What is Footprinting?

Footprinting is the act of gathering information about a computer system and the companies it belongs to. Footprinting is the first step taken by hackers to hack a computer system/network.

Footprinting is important because to hack any system the hacker must first have all the information about that system. Below I have given an example of the steps and services a hacker would use to get information of any system from websites:1) First , a hacker would begin by gathering information on the targets website. Generally the things a hecker looks for are e-mail ids and names. This information is useful when the hacker is planning to attampt a social engineering attack against the company. 2) Next the Hacker would get the IP address of the websiteby going to http://www.selfseo.com/find_ip_address_of_a_website.php Here the Hacker would insert the web URL (websites name like http://learnhacking.in ) and the website would return the IP address of the website. Eg:- The IP address of google.com is 74.125.79.104

The IP address 74.125.79.104 is assigned to Great Britain (UK) 3) Next the Hacker would ping the server to see if its active , up and running . If the server is offline , there is no point trying to hack it. Heres how to check if a server is active or not. Footprinting is a first step that a penetration tester used to evaluate the security of any IT infrastructure, footprinting means to gather the maximum information about the computer system or a network and about the devices that are attached to this network. Footprinting is a first and the important step because after this a penetration tester know how the hacker sees this network. To measure the security of a computer system, it is good to know more and more as you can because after this you will able to determine the path that a hacker will use to exploit this network.

This is the basic block diagram which shows the steps that are include in the penetration testing methodology, in this article we will discuss the first one that is footprinting.
Footprinting Steps

Internet Footprinting 1. 2. 3. 4. 5. 6. Get Proper Authorization Define the Scope of the Assessment Find Publicly Available Information Perform WHOIS & DNS Enumeration Attempt DNS Interrogation Perform Network Reconnaissance

1: Get Proper Authorization Ethical Hackers and professional penetration testers must obtain authorization in writing before beginning the security assessment 2: Define the Scope of the Assessment During discussions with the client you may determine the assessment scope will include:

The entire organization Only certain locations Business partner connections The clients disaster-recovery sites

3: Find Publicly Available Information The first place to begin the security assessment is the company's web site following an initial review of the website you will next want to examine the following:

Review Archived Information Examine The Wayback Machine Ripe the web site tools such as Wget and Teleport Pro Look for other sites beyond the main site of "www" such as: o Outlook Web Access o https://owa.company.com or https://outlook.company.com o Virtual Private Networks (VPNs) o http://vpn.company.com or http://www.company.com/vpn

Examine any related organizations for backend connectivity Scan the web for: o Phone Numbers, Contact Names, E-mail Addresses, and Personal Details o Current Events o Mergers, scandals, layoffs, etc. create security holes o Privacy or Security Policies, and Technical Details Indicating the Types of Security Mechanisms in Place o Extract data from Usenet o Review Groups.google.com o Search for Employee Resumes o Perform Google Hacking Examine Web 2.0 sites o Search Facebook o Examine Blogs o Find Disgruntled Employee Web Sites Map the Physical Address o Google Maps / Google Earth o Microsoft Live Visit the Physical Location and consider techniques such as: o Dumpster-diving o Surveillance o Social Engineering
o

4: Perform WHOIS & DNS Enumeration Examine Internet Assigned Numbers Authority (IANA) and Regional Internet Registry (RIR) data:

Manual Process - Three Steps: o Authoritative Registry for top-level domain o Domain Registrar o Finds the Registrant Automated Process - Available Tools o Whois.com o Sam Spade o SuperScan

5: Attempt DNS Interrogation

Perform a Zone Transfer via Windows or Linux. When successful you will obtain a list of all the hosts and IP addresses. 6: Perform Network Reconnaissance

Manual - Traceroute or Tracert o Windows Tracert uses ICMP o Linux Traceroute uses UDP by default Automatic - Neotrace, Trout or other traceroute software.