Footprinting is the first step of an attack on information systems in which an attacker collects information about a target network for identifying various ways to intrude into the system. Using this, we can find a number of opportunities to penetrate and assess the target organization’s network.
Types of Footprinting:
- Passive Footprinting
- Active Footprinting.
1. Passive Footprinting:
This involves gathering information about the target without direct interaction. It is a type of footprinting gathering that is mainly useful when there is a requirement that the information-gathering activities are not to be detected by the target is not sent to the target organization from a host or from anonymous hosts or services over the Internet. We can just gather the documented and put away data about the target utilizing web crawlers, social networking websites, etc.
Passive footprinting techniques include: –
- Finding the Top-level Domains (TLDs) and sub-domains of an objective through web services
- Gathering area information on the objective through web services
- Performing individuals search utilizing social networking websites and individuals search services
- Stealing monetary data about the objective through various monetary services
- Get-together framework subtleties of the objective association through places of work
- Checking objective utilizing ready services
- Social occasion data utilizing gatherings, discussions, and online journals
- Deciding the working frameworks being used by the objective association
- Extricating data about the objective utilizing Internet documents
- Performing competitive intelligence
- Discovering data through web crawlers
- Monitoring website traffic of the target
- Tracking the online reputation of the target
- Gathering data through social designing on social networking destinations
2. Active Footprinting: –
This involves gathering information about the target with direct interaction. In this type of footprinting, the target may recognize the ongoing information gathering process, as we only interact with the target network.
Active Footprinting techniques include: –
- Querying published name servers of the target
- Extracting metadata of published documents and files
- Stealing a lot of website information using various types of mirroring and web spidering tools
- Gathering information through email tracking
- Performing Whois lookup
- Extracting DNS information
- Performing traceroute analysis
- Performing social engineering
The major goals of footprinting incorporate gathering the organization data, mainframe data, and hierarchical data of the victim. By directing footprinting across various organization levels, we can acquire precious data, for example, network blocks, explicit IP addresses, representative subtleties, etc. Such data can help the network intruders in accessing confidential information or performing different types of hacks on the objective organization.