IS4560 Lab3
Transcript of IS4560 Lab3
-
7/23/2019 IS4560 Lab3
1/2
Lab #3 Assessment Worksheet
Data Gathering and Footprinting on a Targeted Web Site
Course Name and Number: _____________________________________________________
Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
Overview
The first phase of hacking is the footprinting phase, which is designed to passively gain
information about a target. In this lab, you performed technical research against three Web
domains using Internet search tools. You collected public domain information about anorganization using the Google search engine to uncover information available on the Internet.Finally, you recorded the information you uncovered in a research paper, describing how this
information can make an organization vulnerable to hackers.
Lab Assessment Questions & Answers
1. What information can you obtain by using the WHOIS tool contained within Sam Spade?
2.
Besides the WHOIS utility covered in this lab, what other functions did you discover are possiblewith the Sam Spade utility?
3. What is the purpose of the tracert command? What useful information does the trace route tool
provide? How can this information be used to attack the targeted website?
4. Is Sam Spade an intrusive tool? What is your perspective on the use of a freeware utility such as
Sam Spade?
5. By its nature, WHOIS information must be publicly available. What do you think companies and
organizations should do with regard to this information?
IS4560
Domain owner, Technical contact names, numbers, addresses, and the names of associated servers(Name,Host ) , Country , time domain was created and updated
Ping, nslookup, Whois, IP Block, Dig, Traceroute, Finger SMTP Verify, Time, Blacklist, IP block , crawl website
It identifies the network path that must be followed to reach one system from another,It provides the names andIP addresses of all intermediate systems and can be used to identify potential intermediate attack points, andcan estimate the geographic location of the server, using the found network paths of all the systems to attack
It is not an intrusive tool. I think these tools are great, they allow any network engineer the oportunity to findvulnerabilities or sensitive information.
Ensure that the public facing information has no affect on the internal structure. Any information given, shouldbe non-revealing. For instance, if the server it reaches is listed, ensure that it is in the DMZ and functions as aproxy, that way the true address is never dislcosed, also user information should be removed along with phone
-
7/23/2019 IS4560 Lab3
2/2
2
Copyright 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.
www.jblearning.com Student Lab Manual
6. How can you find out who is the CEO of a company?
7.
What is the goal when trying to use a search engine for data gathering or footprinting?
8. From the basis of the information you uncovered, who are the primary technical contacts for the
apples.com, oranges.com and bananas.com domains?
9. Where do you think the servers are located that host the apples.com, oranges.com and bananas.com
domains? Provide evidence to support your claims.
10.What are the primary IP addresses for DNS servers hosted on the apples.com, oranges.com, and
bananas.com domains?
This can done through a variety of websites where the company and publicly traded information is kept.Reuters, and Hoover are just two that are out there
You are attempting to locate any useful information for a possible exploit. Either through a future socialengineering or phishing scam to a physical breach of the facility, it all begins with the information gathering andmapping/ foot-printing phase
It looks as though they have removed the specific person and it is listed as the domain or the technicaldevelopment team, administrative contact remains
Germany, New York and Washington . It is the location of the web administrators for each site
Apples: 10.20.100.20 Oranges: 192.168.40.9 Bananas: 192.168.3.5