© Why
Information gathering?
•
Information Gathering can reveal online footprints of criminal.
•
Information Gathering can help investigator to profile criminals.
© Information
gathering of websites
We need to
gather the following information about the website :
·
Whois Information
·
Owner of website.
·
Email id used to register domain.
·
Domain registrar.
·
Domain name server information.
·
Releted websites.
We can use
website www.domaintools.com for
this puropse.
© Whois
Whois is
query to database to get following information :
·
Owner of website.
·
Email id used to register domain.
·
Domain registrar.
·
Domain name server information.
·
Releted websites.
© Reverse
IP mapping
·
Reverse IP will give number of
websites hosted on same server.
·
If one website is vulnerable on the
server then hacker can easily root the server.
·
Domainbyip.com
·
Hacking For Beginne n g t e c h
• Trace
Route
© Information
Gathering Using Search Engine
• Search
engines are efficient mediums to get specific results according to your
requirements.
• Google
& yahoo search engine gives best results out of all.
• But
Specifically using www.kartoo.com will give us
good information about the search.
• This type
of search engines retrieves results from different search engine & make
relation or connections between those results.
• Maltego is
an open source intelligence and forensics application.
• It allows
for the mining and gathering of information as well as the representation of
this information in a meaningful way.
• Coupled
with its graphing libraries, Maltego, allows you to identify key relationships
between information and identify previously unknown relationships between them.
• Almost 80%
internet users use blogs/forums for knowledge sharing purpose.
•
Information gathering from specific blog will also helpful in investigations.
•
Information gathering from Social Networking websites can also reveal personal
info about suspect.
• Many
websites stored email id lists for newsletters. These email ids can also be
retrieved using email spiders.
© Detecting ‘live’ systems on target
network
Ø Why Detecting ‘live’ systems on
tagret network ?
·
To determine the perimeter of the target
network /system
·
To facilitate network mapping
·
To build an inventory of accessible
systems on target network
·
Tools used for this :
o
War Dialers
o
Ping Utilities
© War Dialers
·
A war dialer is a tool used to scan
a large pool of telephone numbers to detect vulnerable modems to provide access
to the system.
·
A demon dialer is a tool used to
monitor a specific phone number and target its modem to gain access to the system.
·
Threat is high in systems with
poorly configured remote access products providing entry to larger networks.
·
Tools include THC-Scan, ToneLoc,
TBA etc.
The term war
dialing implies the exploitation of an organization's telephone, dial, and
private branch exchange (PBX) systems to infiltrate the internal network and
use of computing resources during the actual attack. It may be surprising why
we are discussing war dialing here as more PBX systems are coming with
increased security configurations. However, the fact remains that there are as
many insecure modems out there that can be compromised to gain access into the target
system. What had initially caught the fancy of hackers in the movie 'war
games', still manages to find carriers leading to compromise of systems. The
war dialer in War Games is not very sophisticated as it only finds phone
numbers which are suspected to be computer dial-in lines. A more aggressive
version might actually attempt to determine the
operating
system, and a very aggressive version might attempt to perform some automated
break -in attempts itself. If A real scanner with this functionality will
attempt to analyze the carrier information, the negotiation and presence of protocols
and/or banners to attempt to determine the remote system. It will then attempt
to use default username/password combinations for that system.
0 comments:
Post a Comment