Https ktt key com ktt cmd logon

Footprinting and Reconnaissance

Module 02

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

Footprinting and Reconnaissance

Module 02

Ethical Hacking and Countermeasures v8 M o dule 02: Footprinting and Reconnaissance

Exam 312-50

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 92

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

Security News PRODUCTSABOUT US

Copyright © by EG-G*ancil. All Rights Reserved. Reproduction is Strictly Prohibited.

N E W S

Facebook a 'treasure trove' of April 1a 2012 Personally Identifiab le Inform ation Facebook contains a "treasure trove" of personally identifiable information that hackers manage to get their hands on. A report by Imperva revealed that users' "general personal information" can often include a date of birth, home address and sometimes mother's maiden name, allowing hackers to access this and other websites and applications and create targeted spearphishing campaigns. It detailed a concept I call "friend-mapping", where an attacker can get further knowledge of a user’s circle of friends; having accessed their account and posing as a trusted friend, they can cause mayhem. This can include requesting the transfer of funds and extortion. Asked why Facebook is so important to hackers, Imperva senior security strategist Noa Bar-Yosef said: "People also add work friends on Facebook so a team leader can be identified and this can lead to corporate data being accessed, project work being discussed openly, while geo-location data can be detailed for military intelligence." "Hacktivism made up 58 per cent of attacks in the Verizon Data Breach Intelligence Report, and they are going after information on Facebook that can be used to humiliate a person. All types of attackers have their own techniques." http://www.scmogazineuk.com

״ Security Newsamps ״־ uii Facebook a ,treasure trove״ of Personally Identifiable

Information Source: http://www.scmagazineuk.com

Facebook contains a "treasure trove" of personally identifiable information that hackers manage to get their hands on.

A report by Imperva revealed that users' "general personal information" can often include a date of birth, home address and sometimes mother's maiden name, allowing hackers to access this and other websites and applications and create targeted spearphishing campaigns.

It detailed a concept I call "friend-mapping", where an attacker can get further knowledge of a user's circle of friends; having accessed their account and posing as a trusted friend, they can cause mayhem. This can include requesting the transfer of funds and extortion.

Asked why Facebook is so important to hackers, Imperva senior security strategist Noa Bar- Yosef said: ״People also add work friends on Facebook so a team leader can be identified and this can lead to corporate data being accessed, project work being discussed openly, while geo- location data can be detailed for military intelligence."

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 93

http://www.scmogazineuk.com
http://www.scmagazineuk.com
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

"Hacktivism made up 58 per cent of attacks in the Verizon Data Breach Intelligence Report, and they are going after information on Facebook that can be used to humiliate a person. All types of attackers have their own techniques."

On how attackers get a password in the first place, Imperva claimed that different keyloggers are used, while phishing kits that create a fake Facebook login page have been seen, and a more primitive method is a brute force attack, where the attacker repeatedly attempts to guess the user's password.

In more extreme cases, a Facebook administrators rights can be accessed. Although it said that this requires more effort on the hacker side and is not as prevalent, it is the "holy grail" of attacks as it provides the hacker with data on all users.

On protection, Bar-Yosef said the roll-out of SSL across the whole website, rather than just at the login page, was effective, but users still needed to opt into this.

By Dan Raywood

http://www.scmagazine.com.au/Feature/265065,digitial-investigations-have-matured.aspx

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 94

http://www.scmagazine.com.au/Feature/265065,digitial-investigations-have-matured.aspx
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

C EHModule Objectives

J Footprinting Terminology J WHOIS Footprinting

J What Is Footprinting? J DNS Footprinting

J Objectives of Footprinting J Network Footprinting

J Footprinting Threats J Footprinting through Social Engineering

W J Footprinting through Social J Website Footprinting Networking Sites J Email Footprinting J Footprinting Tools J Competitive Intelligence J Footprinting Countermeasures J Footprinting Using Google J Footprinting Pen Testing

Copyright © by EC-G*ancil. All Rights Reserved. Reproduction is Strictly Prohibited.

M odule O bjectives This module will make you familiarize with the following:

e Footprinting Terminologies © WHOIS Footprinting

e What Is Footprinting? © DNS Footprinting

© Objectives of Footprinting © Network Footprinting

© Footprinting Threats © Footprinting through Social Engineering

e Footprinting through Search Engines Footprinting through Social©

© Website Footprinting Networking Sites

© Email Footprinting © Footprinting Tools

© Competitive Intelligence © Footprinting Countermeasures

© Footprinting Using Google © Footprinting Pen Testing

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 95

t t

t f

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

M odule Flow Ethical hacking is legal hacking conducted by a penetration tester in order to evaluate

the security of an IT infrastructure with the permission of an organization. The concept of ethical hacking cannot be explained or cannot be performed in a single step; therefore, it has been divided into several steps. Footprinting is the first step in ethical hacking, where an attacker tries to gather information about a target. To help you better understand footprinting, it has been distributed into various sections:

Xj Footprinting Concepts [|EJ Footprinting Tools

Footprinting Threats FootPrint'ng Countermeasures

C J Footprinting Methodology Footprinting Penetration Testing

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 96

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

The Footprinting Concepts section familiarizes you with footprinting, footprinting terminology, why footprinting is necessary, and the objectives of footprinting.

