Footprinting and R econnaissance Module Ethical Hacking a n d C o u n te rm e a s u re s F o o rin tin g a n d R e c o n n a issa n c e Exam 2-50 C ertified Ethical H acker F o o t p r in t in g a n d R e c o n n a is s a n c e M o d u le E th ic a l H a c k in g a n d C o u n te r m e a s u r e s v M o d u l e : F o o t p r i n t i n g a n d R e c o n n a is s a n c e E xa m -5 M o d u le P ag e 92 Ethical H acking a n d C o u n te rm e a s u re s C opyright © by EC-C0UnCil All Rights R eserved R ep ro d u ctio n is Strictly P ro h ib ite d Ethical Hacking a n d C o u n te rm e a s u re s F o o rin tin g a n d R e c o n n a issa n c e S e c u r it y ABO UT US Exam -5 C ertified Ethical H acker N e w s PRO DUCTS NEWS F a ceb o ok a 'tre a s u re tro v e ' o f P e rs o n a lly Id e n tifia b le In fo rm a tio n April 1a 2012 Facebook contains a "treasure trove" of personally identifiable information that hackers manage to get their hands on A report by Imperva revealed that users' "general personal information" can often include a date of birth, home address and sometimes mother's maiden name, allowing hackers to access this and other websites and applications and create targeted spearphishing campaigns It detailed a concept I call "friend-mapping", where an attacker can get further knowledge of a user’s circle of friends; having accessed their account and posing as a trusted friend, they can cause mayhem This can include requesting the transfer of funds and extortion Asked why Facebook is so important to hackers, Imperva senior security strategist Noa Bar-Yosef said: "People also add work friends on Facebook so a team leader can be identified and this can lead to corporate data being accessed, project work being discussed openly, while geo-location data can be detailed for military intelligence." "Hacktivism made up 58 per cent of attacks in the Verizon Data Breach Intelligence Report, and they are going after information on Facebook that can be used to humiliate a person All types of attackers have their own techniques." http://www.scmogazineuk.com Copyright © by EG-G*ancil All Rights Reserved Reproduction Is Strictly Prohibited ‫״‬ am us u ii S e c u r ity N e w s ‫״־‬ F a c e b o o k a ,t r e a s u r e t r o v e ‫ ״‬o f P e r s o n a l l y I d e n t i f i a b l e In fo r m a tio n Source: h ttp ://w w w scm a ga zin e uk.co m Facebook contains a "treasure tro v e " o f p erson a lly id e n tifia b le in fo rm a tio n th a t hackers manage to get th e ir hands on A re p o rt by Im perva revealed th a t users' "general personal in fo rm a tio n " can o fte n include a date o f b irth , hom e address and som etim es m o the r's m aiden name, a llow ing hackers to access this and o th e r w ebsites and applications and create targe te d spearphishing campaigns It detailed a concept I call "frie n d -m a p p in g ", w here an a ttacker can get fu rth e r know ledge o f a user's circle o f friends; having accessed th e ir account and posing as a tru ste d frie n d, th e y can cause m ayhem This can include requesting the tra n sfe r o f funds and e xto rtio n Asked w hy Facebook is so im p o rta n t to hackers, Im perva se nior se curity strategist Noa BarYosef said: ‫ ״‬People also add w o rk friends on Facebook so a team leader can be id e n tifie d and this can lead to co rp orate data being accessed, p ro ject w o rk being discussed openly, w hile geolocation data can be detailed fo r m ilita ry intelligence." M o d u le P ag e 93 Ethical H acking a n d C o u n te rm e a s u re s C opyright © by EC-C0UnCil All Rights R eserved R ep ro d u ctio n is Strictly P ro h ib ite d Ethical Hacking a n d C o u n te rm e a s u re s F o o rin tin g a n d R e c o n