Lecture 5: 1st October 2019 Flashcards
Pentesting: Info gathering
What are the first 3 phases of pentesting?
footprinting, scanning, and enumeration.
What is footprinting aka?
Information gathering
What are some tools you can use for footprinting?
web archive, search engines, NSLookup, whois, social engineering, census/electoral records, etc
What does nmap do?
scans target systems to find their architecture
How can you detect sniffing?
analyze incoming IP connections; many from one IP address are likely to be scanning/sniffing
Why would you want to telnet or SSH into an open port?
You can take root access and manipulate the remote host to accomplish your malicious goals
What does dig do?
Looks up DNS records for a specified domain.
What does NSLookup do?
Looks up DNS records for a specified domain.
What info can be gathered when footprinting?
Contact info, file links, source code, news or press releases, physical locations and bus routes or transport services, personal info, etc
What are some resources which you can use for footprinting?
nmap, ping, host, dig, nslookup, google, Wikipedia, google maps, dsniff, shodan, census sites, web archive
What is footprinting?
Using system calls or simple tools to find out very basic information about users or systems. This is an information-gathering phase for both pentesters and hackers.
What is scanning?
Using automated programs to discover more about the architecture of the target’s systems.
What is enumeration?
The process of extracting user names, machine names, network resources, shares and services from a system, using an active connection, in order to find vulnerabilities.
What is IP sniffing?
The interception and reading of IP packets on a network by a malicious third party.