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 97

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

Footprinting Terminology CEH

Active Information Gathering

Gather information through social engineering on-site visits, interviews, and questionnaires

Pseudonymous Footprinting

Collect information that might be published under a different name in an attempt to preserve privacy

Open Source or Passive Information Gathering

Collect information about a target from the publicly accessible sources

Anonymous Footprinting

Gather information from sources where the author of the information cannot

be identified or traced

Internet Footprinting

Collect information about a target from the Internet

Organizational or Private Footprinting

Collect information from an organization's web-based calendar and email services

Copyright © by EC-G*ancil. All Rights Reserved. Reproduction is Strictly Prohibited.

00 - ooo

—00־ Footprinting Term inology Before going deep into the concept, it is important to know the basic terminology

used in footprinting. These terms help you understand the concept of footprinting and its structures.

Open Source or Passive Information Gathering !,n'nVn'nVI

Open source or passive information gathering is the easiest way to collect information about the target organization. It refers to the process of gathering information from the open sources, i.e., publicly available sources. This requires no direct contact with the target organization. Open sources may include newspapers, television, social networking sites, blogs, etc.

Using these, you can gather information such as network boundaries, IP address reachable via the Internet, operating systems, web server software used by the target network, TCP and UDP services in each system, access control mechanisms, system architecture, intrusion detection systems, and so on.

Active Information Gathering In active information gathering, process attackers mainly focus on the employees of

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 98

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

the target organization. Attackers try to extract information from the employees by conducting social engineering: on-site visits, interviews, questionnaires, etc.

This refers to the process of collecting information from sources anonymously so that your efforts cannot be traced back to you.

<— —i Pseudonym ous Footprinting Pseudonymous footprinting refers to the process of collecting information from the

sources that have been published on the Internet but is not directly linked to the author's name. The information may be published under a different name or the author may have a well-established pen name, or the author may be a corporate or government official and be prohibited from posting under his or her original name. Irrespective of the reason for hiding the

Private footprint""ing involves collecting information from an organization's web- based calendar and email services.

| | Internet Footprinting Internet footprinting refers to the process of collecting information of the target

organization's connections to the Internet.

Anonymous Footprinting

author's name, collecting information from such sources is called pseudonymous. r *s • V t 4 THI 4 • 4 •Organizational or Private Footprinting

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 99

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

W hat I s F o o tp rin tin g ? | Footprinting is the process of collecting as much information as possible about a target network, for identifying various ways to intrude into an organization's network system

Process involved in Footprinting a Target

Determine the operating system used, platforms running, web server versions, etc.

© Find vulnerabilities and exploitsfor launching attacks

Collect basic information about the target and its network©

di i iH a a a י ,af

■

Perform techniques such as Whois, DNS, network and organizational queries

Copyright © by EC-G*ancil. All Rights Reserved. Reproduction is Strictly Prohibited.

What Is Footprinting? Footprinting, the first step in ethical hacking, refers to the process of collecting

information about a target network and its environment. Using footprinting you can find various ways to intrude into the target organization's network system. It is considered .methodological" because critical information is sought based on a previous discovery״

Once you begin the footprinting process in a methodological manner, you will obtain the blueprint of the security profile of the target organization. Here the term "blueprint" is used because the result that you get at the end of footprinting refers to the unique system profile of the target organization.

There is no single methodology for footprinting as you can trace information in several routes. However, this activity is important as all crucial information needs to be gathered before you begin hacking. Hence, you should carry out the footprinting precisely and in an organized manner.

You can collect information about the target organization through the means of footprinting in four steps:

1. Collect basic information about the target and its network

2. Determine the operating system used, platforms running, web server versions, etc.

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 100

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

3. Perform techniques such as Whois, DNS, network and organizational queries

4. Find vulnerabilities and exploits for launching attacks

Furthermore, we will discuss how to collect basic information, determine operating system of target computer, platforms running, and web server versions, various methods of footprinting, and how to find and exploit vulnerabilities in detail.

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 101

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

W hy F o o tp rin tin g ? CEH Urti*W itkM l lUckw

Why Footprinting? I'n'n'r'n'n'

For attackers to build a hacking strategy, they need to gather information about the target organization's network, so that they can find the easiest way to break into the organization's security perimeter. As mentioned previously, footprinting is the easiest way to gather information about the target organization; this plays a vital role in the hacking process.

Footprinting helps to:

• Know Security Posture

Performing footprinting on the target organization in a systematic and methodical manner gives the complete profile of the organization's security posture. You can analyze this report to figure out loopholes in the security posture of your target organization and then you can build your hacking plan accordingly.

• Reduce Attack Area

By using a combination of tools and techniques, attackers can take an unknown entity (for example XYZ Organization) and reduce it to a specific range of domain names, network blocks, and individual IP addresses of systems directly connected to the Internet, as well as many other details pertaining to its security posture.

Build Information Database

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 102

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

A detailed footprint provides maximum information about the target organization. Attackers can build their own information database about security weakness of the target organization. This database can then be analyzed to find the easiest way to break into the organization's security perimeter.

• Draw Network Map

Combining footprinting techniques with tools such as Tracert allows the attacker to create network diagrams of the target organization's network presence. This network map represents their understanding of the targets Internet footprint. These network diagrams can guide the attack.

