Footprinting

Footprinting is a term from IT security . It describes the first phase of a hack attack , namely the gathering of information about a target system. A distinction is made between active and passive footprinting. With passive footprinting, publicly available data about an attack target is collected. This information is obtained from the following sources, among others:

• Home page of the victim
• search engines
• Job postings in companies
• Newsgroups

Sources of information for active footprinting include:

• Fingerprinting
• The WHOIS database
• The DNS entry
• Pingsweep
• Traceroute
• Port scans

Via the WHOIS database, you can find out the email address, telephone number and postal address from the domain's billing contact, as well as the IP address of the primary and secondary DNS server. The IP of the web server and the mail server and all other services accessible via the Internet can be determined via a DNS request. Information about the company and its employees can be obtained via the company website, e.g. B. Names, photos that are of crucial importance for social engineering .

As part of the Chaos Communication Congress security conference , a new method was presented to correlate the results of search engine queries and WHOIS databases and to efficiently identify all web applications that are logically assigned to a company.