IT Channel.com

Ethical hacking tools and techniques: Information gathering

By null

There are several tools, including public sources such as Whois and Nslookup, that can help you gather information about your target network (that is, your customer). Whois is usually the first stop in reconnaissance. You'll find information like the domain's registrant, its administrative and technical contacts, and a listing of their domain servers. Nslookup is a program used to query Internet domain name servers. It displays information that can be used to diagnose Domain Name System (DNS) infrastructure and find additional IP addresses. It can also use the MX record to reveal the IP of the mail server.

Another information source is ARIN (American Registry of Internet Numbers). ARIN allows you to search the Whois database to locate information on a network's autonomous system numbers (ASNs), network-related handles and other related point-of-contact info. ARIN's Whois function enables you to query the IP address to find information on the target's use of subnet addressing.

The common Traceroute utility is also very handy. Traceroute works by exploiting a feature of the Internet Protocol called Time to Live (TTL). It reveals the path IP packets travel between two systems by sending out consecutive UDP packets with ever-increasing TTLs. As each router processes an IP packet, it decrements the TTL. When the TTL reaches zero, it sends back a "TTL exceeded" ICMP message to the origination. Therefore, routers with DNS entries reveal the name of routers, network affiliation and geographic location.

A utility called Visual Trace by McAfee displays the traceroute output visually either in map view, node view and IP view.

Here are other useful Windows-based tools for information gathering:


Ethical hacking tools and techniques

 Introduction
 Information gathering
 Port scanning
 Vulnerability scanning
 Password cracking

About the author
Russell Dean Vines is a bestselling author, Chief Security Advisor for Gotham Technology Group, LLC, and former President of the RDV Group. His most recent book is The CISSP and CAP Prep Guide, published by John S. Wiley and Sons. He is available to answer your security threat questions via Ask the Expert.

15 Apr 2007

All Rights Reserved, Copyright 2006 - 2024, TechTarget | Read our Privacy Statement