The Footprinting Process 93
will notice that they can take a lot of forms, but something they tend to have in common
is a statement of desired skills. This is the important detail that we are looking for. If you
visit a job posting site and find a company that you are targeting, you simply need to inves-
tigate the various postings to see what they are asking for. It is not uncommon to find infor-
mation such as infrastructure data, operating system information, and other useful data.
A quick perusal through job sites such as Monster.com, Dice.com or even Craigslist.com
can prove valuable. This information is essentially free, because there is little investment in
time or effort to obtain it in many cases.
When analyzing job postings, keep an eye out for information such as:
■ Job requirements and experience
■ Employer profile
■ Employee profile
■ Hardware information (this is incredibly common to see in profiles; look for labels
such as Cisco, Microsoft, Juniper, Checkpoint, and others that may include model or
version numbers)■ Software information
Some of the major search engines have an alert system that will keep you apprised of
any updates as they occur. The alert systems allow you to enter a means of contacting you
along with one or more URLs you’re interested in and a time period over which to monitor
them. Search engines such as Google and Yahoo! include this service.
There is a downside, potentially, to using these services: You will have
to register with them to get the information. If you are trying to stay
hidden, this may be a disadvantage. Consider using a different account if
you use these services.Working with E-mail
E-mail is one of the tools that a business relies on today to get its mission done. Without
e-mail many businesses would have serious trouble functioning in anything approaching a
normal manner. The contents of e-mail are staggering and can be extremely valuable to an
attacker looking for more inside information. For a pen tester or an attacker, plenty of tools
exist to work with e-mail.
One tool that is very useful for this purpose is PoliteMail (www.politemail.com), which
is designed to create and track e-mail communication from within Microsoft Outlook.
This utility can prove incredibly useful if you can obtain a list of e-mail addresses from the
target organization. Once you have such a list, you can then send an e-mail to the list that
contains a malicious link. Once the e-mail is opened, PoliteMail will inform you of the
event for each and every individual.
Another utility worth mentioning is WhoReadMe (http://whoreadme.com). This appli-
cation lets you track e-mails and also provides information such as operating system,
browser type, and ActiveX controls installed on the system.