Footprinting in Cyber Security

 What is Footprinting?

        Footprinting is the starting step of an attack on an information system in which an attacker collects information about a target network for identifying various ways to attack the system.

Types of Footprinting

•     Passive Footprinting 

•     Active Footprinting

Passive Footprinting

    Passive Footprinting is gathering information about a target without direct interaction. For example, we have many tools for gathering information like whoislookup, Netcraft, and Robtex. 
    By using these tools we can easily gather target information. The information like IP address, Domain name, DNS record, Unlisted files, Sub-domains, and Directories.

Active Footprinting

    Active Footprinting is gathering information about the target with direct interaction. For example, we could interact with the target face to face or via phone call.

Information Obtained in Footprinting

Organization information

            Employee details, telephone numbers, location, Background of the organization, web technologies, etc,

Network Information

            Domain and sub-domains, network blocks, IP address of the reachable systems, whois record, DNS, etc.

System Information

            location of web servers, user name, passwords, etc.

Objectives of Footprinting    

Know Security Posture

            Footprinting allows attackers to know the security posture of the target organization.

Reduce focus area

            It reduces the attacker's focus area to a specific range of IP addresses, networks, domain names, remote access, etc.

Identify Vulnerabilities

            It allows an attacker to identify vulnerabilities in the target system in order to select appropriate exploits

Draw Network Map

            It allows attackers to draw a map or outline the target organization's network infrastructure to know about the actual environment that they are going to break.