My Blog List

Saturday, October 29, 2011

Footprinting - Attack Methods

Attack Methods





The attacker may choose to source the information from:


* A web page (save it offline, e.g. using offline browser such as Teleport pro


* Yahoo or other directories. (Tifny is a comprehensive search tool for USENET newsgroups.


* Multiple search engines (All-in-One, Dogpile), groups.google.com is a great resource for searching large numbers of news group archives without having to use a tool.


* Using advanced search (e.g. AltaVista),


* Search on publicly trade companies (e.g. EDGAR).


* Dumpster diving (To retrieve documents that have been carelessly disposed)


* Physical access (False ID, temporary/contract employees, unauthorized access etc)

There are four RIRs, each maintaining a whois database holding details of IP address registrations in their regions. The RIR whois databases are located at:

*
ARIN (North America and sub-Saharan Africa)
*
APNIC (Asia Pacific region)
*
LACNIC (Southern and Central America and Caribbean)
*
RIPE NCC (Europe and northern Africa)
Tools
There are tools available to aid a whois lookup. Some of them are Sam Spade (downloadable from www.samspade.org). Smart Whois (downloadable from www.tamos.com). Netscan (downloadable from www.netscantools.com) and GTWhois (Windows XP compatible) (www.geektools.com) etc.

0 comments:

Post a Comment