WHAT IS FOOTPRINTING?
👣WHAT IS FOOTPRINTING?👣
The systematic and methodical footprinting of an organization enables attackers to create
a near complete profile of an organization’s security posture. Using a combination of
tools and techniques coupled with a healthy dose of patience and mind-melding,
attackers can take an unknown entity and reduce it to a specific range of domain names,
network blocks, subnets, routers, and individual IP addresses of systems directly
connected to the Internet, as well as many other details pertaining to its security posture.
Although there are many types of footprinting techniques, they are primarily aimed at
discovering information related to the following environments: Internet, intranet, remote
access, and extranet. Table 1-1 lists these environments and the critical information an
attacker will try to identify.
👣WHY IS FOOTPRINTING NECESSARY?
Footprinting is necessary for one basic reason: it gives you a picture of what the hacker
sees. And if you know what the hacker sees, you know what potential security exposures
you have in your environment. And when you know what exposures you have, you
know how to prevent exploitation.
Hackers are very good at one thing: getting inside your head, and you don’t even know
it. They are systematic and methodical in gathering all pieces of information related to
the technologies used in your environment. Without a sound methodology for performing
this type of reconnaissance yourself, you are likely to miss key pieces of information
related to a specific technology or organization—but trust me, the hacker won’t.
Be forewarned, however, footprinting is often the most arduous task of trying to
determine the security posture of an entity; and it tends to be the most boring for freshly
minted security professionals eager to cut their teeth on some test hacking. However,
footprinting is one of the most important steps and it must be performed accurately and
in a controlled fashion.
I will post on "how to perform footprinting" so stay tunned
Comments
Post a Comment