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 103

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

O bjectives of Footprinting CEH

Networking protocols *-׳ 0 VPN Points 0 ACLs 0 IDSes running 0 Analog/digital telephone numbers 0 Authentication mechanisms tf System Enumeration

0 Domain name 0 Internal domain names 0 Network blocks 0 IP addresses of the reachable systems 0 Rogue websites/private websites 0 TCP and UDP services running 0 Access control Mechanisms and ACL's

0 Comments in HTML source code 0 Security policies implemented 0 Web server links relevant to the

organization 0 Background of the organization 0 News articles/press releases

User and group names ג * System banners

System architecture ־ * Remote system type

1 v/1 >־ • Routing tables : SNMP information

• System names : Passwords

0 Employee details 0 Organization's website 0 Company directory 0 Location details 0 Address and phone numbers

O Collect

O Network Information

Collect System

Information

Collect Organization’s

Information

Copyright © by EC-G*ancil. All Rights Reserved. Reproduction is Strictly Prohibited.

O bjectives of Footprinting The major objectives of footprinting include collecting the target's network

information, system information, and the organizational information. By carrying out footprinting at various network levels, you can gain information such as: network blocks, network services and applications, system architecture, intrusion detection systems, specific IP addresses, and access control mechanisms. With footprinting, information such as employee names, phone numbers, contact addresses, designation, and work experience, and so on can also be obtained.

Collect Network Information The network information can be gathered by performing a Whois database analysis,

trace routing, etc. includes:

Q Domain name

Q Internal domain names

Q Network blocks

© IP addresses of the reachable systems

Rogue websites/private websites י-

Ethical Hacking and Countermeasures Copyright © by EC-COUIICil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 104

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

Q TCP and UDP services running © Access control mechanisms and ACLs © Networking protocols © VPN points

Q ACLs 9 IDSes running © Analog/digital telephone numbers © Authentication mechanisms © System enumeration

Collect System Information

Q User and group names

© System banners Q Routing tables Q SNMP information © System architecture © Remote system type Q System names Q Passwords

Collect Organization’s Information

Q Employee details Q Organization's website

Q Company directory Q Location details Q Address and phone numbers Q Comments in HTML source code

Q Security policies implemented Q Web server links relevant to the organization © Background of the organization

U News articles/press releases

Ethical Hacking and Countermeasures Copyright © by EC-COUIlCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 105

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

M odule Flow So far, we discussed footprinting concepts, and now we will discuss the threats

associated with footprinting:

ף Footprinting Concepts Footprinting Tools

o Footprinting Threats ר Footprinting Countermeasures

C L ) Footprinting Methodology xi Footprinting Penetration Testing ר * ?

The Footprinting Threats section familiarizes you with the threats associated with footprinting such as social engineering, system and network attacks, corporate espionage, etc.

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 106

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

Business

Footprinting Threats

J Attackers gather valuable system and network information such as account details, operating system and installed applications, network components, server names, database schema details, etc. from footprinting techniques

Types off Threats

Information Privacy Corporate Leakage Loss Espionage LossJ.J

Copyright © by EG-G*ancil. All Rights Reserved. Reproduction is Strictly Prohibited.

Footprinting Threats -ם0ם-

As discussed previously, attackers perform footprinting as the first step in an attempt to hack a target organization. In the footprinting phase, attackers try to collect valuable system- level information such as account details, operating system and other software versions, server names, and database schema details that will be useful in the hacking process.

The following are various threats due to footprinting:

Social Engineering Without using any intrusion methods, hackers directly and indirectly collect

information through persuasion and various other means. Here, crucial information is gathered by the hackers through employees without their consent.

System and Network Attacks © J

Footprinting helps an attacker to perform system and network attacks. Through footprinting, attackers can gather information related to the target organization's system configuration, operating system running on the machine, and so on. Using this information, attackers can find the vulnerabilities present in the target system and then can exploit those

Module 02 Page 107 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

vulnerabilities. Thus, attackers can take control over a target system. Similarly, attackers can also take control over the entire network.

&pa», Information Leakage L 3 3 Information leakage can be a great threat to any organization and is often overlooked. If sensitive organizational information falls into the hands of attackers, then they can build an attack plan based on the information, or use it for monetary benefits.

G P Privacy L o s s יי—׳ With the help of footprinting, hackers are able to access the systems and networks of

the company and even escalate the privileges up to admin levels. Whatever privacy was maintained by the company is completely lost.

Corporate Espionage Corporate espionage is one of the major threats to companies as competitors can spy

and attempt to steal sensitive data through footprinting. Due to this type of espionage, competitors are able to launch similar products in the market, affecting the market position of a company.

Business Loss Footprinting has a major effect on businesses such as online businesses and other

ecommerce websites, banking and financial related businesses, etc. Billions of dollars are lost every year due to malicious attacks by hackers.

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 108

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

M odule Flow Now that you are familiar with footprinting concepts and threats, we will discuss the

footprinting methodology.

The footprinting methodology section discusses various techniques used to collect information about the target organization from different sources.

x Footprinting Concepts Footprinting Tools ן־דיןן

Footprinting Threats Footprinting Countermeasures

G O Footprinting Methodology v! Footprinting Penetration Testing

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 109

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

EHFootprinting Methodology

WHOIS Footprinting

DNS Footprinting

Network Footprinting

Footprinting through Social Engineering

Footprinting through Social Networking Sites

Footprinting through Search Engines

Website Footprinting

Email Footprinting

Competitive Intelligence

Footprinting using Google

Copyright © by EG-G*ancil. All Rights Reserved. Reproduction is Strictly Prohibited.

