Thursday, October 30, 2014

#2. FOOTPRINTING





Footprinting is the widely used and most convenient way that hackers use to gather information
about websites. The purpose of footprinting is to learn as much as you can about a system, 
it's remote access capabilities, its ports and services, and the aspects of its security 
help hackers to get details about a website. 

In order to perform a successful hack on a website, it is best to know as much as you can,
if not everything, about that website. While there isnt a company in the world that
isn't aware of hackers, most companies are now hiring ethical hackers to protect their systems.
And since footprinting can be used to attack a system, it can also be used to protect it.
If you can find anything out about a website, the company that owns that website, with the
right personell, can find out anything they want about you.

--> Techniques used for footprinting are :


  • Ping Sweep: 

         Ping a range of IP addresses to find out which machines are awake.

         => how to ping?
        
        => go cmd type ping {then address}
        => Eg:  ping 192.168.70.14 or ping www.csice.org



  • TCP Scans: 

          Scan ports on machines to see which services are offered. TCP scans 
          can be performed by scanning a single port on a range of IPs, or by scanning a 
          range of ports on a single IP. Both techniques yield helpful information.




  • Open Source Footprinting:


        It is the easiest and safest way to go about finding information about a company. Information              that is available to the public, such as phone numbers, addresses, etc. Performing whois requests,    searching through DNS tables are other forms of open source footprinting. Most of this information      is fairly easy to get, and within legal limits. One easy way to check for sensitive information is to       check the HTML source code of the website to look for links, comments, Meta tags etc.

   => Tools using:
       The best tool to get the information about the website is by using whois
        go to - "http://who.is/"

 enter the web/IP address and then you will get the entire details about the website's owner and all  the related information about the website.
at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)