Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
3 views4 pages

CEHv11 Module 2 Study Outline

The document outlines the concept of footprinting, which is the initial step in an attack where an attacker gathers information about a target. It details various methods and tools used for footprinting, including search engines, web services, social networking sites, and email, as well as countermeasures to mitigate risks. Additionally, it discusses techniques for social engineering and the importance of restricting information access to protect sensitive data.

Uploaded by

Fack You
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
3 views4 pages

CEHv11 Module 2 Study Outline

The document outlines the concept of footprinting, which is the initial step in an attack where an attacker gathers information about a target. It details various methods and tools used for footprinting, including search engines, web services, social networking sites, and email, as well as countermeasures to mitigate risks. Additionally, it discusses techniques for social engineering and the importance of restricting information access to protect sensitive data.

Uploaded by

Fack You
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

CEHv11 Module 2 Study Outline

Footpringting

Definition: __the first step of any attack on the information systems in which the attacker collects
information about a target_________________________________

What footprinting accomplishes in general

Goal Definition

Footprinting: Search engines

Method What is gathered

Footprinting: Web Services

Method What is gathered


Footprinting: Social networking Sites

What Users/Organizations Do What is gathered


Maintain profile
Connect to friends
Share photos and videos
Play games, join groups
Create events
User surveys
Promote products
User support
Recruitment
Background check and

Footprinting: Tools

Tool

Footprinting: Email

List some info that a hacker can collect: __________________________________________________

___________________________________________________________________________________

List some tools used: __________________________________________________________________

____________________________________________________________________________________

Footprinting: Whois Lookup/Geolocation

Definition: ___________________________________________________________________________
Tools used: _________________________________________________________________________

Foorprinting: DNS

Record Type Description


a Points to a host’s IP address
mx Points to a domain’s email server
ns

Reverse DNS Lookup

Definition: _____attacker performs a reverse dns lookup on a ip ranges in attempt to locate a dns Ptr
record for those ip addresses._dnsrecon and reverse lookup to lookup target host______________

Footprinting: Network

Definition: __________________________________________________________________________

Tool used: ____arin whois database tool__________________________

Traceroute Analysis Finds info about ________________, ____________________,


______________________

Traceroute tools:

_____path analyzer pro and visual route, netstat_________________________________

Foorprinting: Social Engineering

What information is gathered: _________credit card details and ssn,


_______________________________________________

__________________________________________________________________________________

Techniques: ___easedropping______________, ______shouldersurfing____________,


______dumpster diving___________, ______impersonation__________

General Footprinting Tools:

_______maltego___________________

______recon-ng__________________
_________________________

(add more lines as needed)

Footprinting Countermeasures (list some)

Restrict the employees access to social networking sites from org network
Configure web servers to avoid information leakage
Educate empoyees to use psuedonyms on blogs, groups, and forums
Don’t reveal critical information in press releases, annual reports, product catalogues,etc
Limit the amount of information published on a website or the internet
Use footprinting techniques to discover and remove any sensitive information that is publicly
available
Prevent search engines from caching a web page and use anonymous registration services

You might also like