n a issa n c e Exam -5 C ertified Ethical H acker "H acktivism made up 58 per cent o f attacks in the V erizon Data Breach Inte llige n ce R eport, and th e y are going a fte r in fo rm a tio n on Facebook th a t can be used to h um ilia te a person All types o f attackers have th e ir own techniques." On how attackers get a password in the firs t place, Imperva claim ed th a t d iffe re n t keyloggers are used, w hile phishing kits th a t create a fake Facebook login page have been seen, and a m ore p rim itive m ethod is a brute force attack, w here the a ttacker repeatedly a tte m p ts to guess the user's password In m ore extrem e cases, a Facebook a d m in is tra to rs rights can be accessed A lthough it said th a t this requires m ore e ffo rt on the hacker side and is n ot as prevalent, it is the "h o ly g il" o f attacks as it provides the hacker w ith data on all users On p ro te ctio n , Bar-Yosef said the ro ll-o u t o f SSL across the w h o le w ebsite, the r than ju s t at the login page, was effective, b ut users still needed to o p t in to this By Dan Raywood h t t p : / / w w w s c m a g a z i n e c o m a u / F e a t u r e / 6 , d ig i t i a l - i n v e s t i g a t i o n s - h a v e - m a t u r e d a s p x M o d u le P ag e 94 Ethical H acking a n d C o u n te rm e a s u re s C opyright © by EC-C0UnCil All Rights R eserved R ep ro d u ctio n is Strictly P ro h ib ite d Ethical Hacking a n d C o u n te rm e a s u re s F o o rin tin g a n d R e c o n n a issa n c e M o d u le Exam 2-50 C ertified Ethical H acker O b je c t iv e s J F o o r in tin g T e rm in o lo g y J W H O IS F o o r in tin g J W h a t Is F o o r in tin g ? J DNS F o o r in tin g J O b je c tiv e s o f F o o r in tin g J N e tw o r k F o o r in tin g J F o o r in tin g th r o u g h S ocial J F o o r in tin g T h re a ts C E H E n g in e e rin g W J F o o r in tin g th r o u g h S ocial E m a il F o o r in tin g J F o o r in tin g T ools J C o m p e titiv e In te llig e n c e J F o o r in tin g C o u n te rm e a s u re s J F o o r in tin g U s in g G o o g le J F o o r in tin g P en T e s tin g J W e b s ite F o o r in tin g J N e tw o r k in g S ites Copyright © by EC-G*ancil All Rights Reserved Reproduction is Strictly Prohibited t t t f M o d u le O b je c tiv e s This m odule w ill make you fam iliarize w ith th e follo w in g : e F o otp rin tin g Term inologies © WHOIS F o otp rin tin g e W h a t Is Footprinting? © DNS F o otp rin tin g © O bjectives o f F o otp rin tin g © N e tw o rk F o otp rin tin g © F o otp rin tin g Threats © F o otp rin tin g throu g h Social e F ootp rin tin g throu g h Search Engines © W ebsite F ootprinting © Email F o otp rin tin g © F o otp rin tin g Tools © C om petitive Intelligence © F o otp rin tin g Counterm easures © F o otp rin tin g Using Google © F o otp rin tin g Pen Testing Engineering M o d u le P ag e © F o otp rin tin g throu g h Social N etw orking Sites Ethical H acking a n d C o u n te rm e a s u re s C opyright © by EC-C0UnCil All Rights R eserved R ep ro d u ctio n is Strictly P ro h ib ite d Ethical Hacking a n d C o u n te rm e a s u re s F o o rin tin g a n d R e c o n n a issa n c e M o d u le Exam -5 C ertified Ethical H acker F lo w Ethical hacking is legal hacking conducted by a p en e tratio n te ste r in o rd er to evaluate the security o f an IT in fra s tru c tu re w ith the perm ission o f an organization The concept o f ethical hacking cannot be explained or cannot be p erform ed in a single step; th e re fo re , it has been divided in to several steps F o otp rin tin g is the firs t step in ethical hacking, w here an a ttacker trie s to gather in fo rm a tio n abo u t a target To help you b e tte r und e