Following in the hackers' footsteps 
(03/10/2007)
‘Footprinting’ an organisation involves a range of information-gathering techniques – from identifying active machines to rifling through rubbish. The practice can ensure a hack is quick, effective and virtually untraceable.
The technique allows for the accumulation of data regarding a specific network environment and can revel system vulnerabilities and improve the ease with which they can be exploited. The increase in footprinting is coupled with a boom in areas to exploit with the growth in Google searches, forums and software as a service.
Hackers can spend up to 90 per cent of an attack researching the network vulnerabilities, according to security experts at Firebrand Training (known as The Training Camp). In response to the increasing number of network vulnerabilities, Firebrand Training has launched a White Paper, ‘Footprinting’ – following in the hackers’ footsteps.
Produced by Firebrand Training’s CSO, Richard Millett, the paper explores key strategies in passive and active reconnaissance of network vulnerabilities – as well as more technical methods, such as port scanning, ping sweeps and traceroute. It is critical that organisations start to understand the technique before they are caught out.
Once the footprinting process is complete it should be possible to produce a network map of a target containing the following information:
· Host names
· IP addresses
· Open port numbers
· Operating systems
· The function of particular hosts
“For years, organisations have been trying to think like hackers to beat them at their own game,” said Richard Millett, CSO, Firebrand Training. “Footprinting a network can take months of careful observation and planning, while a strike can take just seconds,” he added. “Organisations need to make sure networks reveal as little information as possible to potential attackers. Essentially, even small lapses could prove fatal to the network’s security.”
Related topics: Hacking and intrusion prevention White papers
Print version | 
Email to a friend | 
Related articles
Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.
Other Security news and resources
Security News
Suppliers Directory
Jobs forum
Classifieds
Knowledge base
White papers
Research library
Security books
Special reports
Security interviews
Security companies
Security events
Security links
Security market
Product channels
Access Control Biometrics CCTV Intruder Alarms IT Security Manned Guarding Perimeter Protection Physical Security Remote Monitoring Security Services Fire, Health & Safety Other Security Products
IT Security white papers and research library
Access Control Authentication Data Management Data Security Digital Signatures Email Security Identity Management Internet Security Intrusion Prevention Network Security Remote access security Security Management Security Policies Security Software Security Threats Virus Detection Software Virus Protection VPN Vulnerability Assessment Wireless Security
Security books, guides, standards and toolkits
RFID and Smart Cards books, guides and reference documents Biometric books, guides and reference documents CCTV books, guides and reference documents Intruder alarms and intrusion detection systems books, guides and reference documents Monitoring and surveillance books, guides and reference documents IT Governance, ISO 27001 ISO 17799 and BS 7799 toolkits Fire, Health & Safety books, guides and reference documents
