What is Footprinting ?
Footprinting is the first and most convenient way that hackers use to gather information about computer systems and the companies they belong to. The purpose of footprinting is to learn as much as you can about a system, its remote access capabilities, its ports and services, and the aspects of its security.
Introduction
Footprinting is the means by which hackers target an organization and use a remote access process to gather proprietary information relevant to organization’s Internet and network processors.They does "who is" queries which produce employee name,contace no,email and such important information.
What Hackers look for
The attacker first identifies the various domain names that he's interested in exploiting. He then performs a footprint analysis of the target to gather as much information as possible through publicly available sources. The footprint analysis gives the hacker an indication of how large the target might be, how many potential entry points exist.
One thing that hackers can usually disregard that you must pay particular attention to is what we techies affectionately refer to as layers eight and nine of the seven layer OSI Model-Politics and Funding. The amount of information that is readily available about you, your organization, its employees, and anything else you can image is nothing short of amazing.
Tools available for footprint
Port scanners: Port Scanners are used to determine which hosts are alive on the Internet, which Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports are listening on each system, and the operating system that is installed on each host.
Trace routes: Trace Route are performed to help identify the relationship
of each host to every other and to identify potential security mechanisms between the attacker and the target.
Nslookup: Nslookup is a command line tool in Windows Platform that can be used to perform DNS queries and zone transfers.
Tracert: Tracert is a command line tool used by hackers to create network maps of the target
network presence. After the port scanning and trace routing is finished, attackers create a network map that represents their understanding of the target's Internet footprint. This map is used for the second phase of the attack: information enumeration.
Techniques used to footprint
What Hackers look for
The attacker first identifies the various domain names that he's interested in exploiting. He then performs a footprint analysis of the target to gather as much information as possible through publicly available sources. The footprint analysis gives the hacker an indication of how large the target might be, how many potential entry points exist.
One thing that hackers can usually disregard that you must pay particular attention to is what we techies affectionately refer to as layers eight and nine of the seven layer OSI Model-Politics and Funding. The amount of information that is readily available about you, your organization, its employees, and anything else you can image is nothing short of amazing.
Tools available for footprint
Port scanners: Port Scanners are used to determine which hosts are alive on the Internet, which Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports are listening on each system, and the operating system that is installed on each host.
Trace routes: Trace Route are performed to help identify the relationship
of each host to every other and to identify potential security mechanisms between the attacker and the target.
Nslookup: Nslookup is a command line tool in Windows Platform that can be used to perform DNS queries and zone transfers.
Tracert: Tracert is a command line tool used by hackers to create network maps of the target
network presence. After the port scanning and trace routing is finished, attackers create a network map that represents their understanding of the target's Internet footprint. This map is used for the second phase of the attack: information enumeration.
Techniques used to footprint
- DNS queries
- Network enumeration
- Network queries
- Operating system identification
- Organizational queries
- Ping sweeps
- Point of contact queries
- Port Scanning
- Registrar queries (WHOIS queries)
- SNMP queries
- World Wide Web spidering
