In computers, footprinting is the process of accumulating data regarding a specific network environment, usually for the purpose of finding ways to intrude into the environment. Footprinting can reveal system vulnerabilities and improve the ease with which they can be exploited.
Footprinting begins by determining the location and objective of an intrusion. Once this is known, specific information about the organization is gathered using non-intrusive methods. For example, the organization's own Web page may provide a personnel directory or employee bios, which may prove useful if the hacker needs to use social engineering to reach the objective. Conducting a whois query on the Web provides the domain names and associated networks related to a specific organization.
Objectives of footprinting are;
Network Footprinting
This is the process of collecting information related to a target network. Information like Domain name, subdomains, network blocks, IP addresses of reachable systems, IDSes running, Rouge websites/private websites, TCP & UDP services running, VPN points, networking protocols, ACL's, etc are collected.
Collect System Information
The information related to the target system like user and group names, system banners, routing tables, SNMP information, system names, etc is collected using various methods.
Collect Organization's information
The information related to employee details, organization website, Location details, security policies implemented, the background of the organization may serve as an important piece of information for compromising the security of the target using direct or social engineering attacks.
Reference
What is footprinting? - Definition from WhatIs.com. (n.d.). Retrieved from https://searchsecurity.techtarget.com/definition/footprinting
luckyqloo
W3D1..CO.docx
0
