What is Footprinting?
Footprinting is basically the first step of the hacking which is used by Hackers and penetration testers for gathering information about a server where a website is hosted, A hacker does footprinting in-order to find weakness and security holes of the server through which it can be rooted (Hacked) and same is the Job of penetration tester but often hackers do this for bad purpose but a penetration tester is hired to do this inorder to increase security.The purpose of footprinting to learn as much as you can about a system of the server, it's remote access capabilities, its ports and services which are running behind it,Registrar queries,DNS queries, and the aspects of its security. All kinds of Hacking Must start with footprinting if you are targeting a specific server and system. This is the start of a successful attack on a system, and you can get much information depending upon your skill.
Types of Footprinting and their Explanation:-
are types of footprinting and their sub-branches:-
Open Source Footprinting:-
It is a type of most safest footprinting as it is in legal limits and you can do it without any fear that if you are doing any kinda illegal task. It includes finding basic information which is majorly present for public use too, Like finding out the phone numbers, Emails Addresses, performing who is request for the domain name, searching through DNS tables, and scanning certain ip addresses through automated tools (I,ll post them later with detailed info, of usage), and searching out some common means of finding information about the server system and owner.
any of the companies post a large amount of information about them self at the their own website without realizing the fact that it can be useful for a hacker too, also sometimes in HTML and coding comments are present which themselves give hackers a lot of information about coding. As comments are present their to tell a coder about the function of some specific code. -
Network Enumeration:-
Network enumerating is a computing activity in which user names, and info on groups, shares and services of networked computers are retrieved. It should not be confused with Network mapping which only retrieves information about which servers are connected to a specific network and what operating system is run on them. It includes identifying the domain name and also searching for the registrar information since companies domains are listed with registrar information. The hacker simply needs to know which registrar the company is listed with. There are five types of queries listed under this section which are as follow
Registrar Queries:
Registrar Queries or WHOIS (pronounced as the phrase who is) is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block, or an autonomous system, but is also used for a wider range of other information. The protocol stores and delivers database content in a human-readable format.
OS Indentification:
This involves sending illegal ICMP (Internet Control Message Protocol) or (TCPTransmission Control Protocol) packets to a machine for identifying Operating system used on server or machine in simple words.
Ping Sweep: Try Pinging Different IP addresses found by you during Footprinting:-
Try Pinging Different IP addresses found by you so that you may figure out that which IP is alive in-order to scan for open ports later
Performing TCP Scans: Scan ports on machines to see which services are offered by system. TCP scanscan be performed by scanning a si
ngle port on a range of IPs (Many IPs But checking one port on them), or by scanning a range of ports on a single IP (Many Ports but on a sinle IP). Both techniques will produce helpful information for hacker and you.
Performing UDP Scans: Send garbage UDP packets to a desired port. Well normally don't performUDP scans a whole lot because most machines show and reply with an ICMP 'port unreachable' message. Meaning that no service is available, most of the advanced machines and servers show this behavior.
by Vishal Waghmare
No comments:
Post a Comment