Richard, an attacker, targets an MNC. In this process, he uses a footprinting technique to gather as much information as possible. Using this technique, he gathers domain information such as the target domain name, contact details of its owner, expiry date, and creation date. With this information, he creates a map of the organization’s network and misleads domain owners with social engineering to obtain internal details of its network.
What type of footprinting techniques is employed by Richard?
Option 1 : Email footprinting
Option 2 : Whois footprinting
Option 3 : VPN footprinting
Option 4 : VoIP footprinting
1. Email footprinting
Email header reveals information about the mail server, original sender’s email id, internal IP addressing scheme, also because the possible architecture of the target network.
Tracking Email Communications
• Email tracking is employed to watch the delivery of emails to an intended recipient.
• Attackers track emails to collect information a few target recipient so as to perform social engineering and other attacks.
• Get recipient’s system IP address
• Geolocation of the recipient
• When the e-mail was received and skim
• Whether or not the recipient visited any links sent to them
• Get recipient’s browser and OS information
• Time spent on reading the emails
2. Whois footprinting
WHOIS (pronounced because the phrase who is) may be a query and response protocol and whois footprinting may be a method for glance information about ownership of a website name as following:
• name details
• Contact details contain phone no. and email address of the owner
• Registration date for the name
• Expire date for the name
• name servers
3. VPN footprinting
Virtual Private Networks(VPN) provide a secure connection to an organizations’ network. Therefore, VoIP traffic can skip an SSL-based VPN, effectively encrypting VoIP services.
When conducting reconnaissance, within the initial stages of VoIP footprinting, the subsequent publicly available information are often expected:
• All open ports and services of the devices connected to the VoIP network
• the general public VoIP server IP address
• The OS of the server running VoIP
• The network infrastructure
4. VoIP footprinting
The CSI/FBI Computer Crime and Security Survey for 2005 implies that insider abuse remains considerably a threat to the enterprise. Insiders are typically those people that have already got some level of trusted access to an organization’s network, like an employee, contractor, partner, or customer. Obviously, the more trust a corporation places in someone on the within , the more damaging an impression his malicious actions will have.
Most of the upcoming chapters will take the attitude of an indoor attacker. For the aim of this chapter, however, we’ve taken the point of view that the potential VoIP hacker is beginning his efforts external to the targeted organization. In other words, he’s neither a disgruntled employee who has intranet access nor an evil supervisor who already has full run of the network.
You can safely assume though that the hacker’s first order of business is to realize internal access remotely so as to launch a number of the more sophisticated attacks outlined later during this book. While it’s often trivial for a hacker to realize inside access, footprinting still reaps rewards by helping to fuel a number of the more advanced VoIP attacks discussed in later chapters.
Time and time again throughout this book, we’ll emphasize the importance of supporting infrastructure security. due to the safety posture dependencies that VoIP places on your traditional data network, it isn’t uncommon for attackers to compromise a trusted workstation or server to realize access to the VoIP network.
Learn CEH & Think like hacker
- What is Ethical Hacking? & Types of Hacking
- 5 Phases of Hacking
- 8 Most Common Types of Hacker Motivations
- What are different types of attacks on a system
- Scope and Limitations of Ethical Hacking
- TEN Different Types Of Hackers
- What is the Foot-printing?
- Top 12 steps for Footprinting Penetration Testing
- Different types of tools with Email Footprinting
- What is “Anonymizer” & Types of Anonymizers
- Top DNS Interrogation Tools
- What is SNMP Enumeration?
- Top vulnerability scanning tools
- Information Security of Threat
- Footprinting tools:
- What is Enumeration?
- Network Security Controls
- What is Identity and Access Management?
- OWASP high TEN web application security risks
- Password Attacks
- Defend Against Key loggers
- Defend Against Spyware
- Covering Tracks
- Covering Track on Networks
- Everything You Need To Know About Sniffing – Part 1
- Everything You Need To Know About Sniffing – Part 2
- Learn more about GPS Spyware & Apparatuses
- Introduction of USB Spyware and It’s types
- 10 Types of Identity Theft You Should Know About
- Concepts of Denial-of-Service Attack & Distributed Denial of Service Attack
- Most Effective Ways to Overcome Impersonation on the Social Networking Site’s Problem
- How Dynamic Host Configuration Protocol (DHCP) Works
- DHCP Request/Reply Messages
- DHCP Starvation Attack
- Rogue DHCP Server Attack
- IOS Switch Commands
- Web Server Concept
- Web Server Attacks
- Web Server Attack Tools
- Web Server Security Tools
- 6 Quick Methodology For Web Server Attack
- Learn Skills From Web Server Foot Printing / Banner Grabbing
- The 10 Secrets You Will Never Know About Cyber Security And Its Important?
- Ways To Learn Finding Default Content Of Web Server Effectively
- How will Social Engineering be in the Future
- Understand The Background Of Top 9 Challenges IT Leaders Will Face In 2020 Now
- Learning Good Ways To Protect Yourself From Identity Theft
- Anti-phishing Tools Guide
This Blog Article is posted by
Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092
Contact us – www.info-savvy.com