issuhub.com

CEH

(Jeff_L) #1

84 Chapter 4 ■ Footprinting and Reconnaissance


What Is Footprinting?


Now let’s circle back around to the first step in the process of ethical hacking: footprint-

ing. Footprinting, or reconnaissance, is a method of observing and collecting information

about a potential target with the intention of finding a way to attack the target. Foot-

printing looks for information and later analyzes it, looking for weaknesses or potential

vulnerabilities.

When you conduct footprinting—as with all phases and processes

described in this book—you must be quite methodical. A careless or hap-

hazard process of collecting information can waste time when moving

forward or, in a worst-case scenario, cause the attack to fail. The smart or

careful attacker spends a good amount of time in this phase gathering and

confirming information.

Footprinting generally entails the following steps to ensure proper information retrieval:


  1. Collect information that is publicly available about a target (for example, host and net-
    work information).

  2. Ascertain the operating system(s) in use in the environment, including web server and
    web application data where possible.

  3. Issue queries such as Whois, DNS, network, and organizational queries.

  4. Locate existing or potential vulnerabilities or exploits that exist in the current infra-
    structure that may be conducive to launching later attacks.


Why Perform Footprinting?


Footprinting is about gathering information and formulating a hacking strategy. With

proper care you, as the attacking party, may be able to uncover the path of least resistance

into an organization. Passively gathering information is by far the easiest and most effective

method. If done by a skilled, inventive, and curious party (you!), the amount of information

that can be passively gathered is staggering. Expect to obtain information such as:

■ Information about an organization’s security posture and where potential loopholes

may exist. This information will allow for adjustments to the hacking process that

make it more productive.

■ A database that paints a detailed picture with the maximum amount of information

possible about the target.

■ A network map using tools such as the Tracert utility to construct a picture of a tar-

get’s Internet presence or Internet connectivity. Think of the network map as a road-

map leading you to a building; the map gets you there, but you still have to determine

the floor plan of the building.
Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.