1 / 16

Module 3 – Information Gathering

Module 3 – Information Gathering. Phase II  Controls Assessment  Scheduling Information Gathering Network Mapping Vulnerability Identification Penetration Gaining Access & Privilege Escalation Enumerating Further Compromise Remote Users/Sites Maintaining Access Cover the Tracks.

adolfo
Download Presentation

Module 3 – Information Gathering

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Module 3 – Information Gathering • Phase II  Controls Assessment  Scheduling • Information Gathering • Network Mapping • Vulnerability Identification • Penetration • Gaining Access & Privilege Escalation • Enumerating Further • Compromise Remote Users/Sites • Maintaining Access • Cover the Tracks Heorot.net

  2. Information Gathering • Locate the target Web presence • Examine the target using search engines • Search Web groups • Search employee personal Web sites • Search Security & Exchange Commission and finance sites • Search uptime statistics sites • Search system/network survey sites • Search on P2P networks • Search on Internet Relay Chat (IRC) • Search job databases • Search newsgroups (NNTP) • Gain information from domain registrar • Check for reverse DNS lookup presence • Check more DNS information • Check Spam databaselookup • Check to change WHOIS information Heorot.net

  3. Information Gathering IMPORTANT!! • This phase does not involve “touching” the target • Information gathered may not be “Public Domain” • Tools: • Firefox • Dogpile.com • Alexa.org • Archive.org • Document, document, document…Screenshots, screenshots, screenshots… Heorot.net

  4. Information Gathering What to Document… • Website Address • Web Server Type • Server Locations • Dates Listed • Date Last Modified • Web Links Internal • Web Links External • Web Server Directory Tree • Technologies Used • Encryption standards • Web-Enabled Languages • Form Fields • Form Variables • Method of Form Postings • Keywords Used • Company contactability • Meta Tags • Comments Noted • e-commerce Capabilities • Services Offered on Net • Products Offered on Net • Features Heorot.net

  5. Information Gathering • Locate the target Web presence • Cool tool called “nmap” Heorot.net

  6. Information Gathering • Examine the target using search engines Rank 53,545 / Linking In: 2,415 Heorot.net

  7. Information Gathering • Examine the target using search engines Heorot.net

  8. Information Gathering • Dates Listed / Modified Heorot.net

  9. Information Gathering • Search Web groups Heorot.net

  10. Information Gathering • Search newsgroups (NNTP) http://freenews.maxbaud.net Heorot.net

  11. Information Gathering • Gain information from domain registrar • Check to change WHOIS information Heorot.net

  12. Information Gathering • Check for reverse DNS lookup presence • Check more DNS information DNS ReverseDNS http://www.dnswatch.info Heorot.net

  13. Information Gathering • Why care about Reverse DNS? Insecure.org seclists.org Heorot.net

  14. Information Gathering • Check Spam database lookup http://www.dnsbl.info Heorot.net

  15. Information Gathering • Search employee personal Web sites • Search Security & Exchange Commission and finance sites • Search uptime statistics sites • Search system/network survey sites • Search on P2P networks • Search on Internet Relay Chat (IRC) • Search job databases Heorot.net

  16. Module 3 – Conclusion • Information Gathering • What to Document • Not “touching” the target • Information may not be “Public Domain” Heorot.net

More Related