I— ^ Footprinting M ethodology The footprinting methodology is a procedural way of collecting information about a

target organization from all available sources. It deals with gathering information about a target organization, determining URL, location, establishment details, number of employees, the specific range of domain names, and contact information. This information can be gathered from various sources such as search engines, Whois databases, etc.

Search engines are the main information sources where you can find valuable information about your target organization. Therefore, first we will discuss footprinting through search engines. Here we are going to discuss how and what information we can collect through search engines.

Examples of search engines include: www.google.com,www.yahoo.com,www.bing.com

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 110

http://www.bing.com
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

Footprinting through Search Engines

Microsoft ■»0aMus •»»!*•>>** •rcicspthi Mciim* Cxivxaco MC.rr 1 nm Anmw MCDMT zerperator

nd P»> b u r* , Ajn 4 1V: Mem* n th■ Microsoft

i 1m:am iiwm 1ywV '׳« •tnnn̂ r •-••אי *an

s* יי

Footprinting through Search Engines w , --

A web search engine is designed to search for information on the World Wide Web. The search results are generally presented in a line of results often referred to as search engine results pages (SERPs). In the present world, many search engines allow you to extract a target organization's information such as technology platforms, employee details, login pages, intranet portals, and so on. Using this information, an attacker may build a hacking strategy to break into the target organization's network and may carry out other types of advanced system attacks. A Google search could reveal submissions to forums by security personnel that reveal brands of firewalls or antivirus software in use at the target. Sometimes even network diagrams are found that can guide an attack.

If you want to footprint the target organization, for example XYZ pvt ltd, then type XYZ pvt ltd in the Search box of the search engine and press Enter. This will display all the search results containing the keywords "XYZ pvt ltd." You can even narrow down the results by adding a specific keyword while searching. Furthermore, we will discuss other footprinting techniques such as website footprinting and email Footprinting.

For example, consider an organization, perhaps Microsoft. Type Microsoft in the Search box of a search engine and press Enter; this will display all the results containing information about Microsoft. Browsing the results may provide critical information such as physical location,

Attackers use search engines to extract information about a target such as technology platforms, employee details, login pages, intranet portals, etc. which helps in performing social engineering and other types of advanced system attacks

J Search engine cache may provide sensitive information that has been removed from the World Wide Web (WWW)

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 111

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

contact address, the services offered, number of employees, etc. that may prove to be a valuable source for hacking.

O © wcbcachc.googleusercontent.com scarch?q-cache:ARbFVg INvoJ:en. wikipcdia.org/wiki/Micn & ,ן|

This i3 Google's cache of http i / e n wikipedia 0rgAviki/Microsoft t is a snapshot of the page as it appeared on 17 Jul 2012 13:15:03 GMT The current page could have changed in the meantirre Learn more

Text-only /ersicn

Create account & Log in

Read View source View history

Microsoft W־N 122‘74242״55 22*38'47 -

M icrosort c o rp o ra tio n

Microsoft׳ Type Rjblc

Traded as NASDAQ: MSFT ̂ SEHK: 4333 (£> Cow Jones Industrial Average component NASDAQ-100 component S&P50D component

Induttry Computer tofiwar• Onlir• t#rvic♦• Video gorroo

Founded Albuquerque, New Mexico, United States (April 4,1975)

Founder(•) Bill Gates, Paul Alien

Headquarters Microsoft Redmond Campts,

From Wikipedia. the free encyclopedia

Microsoft Corporation (NASDAQ: MSFTt? ) is ar American multinational corporation headquartered n ReJrrond. Washington. United States that develops, manufactures licenses, and supports a wide range cf products and services rolatod to computing. Tho company was foundoc by Bill Gatos and Paul Allen on Apr J 4. 1975. Microsoft is the world's largest software corporation measured by revenues Microsoft was established to develop and sell BASC inteipieteis foi the Altai! 8800 It rose to dominate the home computer operating system market wth MS-OOS n the mid• 1980s followed by the Microsoft Wndows line of operating systems The company’s 1986 initial public oferng. and subsequent rise in the share price, created ar estimated three billionaires and 12.000 millionaires from Microsoft employees Since the 1990s. the company has increasingly d1\ersrf1ed from the operating system market. In May 2011 Microsoft acquired Skype for $8 5 billion in its largest acquisition to date PI

Main page Contents Featured content Current events Random article Donate to vviKipeaia

Interaction Help About Wikipedia Community portal Recent changes Contact Wikipedia

► Print/export

▼ Languages

FIGURE 2.1: Screenshot showing information about Microsoft

As an ethical hacker, if you find any sensitive information of your company in the search engine result pages, you should remove that information. Although you remove the sensitive information, it may still be available in a search engine cache. Therefore, you should also check the search engine cache to ensure that the sensitive data is removed permanently.

