What exactly is Footprinting and Reconnaissance?

Overview

Footprinting is a technique used for gathering information about computer systems and the entities they belong to. In order to obtain such information, hackers might have to utilise various tools and technologies. These information are useful to hackers who are infiltrating a system.

Footprinting is also the first step in the evaluation of the security posture of the target organization’s IT infrastructure. Hackers gather maximum information about a computer system or network and about any devices connected to that network.

Since footprinting refers to the process of collecting information about a target network and its environment, it can help hackers find a number of opportunities to penetrate and assess the target’s network.

Types of Footprinting

Passive Footprinting — no direct interaction with the target

1. Finding Information through search engines
2. Finding Top-level Domains (TLDs) and sub-domains of a target through web services.
3. Collecting location information on the target through web services
4. Performing people search using social networking sites and people search services
5. Gathering financial information about the target through financial services
6. Gathering infrastructure details of the target organization through job sites
7. Monitoring target using alert services
8. Collecting information through social engineering on social networking sites.

There are many other more ways and forms of passive footprinting, but these will generally give you the idea of what passive footprinting is about.

Active Footprinting — involves direct interaction with the target

1. Querying published name servers of the target
2. Extracting metadata of published documents and files
3. Gathering information through email tracking
4. Performing Whois lookup
5. Extracting DNS information
6. Performing traceroute analysis

Active Footprinting also has many other more ways but these will generally give you the idea of what active footprinting is about.

What do hackers get in Footprinting

1. Network Information
2. System Information
3. Organization Information

Objectives of Footprinting

1. Knowing the security posture of an organisation
2. Reduce Focus area of attackers to a specific range of addresses/networks or domain names.
3. Identify vulnerabilities in order to select their most appropriate exploits
4. Outline the target’s network infrastructure before breaking in

Threats

Social Engineering — Collecting information through persuasion or other means ( direct & indirect )

System and Network Attacks — Performing system and network attacks to gather information such as system configuration, operating system details and etc. This will lead attackers to take control over a target system or the entire network.

Information Leakage — Loss of sensitive information, allowing attackers to plan comprehensively

Privacy Loss — Hackers can access systems and networks of the organization and even escalate the privileges up to admin levels, resulting in the loss of privacy for the organization as a whole and its individual personnel.

Business Loss — Billions of dollars are lost every year due to malicious attacks by hackers

Additional Information about Footprinting

Google hacking refers to the use of advanced Google search operators for creating complex search queries in order to extract sensitive or hidden information. The accessed information is then used by attackers to find vulnerable targets. Footprinting using advanced Google hacking techniques gather information by locating strings of text within search results.

When a query without advanced search operators is specified, Google traces for the search terms in any part of the webpage that includes the title, text, URL and so on. In order to confine a search, Google offers advanced search operators. These search operators help to narrow down the search query and get the most relevant and accurate output.

So what can hackers do with Google Hacking?

They can create complex search engine queries in order to filter large amounts of search results to obtain information related to computer security. Hackers locate specific strings of text within the search results to detect websites and web servers that are vulnerable to exploitation, as well as locate private, sensitive information about others. This includes credit card numbers, social security numbers, passwords and so on. Once a vulnerable site is identified, attackers try to launch various possible attacks such as SQL injection or buffer overflows that compromise information security.

How to prevent Footprinting?

Footprinting Penetration Testing

Penetration testing refers to the process of testing the organization’s security posture using similar techniques and tools as that of an attacker, but with the knowledge and approval of the organization. Footprinting is the first step to perform in pen testing process. The pen tester will discover potential security liabilities that an attacker may exploit.

So, what is footprinting penetration testing ?

It helps in determining an organization’s information on the Internet such as network architecture, operating systems, applications, and users. The pen tester tries to gather publicly available sensitive information of the target by pretending to be an attacker. The target may be a specific host or a network.

Footprinting penetration testing helps organizations/businesses to:

1. Prevent information leakage
2. Reduce the chances of Social Engineering
3. Prevent DNS record retrieval from public servers

Conclusion

Footprinting is the first step of any attack where attacker collects information about the target by using different means. It reduces the attacker’s focus area to a specific range of IP addresses, networks and etc. Attackers can use search engines such as Google to extract information about a target. Important and sensitive information such as DNS records are valuable to hackers which allows them to plan a comprehensive attack that can intrude your system without authorization.