rstan d fo o rin tin g , it has been d istrib u te d into various sections: Xj C J M o d u le P ag e F o o rin tin g Concepts [|EJ F o o rin tin g Tools F o o rin tin g Threats Fo o tPr in t' ng C ounterm easures F o o rin tin g M e th o d o lo g y F o o rin tin g P e n e tra tio n Testing Ethical H acking a n d C o u n te rm e a s u re s C opyright © by EC-C0UnCil All Rights R eserved R ep ro d u ctio n is Strictly P ro h ib ite d Ethical Hacking a n d C o u n te rm e a s u re s F o o rin tin g a n d R e c o n n a issa n c e Exam 2-50 C ertified Ethical H acker The F o o rin tin g Concepts section fam iliarizes you w ith fo o rin tin g , fo o rin tin g term in o lo g y, w hy fo o rin tin g is necessary, and th e objectives o f fo o rin tin g M o d u le P ag e Ethical H acking a n d C o u n te rm e a s u re s C opyright © by EC-C0UnCil All Rights R eserved R ep ro d u ctio n is Strictly P ro h ib ite d Ethical Hacking a n d C o u n te rm e a s u re s F o o rin tin g a n d R e c o n n a issa n c e Exam 2-50 C ertified Ethical H acker F o o t p r in t in g T e r m in o lo g y Open Source or Passive Information Gathering CEH Active Information Gathering Collect inform ation about a target from the publicly accessible sources Gather inform ation through social engineering on-site visits, interviews, and questionnaires Anonymous Footprinting Pseudonymous Footprinting Gather inform ation from sources where the au thor o f the info rm atio n cannot Collect inform ation that might be published under a diffe ren t name in be identified or traced an attem pt to preserve privacy Organizational or Private Footprinting Internet Footprinting Collect inform ation from an organization's web-based calendar and em ail services Collect inform ation about a target from the Internet Copyright © by EC-G*ancil All Rights Reserved Reproduction is Strictly Prohibited OO ooo —O O F o o r in tin g T e r m in o lo g y Before going deep in to the concept, it is im p o rta n t to know th e basic te rm in o lo g y used in fo o rin tin g These term s help you understand the concept o f fo o rin tin g and its structures !,n'nVn'nVI O p e n S o u rc e o r P a s s iv e I n f o r m a t io n G a t h e r in g Open source or passive in fo rm a tio n gathering is the easiest way to collect in fo rm a tio n about the ta rg e t organization It refers to the process o f gathering in fo rm a tio n fro m the open sources, i.e., publicly available sources This requires no d ire ct contact w ith the ta rg e t o rg an iza tion Open sources may include newspapers, television, social n e tw o rkin g sites, blogs, etc Using these, you can gather in fo rm a tio n such as n e tw o rk boundaries, IP address reachable via the Inte rn e t, operating systems, w eb server so ftw a re used by the ta rg e t n etw o rk, TCP and UDP services in each system, access co n tro l mechanisms, system architecture, in tru sion d etection systems, and so on A c tiv e I n f o r m a t io n G a th e r in g In active in fo rm a tio n gathering, process attackers m ainly focus on the em ployees o f M o d u le P ag e Ethical H acking a n d C o u n te rm e a s u re s C opyright © by EC-C0UnCil All Rights R eserved R ep ro d u ctio n is Strictly P ro h ib ite d Ethical Hacking a n d C o u n te rm e a s u re s F o o rin tin g a n d R e c o n n a issa n c e Exam -5 C ertified Ethical H acker th e ta rg e t organization Attackers try to e xtract in fo rm a tio n fro m the em ployees by conducting social engineering: on-site visits, interview s, questionnaires, etc A n o n y m o u s F o o r in tin g This refers to the process o f collecting in fo rm a tio n fro m sources anonym ously so th a t yo ur e ffo rts cannot be traced back to you