Steps for Gathering Information
(Footprinting / Fingerprinting)
WHY
- Attacker
- Identify potential systems
- Identify potential vulnerabilities on systems
- Defender
- Know available tools for footprinting
- Monitor footprinting attacks
- As part of vulnerability analysis
WHAT
- System Information
- IP Address, Hostname, Domain name
- Operating System
- File Structure
- Open Ports / Services
- Physical Location
- Usernames
- Network Information
- Network topology
- Network Devices (gateways, firewalls)
- Network Servers (web, ftp, email, database, etc.)
- Network traffic information
HOW
TOOLS
- Local System Tools
- hostname
- ifconfig / ipconfig
- who, last
- Remote System Tools
- ping
- traceroute / tracert
- finger
- nslookup, dig
- arp, netstat
RESOURCES
- Find out intial information
- Whois
- Nslookup
- Open source public information
- Find out address range of the network
- ARIN (American registry for Internet numbers)
- Traceroute (Neotrace)
- Find active machines
- Find open ports or access points
- Portscanners
- War Dialers
- War Drivers
- Figure out the operating system
- Figure out which services are running on each port
- Map out the network
Please mail any comments about this page to summers_wayne@ColumbusState.edu