1. Attacker
   • Identify potential systems
   • Identify potential vulnerabilities on systems
2. Defender
   • Know available tools for footprinting
   • Monitor footprinting attacks
   • As part of vulnerability analysis

1. System Information
   • IP Address, Hostname, Domain name
   • Operating System
   • File Structure
   • Open Ports / Services
   • Physical Location
   • Usernames
2. Network Information
   • Network topology
   • Network Devices (gateways, firewalls)
   • Network Servers (web, ftp, email, database, etc.)
   • Network traffic information

1. Local System Tools
   • hostname
   • ifconfig / ipconfig
   • who, last
2. Remote System Tools
   • ping
   • traceroute / tracert
   • finger
   • nslookup, dig
   • arp, netstat

1. Find out intial information
   • Whois
   • Nslookup
   • Open source public information
2. Find out address range of the network
   • ARIN (American registry for Internet numbers)
   • Traceroute (Neotrace)
3. Find active machines
   • Ping
   • Ping War
4. Find open ports or access points
   • Portscanners
     • NetBrute Scanner
     • Nmap
   • War Dialers
     • THC-Scan
   • War Drivers
5. Figure out the operating system
   • Nmap
6. Figure out which services are running on each port
   • Default ports and OS PORT NUMBERS List
   • Telnet
   • Vulnerability scanners
7. Map out the network
   • Traceroute
   • Visual ping
   • Cheops
   • WhatsUp

Please mail any comments about this page to summers_wayne@ColumbusState.edu