Techniques used for Footprinting
* Some Techniques used for Footprinting
- Ping Sweep
Ping a range of IP addresses to find out which machines are awake.
how to ping?
Go to cmd -> type: ping (address/domain)
eg. ping www.facebook.com
- TCP Scans
Scan the ports on a machine to see which services are offered.TCP scans can be performed by scanning a single port on a range of IPs, or by scanning a range of ports on single IP, both techniques yield useful information.
- Open Source Footprinting
It is the easiest and the safest way to go about finding information that is available to the public, such as phone numbers, addresses, etc. Performing whois requests, searching through DNS tables are other forms of open source footprinting. Most of this information is fairly easy to get and within legal limits. One way to check for sensitive information is to check the HTML source code of the website to look for links, comment,Meta tags etc.
- Using Tools
whois is the best tool to get information about the website.
go to:
www.allwhois.com
www.internic.net/whois.html
www.uwhois.com
Enter the web address and you get the information about the website.
- Tracing an E-MAIL
eMailTrackerPro: It analyzes the e-mail header and provides the IP address of the machine that sent the e-mail. This can then be used to track down the sender. This is specially helpful in preventing spamming and spoofing.
- To know about the servers you were connected to now
use the tool: callerip
- To know the timeline of a website
Enter the url in: www.archive.org/index.php or wikipedia.org/index
- To stude the company's location and infrastructure from a remote place
use google earth
- To get information about a person in the company
Use social networking sites like: facebook, myspace, etc
Use websites like: www.blackbookonline.info, www.peoplesearch.com, etc
Thes information are then use to get bank details, credit card details, mobile numbers, past history, etc.
- To trace the path of website
Use avast internet security-->network utilities
Or use neo trace
- DNS ennumeration
By using 'sam spade' we can do DNS in Windows
or in cmd: type-->nslookup servername
- Ping Sweep
Ping a range of IP addresses to find out which machines are awake.
how to ping?
Go to cmd -> type: ping (address/domain)
eg. ping www.facebook.com
- TCP Scans
Scan the ports on a machine to see which services are offered.TCP scans can be performed by scanning a single port on a range of IPs, or by scanning a range of ports on single IP, both techniques yield useful information.- Open Source Footprinting
It is the easiest and the safest way to go about finding information that is available to the public, such as phone numbers, addresses, etc. Performing whois requests, searching through DNS tables are other forms of open source footprinting. Most of this information is fairly easy to get and within legal limits. One way to check for sensitive information is to check the HTML source code of the website to look for links, comment,Meta tags etc.
- Using Tools
whois is the best tool to get information about the website.
go to:
www.allwhois.com
www.internic.net/whois.html
www.uwhois.com
Enter the web address and you get the information about the website.
- Tracing an E-MAIL
eMailTrackerPro: It analyzes the e-mail header and provides the IP address of the machine that sent the e-mail. This can then be used to track down the sender. This is specially helpful in preventing spamming and spoofing.
- To know about the servers you were connected to now
use the tool: callerip
- To know the timeline of a website
Enter the url in: www.archive.org/index.php or wikipedia.org/index
- To stude the company's location and infrastructure from a remote place
use google earth
- To get information about a person in the company
Use social networking sites like: facebook, myspace, etc
Use websites like: www.blackbookonline.info, www.peoplesearch.com, etc
Thes information are then use to get bank details, credit card details, mobile numbers, past history, etc.
- To trace the path of website
Use avast internet security-->network utilities
Or use neo trace
- DNS ennumeration
By using 'sam spade' we can do DNS in Windows
or in cmd: type-->nslookup servername
Comments
Post a Comment