Footprinting
- The information-gathering steps of footprinting and scanning are of utmost importance. Good information gathering can make the difference between a successful pen test and one that has failed to provide maximum benefit to the client.
- The wayback machine located at www.archive.org can be used to browse archived web pages dating back to 1996. It's a useful tool for looking for information no longer on a site.
- One method to reduce the information leakage from job postings is to reduce the system specific information in the job post or to use a company confidential job posting.
Table FF.1. DNS Records and Types
Record Name
Record Type
Purpose
Host
A
Maps a domain name to an IP address
Pointer
PTR
Maps an IP address to a domain name
Name Server
NS
Configures settings for zone transfers and record caching
Start of Authority
SOA
Configures settings for zone transfers and record caching
Service Locator
SRV
Used to locate services in the network
Mail
MX
Used to identify SMTP servers
- A zone transfer is unlike a normal lookup in that the user is attempting to retrieve a copy of the entire zone file for a domain from a DNS server.
- Traceroute is a utility that is used to determine the path to a target computer.
Scanning
|