96 Chapter 4 ■ Footprinting and Reconnaissance
A couple of things to note when using these advanced operators are fre-
quency and number of keywords. First, be careful of how many times you
use the operators in a short period of time as Google can shut down que-
ries using these advanced operators if too many appear in a short period
of time. Second, keep in mind that there are many more keywords than I
can cover here, including filetype.Try using these Google hacks only after you have done some initial reconnaissance. The
reasoning here is that after you have some initial information about a target from your more
general investigation, you can then use a targeted approach based on what you have learned.To fully appreciate the power of Google hacking, practice on your own,
trying different combinations and variations of the commands mentioned
here. That way, you become familiar with the results they are capable of
providing and how each works.Gaining Network Information
An important step in footprinting is to gain information, where possible, about a target’s
network. Fortunately there are plenty of tools available for this purpose, many of which
you may already be familiar with.Whois This utility helps you gain information about a domain name, including ownership
information, IP information, netblock data, and other information where available. The
utility is freely available in Linux and Unix and must be downloaded as a third-party add-
on for Windows.Tracert This utility is designed to follow the path of traffic from one point to another,
including intermediate points in between. The utility provides information on the relative
performance and latency between hops. Such information can be useful if a specific victim
is targeted because it may reveal network information such as server names and related
details. The utility is freely available for all OSs.If you have a hard time visualizing the command-line aspect of Tracert,
there are many graphical tools available that perform the same function
and more. Some of the visual tools for Tracert can even display a map
showing the path of the traffic as well as detailed Whois information for
each point or hop the traffic takes.Social Engineering: The Art of Hacking Humans
Inside the system and working with it is the human being, which is frequently the easiest
component to hack. Human beings tend to be, on average, fairly easy to obtain information
from. Although Chapter 10, “Social Engineering,” delves into this topic in greater depth,