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 112

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

CEHFinding Company’s External and Internal URLs

Tools to Search Internal URLs

5 http://news.netcraft.com 6 http://www.webmaster-a.com/

link-extractor-internal.php

A

Internal URL’s of m icrosoft.com

f j ^ ,

t) support.microsoft.com e office.microsoft.com s search.microsoft.com 0 msdn.microsoft.com O update.microsoft.com 6 technet.microsoft.com 0 windows.microsoft.com

Search for the target company's external URL in a search engine such as Google or Bing

Internal URLs provide an insight into different departments and business units in an organization

You may find an internal company's URL by trial and error method

Copyright © by EG-G(IIIICil. All Rights Reserved. Reproduction is Strictly Prohibited.

Finding Com pany’s External and Internal URLs A company's external and internal URLs provide a lot of useful information to the

attacker. These URLs describe the company and provide details such as the company mission and vision, history, products or services offered, etc. The URL that is used outside the corporate network for accessing the company's vault server via a firewall is called an external URL. It links directly to the company's external web page. The target company's external URL can be determined with the help of search engines such as Google or Bing.

If you want to find the external URL of a company, follow these steps:

1. Open any of the search engines, such as Google or Bing.

2. Type the name of the target company in the Search box and press Enter.

The internal URL is used for accessing the company's vault server directly inside the corporate network. The internal URL helps to access the internal functions of a company. Most companies use common formats for internal URLs. Therefore, if you know the external URL of a company, you can predict an internal URL through trial and error. These internal URLs provide insight into different departments and business units in an organization. You can also find the internal URLs of an organization using tools such as netcraft.

Tools to Search Internal URLs

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 113

http://news.netcraft.com
http://www.webmaster-a.com/
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

Netcraft Source: http://news.netcraft.com

Netcraft deals with web server, web hosting market-share analysis, and operating system detection. It provides free anti-phishing toolbar (Net craft toolbar) for Firefox as well as Internet Explorer browsers. The netcraft toolbar avoids phishing attacks and protects the Internet users from fraudsters. It checks the risk rate as well as the hosting location of the websites we visit.

Link Extractor Source: http://www.webmaster-a.com/link-extractor-internal.php

Link Extractor is a link extraction utility that allows you to choose between external and internal URLs, and will return a plain list of URLs linked to or an html list. You can use this utility to competitor sites.

Examples of internal URLs of microsoft.com:

© support.microsoft.com

© office.microsoft.com

© search.microsoft.com

© msdn.microsoft.com

© update.microsoft.com

© technet.microsoft.com

© windows.microsoft.com

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 114

http://news.netcraft.com
http://www.webmaster-a.com/link-extractor-internal.php
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

CEH Urt1fw4 ilh iul lUtbM

Public and R estricted W ebsites

http://answers.microsoft.comhttp://offlce.microsoft.com

Restricted Website

Copyright © by EG-G(IIIICil. All Rights Reserved. Reproduction is Strictly Prohibited.

Public and Restricted W ebsites —___ , A public website is a website designed to show the presence of an organization on the

Internet. It is designed to attract customers and partners. It contains information such as company history, services and products, and contact information of the organization.

The following screenshot is an example of a public website:

Source: http://www.microsoft.com

h ttp ://w w w .m ic ro s o ft.c o m

Public Website

Welcome to Microsoft Irocua Dt+noaSz Sicuity Stifpcrt Su

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 115

http://answers.microsoft.com
http://offlce.microsoft.com
http://www.microsoft.com
http://www.microsoft.com
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

FIGURE 2.2: An example of public website

A restricted website is a website that is available to only a few people. The people may be employees of an organization, members of a department, etc. Restrictions can be applied based on the IP number, domain or subnet, username, and password. Restricted or private websites of microsoft.com include: http://technet.microsoft.com, http://windows.microsoft.com, http://office.microsoft.com, and http://answers.microsoft.com.

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 116

http://technet.microsoft.com
http://windows.microsoft.com
http://office.microsoft.com
http://answers.microsoft.com
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

C ־4 Hc*w*OT*

Microsoft | TechNet

W1*• lM«»l .<*<»%

I TKMCINfMS IVMUAIIOM fVINIl U*VKTU*I% IKHMlMkOC

Discover the New Office for IT Prc

|(«4a> tNc«r iecK ewr Shw1»ew1 » 1 >•

I Tc<»C«mer Ntw Office 10* IT *tot IW ftM T tMfmqt 2011 *o I

EZESZ1

NBOUn lunott ■WACtt U V fjm OOMQW

Welcome to Office

F - .

ML i with Office 365

FIGURE 2.3: Examples of Public and Restricted websites

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 117

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

Collect Location Information CEH

Use Google Earth tool to get the location of the place

Collect Location Information Information such as physical location of the organization plays a vital role in the

hacking process. This information can be obtained using the footprinting technique. In addition to physical location, we can also collect information such as surrounding public Wi-Fi hotspots that may prove to be a way to break into the target organization's network.

Attackers with the knowledge of a target organization's location may attempt dumpster diving, surveillance, social engineering, and other non-technical attacks to gather much more information about the target organization. Once the location of the target is known, detailed satellite images of the location can be obtained using various sources available on the Internet such as http://www.google.com/earth and https://maps.google.com. Attackers can use this information to gain unauthorized access to buildings, wired and wireless networks, systems, and so on.

Example: earth.google.com

Google Earth is a valuable tool for hacking that allows you to find a location, point, and zoom into that location to explore. You can even access 3D images that depict most of the Earth in high-resolution detail.

