is an excellent free tool called Sam Spade that gathers information on DNS servers and IP address blocks amongst other things. If you're a Windows user, simply go to their web site and download the latest version here: http://www.samspade.org/. On the main page, you'll also find online versions of many other useful networking tools which are helpful when you are away from your computer. Otherwise, the Windows version of Sam Spade is preferable because of its fast and easy access to a variety of tools and because you can run a number of different inquiries simultaneously.


    Open Source Footprinting

    This is a very safe way for a hacker to gather information about a company as it is perfectly legal; in fact the information is widely available to the general public. Information such as telephone numbers, email addresses and sometimes home address are obtained by searching through web-based whois interfaces. Below are the big three, ARIN for the US, APNIC for Asia and RIPE for Europe:

    1) (ARIN) – American Registry for Internet Numbers
    2) (APNIC) – Asia Pacific Network Information Center
    3) (RIPE) – Reseaux IP Europeens

    Now from searching these databases you will probably find email addresses and IP addresses. This information can then be put into a traceroute query which can be found on the Sam Spade site, or alternatively you could use a program like NeoTrace Pro. It traces the network path across the Internet from the host system to a target system anywhere on the Internet. The data it can retrieve includes registration details for the owner of each computer on the route (address, phone or e-mail address) and the network each node IP is registered to. The data is shown on a world map showing the location of nodes along the route, and a graph showing the relative response time of each node along the path. You can get NeoTrace Pro here: http://www.neotrace.net-software-download.com/

    Conclusion

    Now most of this information used by itself is harmless and most likely perfectly legal, but any person who is serious about getting into a system will carefully search through the whois databases to know as much information as possible, as it may lead to an eventual entry point. In my next tutorial entitled ‘Scanning’ I will show how scanning techniques are used by attackers to complement footprinting in order to gather vital information about a companies system. This should follow soon.

    For more tutorials please visit my site at www.computer-tutorials.org and the forums www.computer-tutorials.org/phpBB

    Sco (Ths is my name on all my other sites)

  2. #2
    Senior Member
    Join Date
    Jan 2005
    Posts
    128
    You mentioned this in your other articles, not sure why you missed this one

    Everyone knows them, but seeings this post is about finger/foot-printing, thought i'd add'em.
    NMap Scans:

    * -O Use TCP/IP fingerprinting to guess remote operating system
    -sV Version scan probes open ports determining service & app names/versions
    There are other methods of doing this, ie if -sV returns Port 80 as IIS6 and -O as a Linux server ... then you know you have to find other methods of searching.

    There are more, but its too early for more typing.
    http://sfx-images.mozilla.org/affili...88x31/take.gif
    If You\'ve Done Something Right. People Wont Know You\'ve Done Anything At All - God (futurama)

  3. #3
    Junior Member
    Join Date
    Jan 2005
    Posts
    1
    the mods arent going to let a tut ripper keep posting tuts are they????

    or is that what the ap system is for

    regarding this link:
    http://www.antionline.com/showthread...hreadid=265368

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •