Question

General Questions about Network Footprinting

Guidelines

• Answer each of the following questions using knowledge gained from the iLab, readings from the textbook, and individual research on the Web. Answer all questions in full graduate-level sentences and paragraphs.
  

1. What is accomplished by network footprinting?

2. What are the countermeasures a network security architect can set in motion to diminish the threat from network footprinting?

3. What is the difference between network footprinting and network reconnaissance?

4. In the context of network security, explain what is meant by after reconnaissance comes penetration.
5.  What is a denial of service (DOS) attack?

Answer 1

Answer 1 :

Network Footpring is a process of gathering all the useful information about the target network . Network footprinting is considered first step to attack where the attacker learns as musch as possible about the taerget so that he finds a way to break into the system .

Attackers use footprinting to collect various information through Active (Direct footpring) or Passive (Indirect footprinting) .

These may be :

• Domains , Sub domains , IP addresses , DNS records .
• Server Locations , user password , Operating system information.
• Employee informations , Locations , phone numbers , eployees back grunds etc .

The main aims of footprinting are :

1. Learn security postures .

2. Analyse the security of the target system .

3. Find loopholes and create an attck plan.

4. Find vulnerabilities and collect information about target security .

5. Identify attack areas using different tools and techniques .

Answer 2 :

Countermeasures : It is an action , a procedure or a method that reduces a threat or an attack by eliminating or preventing it using various tools and techniques of network security . Some of the footprinting countermeasures that an architect should set are :

1. Restrict accessing to social media.

2. Enforcing Security Policies.

3 . Educating employees about security threats .

4. Encrypting Sensitve information.

5. Disabling protocols that are not required.

6. Proper Service Configuration .

Answer 3 :

Difference between network footprinting and network reconnaissance :

When weare talking about Reconnaissance and footprinting , there is no difference beteween them as such . Footprinting is a part of reconnaissance which is used for gathering information about the target system. Reconnaisance is further divided into three phases , i.e , 1. Footprinting. 2. Scanning. 3. Enumerating

During Reconnaissance the hacker attempts to gather information in the following Seven steps mentioned below :

1. Gather Initial Information

2. Determine the network range

3. Identify active machines

4. Discover open ports and access points

5. Fingerprint the operating system .

6 . Uncover service on ports

7. Map the network

During FootPrinting the hacker attempts to gather the following information from the target system :

1. Domain Names

2. IP addresses

3. Namespaces

4. Employ Information

5. Phone numbers

6. E mails

7 . Job Information

The above mentioned points can be cosidered differences between the two .

Answer 4 :

After reconnaissance comes penetration means that at this stage the hacker wants to learn what is on the other end . The aim of this is to discover the IP address of host on target computers , operating system of the target computer and accessible UDP and TCP ports on the target computer so that it can be easy to penetrate during the ateck by a hacker. as a result Reconniassance makes it easier for pentration to take place thus , pentration comes after reconnaissance.

Answer 5 :

DoS attack : In this atteck the attacker attempts to distrupt the flow of traffic in a network by flooding the network with the messages so that the network gets difficulty in processing its routine messages from the authorized users. The hacker may perform this by flooding web server , mail server etc with incoming messages.

Denial Of Service attack is an attack targeting the availibility of web applications . Unlike other attacks the DoS targets not on the stealing of the information but slowing down the work or taking down the taergeted website. This attack can be performed for various reasons ranging from simple fun to financial gain.

DoS attacks affects the enterprises from all sectors , ranging from private to government , all sizes and all locations. They target the network layer upto the application layer , where attacks are more difficult to detect as they get confused with heavy traffic over the network.