You’ve gathered a lot of information up to this point. Now it’s
time to start exploring the target system more closely with the
intention of using that information to hack into the system.A Quick Review
Let’s take a brief look back at our previous phases to see what types of information you
have collected and how it carries forward to each step up to this point.
Footprinting
Footprinting—gathering as much information as you possibly can about your target—is
your first step. You are looking for information pertaining to the whole organization—
technology, people, policies, facilities, networks, and other useful information. Footprinting
helps you create a profile that can be used for later stages of your attack as well as plan a
defensive strategy for future use.
Information that you have gathered during this phase may include:
■ IP address ranges
■ Namespaces
■ Employee information
■ Phone numbers
■ Facility information
■ Job information
During your exploration you’ve likely found that a significant amount of data can be
acquired from various sources both common and uncommon.
Scanning
The next phase, scanning, is focused on gathering information from a network with the
intention of locating active hosts. You identify hosts for the purpose of attack and for mak-
ing security assessments as needed. You expect to find information about target systems
over the Internet by using public IP addresses. In addition to addresses, you try to gather
information about services running on each host.