7/23/2019 IS4560 Lab3

1/2

Lab #3 Assessment Worksheet

Data Gathering and Footprinting on a Targeted Web Site

Course Name and Number: _____________________________________________________

Student Name: ________________________________________________________________

Instructor Name: ______________________________________________________________

Lab Due Date: ________________________________________________________________

Overview

The first phase of hacking is the footprinting phase, which is designed to passively gain

information about a target. In this lab, you performed technical research against three Web

domains using Internet search tools. You collected public domain information about anorganization using the Google search engine to uncover information available on the Internet.Finally, you recorded the information you uncovered in a research paper, describing how this

information can make an organization vulnerable to hackers.

Lab Assessment Questions & Answers

1. What information can you obtain by using the WHOIS tool contained within Sam Spade?

2.

Besides the WHOIS utility covered in this lab, what other functions did you discover are possiblewith the Sam Spade utility?

3. What is the purpose of the tracert command? What useful information does the trace route tool

provide? How can this information be used to attack the targeted website?

4. Is Sam Spade an intrusive tool? What is your perspective on the use of a freeware utility such as

Sam Spade?

5. By its nature, WHOIS information must be publicly available. What do you think companies and

organizations should do with regard to this information?

IS4560

Domain owner, Technical contact names, numbers, addresses, and the names of associated servers(Name,Host ) , Country , time domain was created and updated

Ping, nslookup, Whois, IP Block, Dig, Traceroute, Finger SMTP Verify, Time, Blacklist, IP block , crawl website

It identifies the network path that must be followed to reach one system from another,It provides the names andIP addresses of all intermediate systems and can be used to identify potential intermediate attack points, andcan estimate the geographic location of the server, using the found network paths of all the systems to attack

It is not an intrusive tool. I think these tools are great, they allow any network engineer the oportunity to findvulnerabilities or sensitive information.

Ensure that the public facing information has no affect on the internal structure. Any information given, shouldbe non-revealing. For instance, if the server it reaches is listed, ensure that it is in the DMZ and functions as aproxy, that way the true address is never dislcosed, also user information should be removed along with phone

7/23/2019 IS4560 Lab3

2/2

2

Copyright 2014 by Jones & Bartlett Learning, LLC, an Ascend Learning Company. All rights reserved.

www.jblearning.com Student Lab Manual

6. How can you find out who is the CEO of a company?

7.

What is the goal when trying to use a search engine for data gathering or footprinting?

8. From the basis of the information you uncovered, who are the primary technical contacts for the

apples.com, oranges.com and bananas.com domains?

9. Where do you think the servers are located that host the apples.com, oranges.com and bananas.com

domains? Provide evidence to support your claims.

10.What are the primary IP addresses for DNS servers hosted on the apples.com, oranges.com, and

bananas.com domains?

This can done through a variety of websites where the company and publicly traded information is kept.Reuters, and Hoover are just two that are out there

You are attempting to locate any useful information for a possible exploit. Either through a future socialengineering or phishing scam to a physical breach of the facility, it all begins with the information gathering andmapping/ foot-printing phase

It looks as though they have removed the specific person and it is listed as the domain or the technicaldevelopment team, administrative contact remains

Germany, New York and Washington . It is the location of the web administrators for each site

Apples: 10.20.100.20 Oranges: 192.168.40.9 Bananas: 192.168.3.5