Question

2. Examine various vulnerabilities of information system that lead to a successful footprinting and recommend the countermeasures for the same.

Answer 1

Footprinting refers to the process of collecting as much as information as possible about the target server or computer system to find ways to penetrate into that server/system.

Various vulnerabilities of information system that lead to footprinting:

1. Open access to all ports

2. All protocols are enabled on the system

3. Availability of un encrypted senitive data

4. No data validation of user entered data on a web site.

5. Remote access enabled on the server without authentication

Countermeasures which help to prevent footprinting are as follows:

1. We should disable unnecessary protocols for a server.

2. We must lock down ports with an appropriate firewall configuration.

3. We must use TCP/IP and IPSec filters for defense in depth.

4. We should configure IIS to prevent information disclosure through banner grabbing.

5. We should use an IDS that can be configured to pick up footprinting patterns and reject suspicious traffic.

6. We should encrypt and password-protect sensitive data. Data such as Web accessible e-mail
should be considered sensitive data and should be encrypted.

7. We should curtail unexpected input from the user. Some Web pages allow users to enter usernames and
passwords. These Web pages can be used maliciously by allowing the user to enter in
more than just a username. Username: jdoe; rm -rf / This might allow an attacker to
remove the root file system from a UNIX Server. Programmers should limit input
characters, and not accept invalid characters such as |; < > as possible input.