CIS 552 Week 7 Assignment 2: Footprinting. Complete Solution.Describe all preplanning activities prior to conducting the passive scan on the target site.
... [Show More]
Passive scanning is a method of vulnerability detection that relies on information gleaned from network data that is captured from a target computer without direct interaction. Passive scanning may be conducted by a network administrator scanning for security vulnerabilities or by an intruder as a preliminary to an active attack.
The first step in performing a passive scan is the footing printing phase. Foot printing is about information gathering and is both passive and active. Reviewing the company's website is an example of passive foot printing. The steps for foot printing include:
Information Gathering
The information gathering steps of foot printing and scanning are of utmost importance. Good information gathering can make the difference between a successful pen test and one that has failed to provide maximum benefit to the client. An amazing amount of information is avail- able about most organizations in business today. This information can be found on the organiza- tion's website, trade papers, Usenet, financial databases, or even from disgruntled employees.
Determining the Network Range
Now that the pen test team has been able to locate name, phone numbers, addresses, some server names, and IP addresses, it's important to find out what range of IP addresses are available for scanning and further enumeration. An example of a site to use to get this information is Whois.Whois is a widely used Internet record listing that identifies who owns a domain or who has registered that particular domain and how to contact them.
Identifying Active Machines
Attackers will want to know if machines are alive before they attempt to attack. One of the most basic methods of identifying active machines is to perform a ping sweep. If the target device is unreachable, a request time out is returned. Ping is a useful tool to identify active ma- chines and to measure the speed at which packets are moved from one host to another. [Show Less]