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 118

http://www.google.com/earth
https://maps.google.com
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

* Pldcwe * יג*י U, PI0C63

C ט far per ar/Phces

* Liytit S 0 Je Q«>flr«wr1 cvyec

OS fto•* 5 O BuMngo

t£ '* :troct >‘osv * H r B c r l n

□ Q ►011c י ם o ־׳־** * 5. 0 0fll»׳v • □v >WC«1 Awirviwvi & D t Ftaeeeofiwrroitי סם Mo•B fcffim

FIGURE 2.4: Google Earth showing location

Example: maps.google.com

Google Maps provides a Street View feature that provides you with a series of images of building, as well as its surroundings, including WI-FI networks. Attackers may use Google Maps to find or locate entrances to buildings, security cameras, gates, places to hide, weak spots in perimeter fences, and utility resources like electricity connections, to measure distance between different objects, etc.

=ssa .» \ lC fi https' maps.google.fc.־

•You Starch Imago* Mall Oocuinonl• Calondai Shot ConUctt Map•

Google

G«t ArtcM**• My piac•! A oo <

Om Okxh S**fchn#*fby S*v»lom*p mor*»

*•port • P0C4«m . u«c* L*M • H«lp Ooogi• u«e* ■ •Mi: 00««1• r«m1 01 um • * *♦יי

FIGURE 2.5: Google Maps showing a Street View

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 119

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

C EHP eo p le S ea rch

The people search returns the following information about a person:

“ Residential addresses and email addresses S Contact numbers and date of birth S Photos and social networking profiles £ Blog URLs S Satellite pictures of private residencies

http://www.spokeo.com

Information about an individual can be found at various people search websites

frfi

P‘P*

! i s , K ttje O. I* tan CA. U» .we* •«*•■<* U!;2״

http://pipl.com

Copyright © by EG-C*ancil. All Rights Reserved. Reproduction is Strictly Prohibited.

People Search You can use the public record websites to find information about people's email

addresses, phone numbers, house addresses, and other information. Using this information you can try to obtain bank details, credit card details, mobile numbers, past history, etc. There are many people search online services available that help find people, http://pipl.com and http://www.spokeo.com are examples of people search services that allow you to search for the people with their name, email, username, phone, or address.

These people search services may provide information such as:

Q Residential addresses and email addresses

O Contact numbers and date of birth

Q Photos and social networking profiles

© Blog URLs

© Satellite pictures of private residences

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 120

http://www.spokeo.com
http://pipl.com
http://pipl.com
http://www.spokeo.com
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 121

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

P eople Search O nline S erv ices CEH

123 People Search h ttp ://w w w . 12 3people, com

PeekYou http ://ww w.peekyou. comC

Intelius http ://ww w.inte lius.com

PeopleSmart http ://ww w.peoplesm art. com& WhitePages

m o • I P http://www.whitepages.comV/ >—J

M Zaba Searchhttp://www.zabasearch.com

M % Zoomlnfo http ://ww w.zoom info . com

Wink People Search http ://w ink.com

AnyWho http://www.anywho.com

People Lookup S® https://www.peoplelookup.com

Copyright © by EG-G(IIIICil. All Rights Reserved. Reproduction is Strictly Prohibited.

.3;► People Search Online Services — At present, many Internet users are using people search engines to find information ׳׳

about other people. Most often people search engines provide people's names, addresses, and contact details. Some people search engines may also reveal the type of work an individual does, businesses owned by a person, contact numbers, company email addresses, mobile numbers, fax numbers, dates of birth, personal -mail addresses, etc. This information proves to be highly beneficial for attackers to launch attacks.

Some of the people search engines are listed as follows:

Zaba Search Source: http://www.zabasearch.com

Zaba Search is a people search engine that provides information such as address, phone number, current location, etc. of people in the US. It allows you to search for people by their name.

Zoomlnfo Source: http://www.zoominfo.com

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 122

http://www
http://www.peekyou
http://www.intelius.com
http://www.peoplesmart
http://www.whitepages.com
http://www.zabasearch.com
http://www.zoominfo
http://wink.com
http://www.anywho.com
https://www.peoplelookup.com
http://www.zabasearch.com
http://www.zoominfo.com
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

Zoom Info is a business people directory using which you can find business contacts, people's professional profiles, biographies, work histories, affiliations, links to employee profiles with verified contact information, and more.

Wink People Search .E צ_ו

Source: http://wink.com

Wink People Search is a people search engine that provides information about people by name and location. It gives phone number, address, websites, photos, work, school, etc.

״ AnyWho Source: http://www.anywho.com

AnyWho is a website that helps you find information about people, their businesses, and their locations online. With the help of a phone number, you can get all the details of an individual.

People Lookup Source: https://www.peoplelookup.com

People Lookup is a people search engine that allows you to find, locate, and then connect with people. It also allows you to look up a phone number, search for cell numbers, find an address or phone number, and search for people in the US. This database uses information from public records.

123 People Search Source: http://www.123people.com

123 People Search is a people search tool that allows you to find information such as public records, phone numbers, addresses, images, videos, and email addresses.

PeekYou Source: http://www.peekyou.com

PeekYou is a people search engine that allows you to search for profiles and contact information of people in India and cities' top employers and schools. It allows you to search for the people with their names or usernames.

