Cybersecurity - Footprinting and Reconnaissance PDF
Document Details
Uploaded by CoherentJasper6437
College of Technology at Abha
Dr. Omar Masmali
Tags
Summary
This presentation details the concept of cybersecurity footprinting and reconnaissance. It explains the process of identifying security risks in an organization by gathering information both publicly and through intrusive methods. The document highlights different types of footprinting, and steps involved from goal assessment to reporting findings. Finally, it lists popular footprinting tools like WHOIS, Nslookup, and Nmap.
Full Transcript
Cyber Security Dr. Omar Masmali Footprinting and Reconnaissance Footprinting Footprinting is the process of identifying and understanding the security risks in an organization. It involves gathering information about the target, both from publicly available so...
Cyber Security Dr. Omar Masmali Footprinting and Reconnaissance Footprinting Footprinting is the process of identifying and understanding the security risks in an organization. It involves gathering information about the target, both from publicly available sources and through more intrusive methods. This information helps build a profile of the organization’s security posture and identify vulnerabilities. The approach used depends on the desired information and level of access. Reconnaissance An important step in ethical hacking is reconnaissance, which includes leaving digital footprints. Data on the target system’s network infrastructure, personnel information, and security rules are collected as part of this process. Finding potential attack routes and vulnerabilities is the aim of reconnaissance. Security policies, network specifics, employee contacts, and host information for vulnerability assessment are all pieces of information that are gathered while accomplishing this step. Types of Footprinting Passive Footprinting In this type of footprinting, the attacker collects information about the target without directly interacting. It is useful for gathering undetected information. The attacker utilises publicly accessible data from online sources and analyses the target organisation’s website. Valuable information can be obtained about customers, employees, history, and more. Types of Footprinting Active Footprinting In active footprinting, the attacker directly interacts with the target to gather information. This approach increases the likelihood of the target detecting the activity. Methods used in active footprinting include human interaction, searching for digital files, email tracking, social engineering, and more. Steps of Footprinting 1. Assess goals Before starting the footprinting process, it is crucial to define the objectives or goals of the assessment. This helps in focusing efforts and determining the purpose of the information to be gathered. Steps of Footprinting 2. Gather information Once the goals are established, the next step is to collect relevant information about the target. This includes obtaining details such as the company’s name, website, contact information, and any publicly available information on social media platforms. It also involves investigating the target’s security measures and infrastructure to gain insights into potential vulnerabilities. Steps of Footprinting 3. Analyze information After gathering the necessary data, it needs to be analysed and evaluated. This involves assessing the potential threats and weaknesses that the collected information reveals. By identifying vulnerabilities and potential attack vectors, it becomes possible to understand the target’s security posture and the risks it faces. Steps of Footprinting 4. Report findings The final step is to document and report the findings of the footprinting process. A detailed report is created, outlining the conclusions drawn from the analysis and providing recommendations to enhance the target’s security posture. This report serves as a valuable resource for the target organization, enabling them to be aware of cybersecurity threats and take appropriate measures to mitigate risks. Footprinting Tools Whois tool from IANA The Internet Assigned Numbers Authority (IANA) is responsible for maintaining a collection of registries that are critical in ensuring global coordination of the DNS root zone, IP addressing, and other Internet protocol resources. https://www.iana.org/whois Footprinting Tools Nslookup is a web based DNS client that queries DNS records for a given domain name. It allows you to view all the DNS records for a website https://www.nslookup.io/ Footprinting Tools nmap Nmap is short for Network Mapper. It is an open-source Linux command-line tool that is used to scan IP addresses and ports in a network and to detect installed applications Footprinting Tools spiderfoot Package contains an open source intelligence (OSINT) automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname, network subnet, ASN, e-mail address or person’s name. Footprinting Tools Nessus Is a remote security scanning tool, which scans a computer and raises an alert if it discovers any vulnerabilities that malicious hackers could use to gain access to any computer you have connected to a network Footprinting Countermeasures Avoid posting confidential data on social media websites. Avoid accepting unwanted friend requests on social media platforms. Promotion of education on various hacking tricks. Usage of footprinting techniques for identifying and removing sensitive information from social media platforms. Proper configuration of web servers to avoid loss of information about system configuration.