To undertake network footprinting, one must first obtain fundamental and vital information about the target organisation, such as what the organisation does, who works there, and what type of work they do. The answers to these questions reveal information about the target network's internal structure.
Obtaining private IP addresses can be useful to attackers. Also, the attacker can obtain information about the network's structure and which machines are active by using the network range. Using the network range also aids in determining the network topology, access control device, and operating system utilised in the target network.
To determine the network range of the target network, search the server IP
address (as determined by Whois footprinting) in the APNIC Whois database
search tool. To look for an IP address, go to the APNC website (https://wq.apnic.net//static/search.html).
Incorrectly configured DNS servers give attackers a significant possibility
of obtaining a list of internal machines on the server. Furthermore, if an
attacker traces the path to a machine, the internal IP address of the
gateway can be obtained, which can be valuable.
TRACEROUTE
Traceroute programs work on the concept of ICMP protocol and use the TTL
field in the header of ICMP packets to discover the routers on the path to a
target host.
The Traceroute utility can show the path IP packets take between two
systems. The utility may determine the number of routers through which
packets pass, the round-trip time (RTT ) (the
time it takes for packets to travel between two routers), and, if the
routers have DNS records, the names of the routers and their network
affiliation. It can also pinpoint geographical locations. It works by
utilising a TTL feature of the Internet Protocol.
The utility logs the router's IP address and DNS name before sending another
packet with a TTL of two. This packet passes past the first router before
timing out at the next router in the path. This second router likewise
returns an error message to the original host.
Traceroute will keep doing this and recording the IP address and name of
each router until a packet reaches the destination host or the host is
determined to be unreachable. It records the time it takes for each packet
to make a round trip to each router during the operation.
Illustration of Traceroute |
Finally, when it arrives at its destination, the sender will receive the
standard ICMP ping answer. The utility assists in revealing the IP
addresses of the intermediate hops in the route from the source to the
target host.
By default, the Windows operating system uses ICMP traceroute.
Navigate to the command prompt and enter tracert followed by the
destination IP address or domain name. Many network devices are commonly
set to reject ICMP traceroute messages. An attacker in this scenario
employs TCP or UDP traceroute, often known as Layer 4 traceroute. Navigate
to the Linux Operating system terminal and enter
tcptraceroute followed by the destination IP address or domain
name or use traceroute to use UDP protocol for tracing.
Here is an example of Traceroute from Windows:
- Round-Trip Time (RTT) is displayed three times because for each HOP three packets are sent.
- * means not being able to determine or packet loss
Path analyzer Pro, VisualRoute, Traceroute NG, and PingPlotter are
important traceroute programs for determining the geographical location of
routers, servers, and IP devices in a network. Such tools assist us in
tracing, identifying, and monitoring network activities on a global scale.
The following are some of the features of these tools:
- Hop-by-hop traceroutes
- Reverse tracing
- Historical analysis
- Packet Loss Reporting
- Reverse DNS
- Ping Plotting
- Port Probing
- Detect network problems
- Performance metrics analysis
- Network performance monitoring
You might be interested in,
- Phases of Hacking
- Introduction to Footprinting - First Step to Hacking
- Information Obtained in Footprinting
- Objective and Threats of Footprinting
- Countermeasures of Footprinting
- Footprinting - First Step on Hacking (Summary) with Tools
We hope this helps. If you have any suggestions or doubts you can add
a comment and we will reply as soon as possible.
No comments:
Post a Comment