Intelius Source: http://www.intelius.com

Intelius is a public records business that provides information services. It allows you to search for the people in US with their name, address, phone number, or email address.

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 123

http://wink.com
http://www.anywho.com
https://www.peoplelookup.com
http://www.123people.com
http://www.peekyou.com
http://www.intelius.com
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

PeopleSmart Source: http://www.peoplesmart.com

People Smart is a people search service that allows you to find people's work information with their name, city, and state. In addition, it allows you to perform reverse phone lookups, email searches, searches by address, and county searches.

Module 02 Page 124 Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

http://www.peoplesmart.com
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

W hitePages Source: http://www.whitepages.com

WhitePages is a people search engine that provides information about people by name and location. Using the phone number, you can find the person's address.

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 125

http://www.whitepages.com
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

CEHPeople Search on Social Networking Services

h ttp ://w w w . I inked in. com

Google♦ f t R30er Feoerer

r

nirtKtnn llweMfjailtofeiledewlwpeiewlkw

!3a׳■ י- » i *־ i n s

h ttps ://p lus, google, com

http ://ww w.facebook. com

h ttp ://tw itte r.com

Copyright © by EG-G(IIIICil. All Rights Reserved. Reproduction is Strictly Prohibited.

People Search on Social Networking Services Searching for people on social networking websites is easy. Social networking services

are the online services, platforms, or sites that focus on facilitating the building of social networks or social relations among people. These websites provide information that is provided by users. Here, people are directly or indirectly related to each other by common interest, work location, or educational communities, etc.

Social networking sites allow people to share information quickly and effectively as these sites are updated in real time. It allows updating facts about upcoming or current events, recent announcements and invitations, and so on. Therefore, social networking sites prove to be a great platform for searching people and their related information. Through people searching on social networking services, you can gather critical information that will be helpful in performing social engineering or other kinds of attacks.

Many social networking sites allow visitors to search for people without registration; this makes people searching on social networking sites an easy task for you. You can search a person using name, email, or address. Some sites allow you to check whether an account is currently in use or not. This allows you to check the status of the person you are looking for.

Some of social networking services are as follows:

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 126

http://www
http://www.facebook
http://twitter.com
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

Facebook Source: http://www.facebook.com

Facebook allows you to search for people, their friends, colleagues, and people living around them and others with whom they are affiliated. In addition, you can also find their professional information such as their company or business, current location, phone number, email ID, photos, videos, etc. It allows you to search for people by username or email address.

Sear<* for people, places and tvig i□facebook Carmen f lectra About *

A na*

Carman *roto a bock. >to* toBaSaxv'wfvtftwat oubkihad by Random noma In +* book Carman convayi tm ascW irdifM ndngifontlnw M lfaN cor•

a•״ Carman * aiao the *ace of Ma* factor ,a brand that W t J aknoat 100 yaari ago and • •nwadataJY Mad to

aod1 י»י« moat baauHU facaa. Carman • par mm»10»1׳< .$•• . Mai factor *eahset her m Tv and pm

FIGURE 2.7: Facebook a social networking service to search for people across the world

Linkedln 1 J Source: http://www.linkedin.com

Linkedln is a social networking website for professional people. It allows you to find people by name, keyword, company, school, etc. Searching for people on Linkedln gives you information such as name, designation, name of company, current location, and education qualifications, but to use Linkedln you need to be registered with the site.

Twitter Source: http://twitter.com

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 127

http://www.facebook.com
http://www.linkedin.com
http://twitter.com
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

Twitter is a social networking service that allows people to send and read text messages (tweets). Even unregistered users can read tweets on this site.

FIGURE 2.9: Twitter screenshot

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 128

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

Google+ Source: https://plus.google.com

Google+ is a social networking site that aims to make sharing on the web more like sharing in real life. You can grab a lot of useful information about users from this site and use it to hack their systems.

FIGURE 2.10: Google+ screenshot

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 129

https://plus.google.com
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

CEHGather Information from Financial Services

Copyright © by EG-G*ancil. All Rights Reserved. Reproduction is Strictly Prohibited.

Gather Information from Financial Services (>̂ j

Financial services such as Google Finance, Yahoo! Finance, and so on provide a lot of useful information such as the market value of a company's shares, company profile, competitor details, etc. The information offered varies from one service to the next. In order to avail themselves of services such as e-mail alerts and phone alerts, users need to register on the financial services. This gives an opportunity for an attacker to grab useful information for hacking.

Many financial firms rely on web access, performing transactions, and user access to their accounts. Attackers can obtain sensitive and private information of users using information theft, key loggers, etc. Attackers can even grab this information by implementing cybercrimes, and exploit it with the help of non-vulnerable threats (software design flaw example; breaking authentication mechanism).

The following are some of non-vulnerable threats:

Q Service flooding

Brute force attack

S Phishing

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 130

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

FIGURE 2.11: Examples of financial services website for gathering information

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 131

Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

CEH Urtifwl ilhiul lUtbM

Footprinting through Job Sites

Look for these:

e Job requirements

6 Employee's profile A C © Hardware information £ H | © Software information

Exam ples of Job W ebsites » http://www.monster.com

« http://www.careerbuilder.com

« http://www.dice.com *

http://www.simplyhired.com ^

© http://www.indeed.com

© http://www.usajobs.gov

You can gather company's infrastructure details from job postings

position larorauTio■ Wr04 town niciK*

En:e־p 3« Applicators EngincerfCBA

Aboa Us־ Sanre ISfti. t * War J k B»c\v» Faraiy c£ ( nnpjwt h».־r h«t>rornuylmc bowmt toinlntp’-l'adin( *slutkm in even *wt of andlwrwflft

tvHikuk *vl fwrir* v t t arr>^< »c th* tcol< mvl tci-hiolosr' rtjtfhWp fcffli Fxrflm־r '

Wt eitaxi ths1aoe fe\el of service !0 our no* ■*witm* aisrt otr uivktuv V { otf« 0 inprttT. r taanrt and benefits, but out tbrtiztli it on timh iltuf We fosta• 1 cisual but h*d uoriar.fi mwcnrxctt. ottmizt fin

pati weafcepnfe apraantngticniwtha1

C0N1AU IMOMMAIMI

•AwnW ml for c ;ipmciLt *th. juJ *Haig wmU^ U n w u f NOciuvjH SQL 2303 aul :0)8 I 201) 1ucM î1« lyxcai. WiumA 5>Va1rP.«1. MkicxA CRM dul NLliomA SCOM Mu* 1״».c

Pj dc* C • aui Pov»c1 SbcB *.1 Iftiikj ■.!*» ladw■( mid Ndwuik iifiawaluc l>c>l co ״ ״. c'iocjcb. SQL etc xvl cr MCTS, MCSE ■a-Jido itgpcc ■1 Compute! Siiaicc u Network ttn—n; or

Copyright © by EG-Gtlincil. All Rights Reserved. Reproduction is Strictly Prohibited.

Footprinting through Job Sites Attackers can gather valuable information about the operating system, software

versions, company's infrastructure details, and database schema of an organization, through footprinting various job sites using different techniques. Depending upon the posted requirements for job openings, attackers may be able to study the hardware, network-related information, and technologies used by the company. Most of the company's websites have a key employees list with their email addresses. This information may prove to be beneficial for an attacker. For example, if a company wants to hire a person for a Network Administration job, it posts the requirements related to that position.

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 132

http://www.monster.com
http://www.careerbuilder.com
http://www.dice.com
http://www.simplyhired.com
http://www.indeed.com
http://www.usajobs.gov
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

Network Administrator. Active Directory CIW*. Euhange

Design and vnpiemort Ik Iv k iI ukAooi on N ,gitfgiT.te « g — >_____________ Support fusing VWndows tmtaitucljrf VM OrtctofY 2003. SMS. SUS. C1»« SOL Sew. SOL Clusters. Ewhange 55. Eahange 2003. vn war*, vertas backip i0*wir«. h court and M«n securty. Master Recwery wivkm. RMO technologies. and FOrt̂ AN <*s* KMlorU■__________________

MD 17123M546706 42319173004

Boca Raton. FL 33417 J06 Mjfin IT/Sofcare Devolopmert

• 5 or more years espenence *wttig מ IT *nplemerAng and sgppodngiglobalbusntss

> Pnor nponorxt r supportng a global WladM l ttftW and Doma* tofrastoxture

Ê י mmik( ■npltfnonlng and supposing VM Dwlwy. Cfttr Metalrafne. SOL Server. SOL Cluster. DNS. DHCP. WHS. and Etthange 2003 m an Enterprise ecMronmert

VKy strong systems towweshoolng sMs י Eipenence m prowfcng 24-hour support to a gktoai erterpnse י

as part of an orvcal rotaton • Edectwe interpersonal sloiswdhfieabrtor to be persuasae • Otttf stalls Bulling Elect*■* Teams, Acton Onerted Peer

RtlaftonsMps, Customer Focus. Pnor% Setng, ProWwi SoMng, and Business Acumen1 Bachelor***•* Degree or equwalerteipenence

MCSE (2003) certtcafton a plus. Cdra Certtcafton a plus י

facebookE

FIGURE 2.12: Gathering information through Job websites

Usually attackers look for the following information:

• Job requirements

• Employee's profile

• Hardware information

• Software information

Examples of job websites include:

Q http //www. monster.com

Q http //www.careerbu ilder.com

S http //www.dice.com

a- ׳

4- ׳

4-CCD //www.simplvhired.com

S http //www.indeed.com

Q http //www. usajobs.gov

Ethical Hacking and Countermeasures Copyright © by EC-C0UnCil All Rights Reserved. Reproduction is Strictly Prohibited.

Module 02 Page 133

http://www.careerbu
http://www.dice.com
http://www.simplvhired.com
http://www.indeed.com
Exam 312-50 Certified Ethical HackerEthical Hacking and Countermeasures Footprinting and Reconnaissance

Monitoring Target Using Alerts C EH

Examples of Alert ServicesAlerts are the content monitoring services that provide up-to-date information based

Monitoring Targets Using Alerts “ Alerts are the content monitoring services that provide automated up-to-date

information based on your preference, usually via email or SMS. In order to get alerts, you need to register on the website and you should submit either an email or phone number to the service. Attackers can gather this sensitive information from the alert services and use it for further processing of an attack.

I^jl Google Alerts Source: http://www.google.com/alerts