Footprinting

Footprinting is basically, the first step where hacker gathers as much information to find ways to intrude into a target system or decide what type of attacks will be more suitable.
The first phase of ethical hacking is the process of Information Gathering, which is about getting to know the target systems, can also be termed as reconnaissance.
A hacker can perform footprinting to gather various details of the systems such as domain names, IP Addresses of the system and its employees, details of employees and staff, contact numbers and e-mail id's.
If the target of attack is some company, them following information can be recorded.

• Company details, employee details and emails.


• Deals, projects, databases with other firms.


• Legal docs , sensitive data of the company, source code of website.

This may be done for benefit of one self of a group of people who intend to harm the company.
There are various online sources that can be accessed for extracting the information about the targets. And this information is available to everyone legally. So, no one can raise the point that data can be misused. The sources are:

• RIR's or the regional internet registries.


• WHOIS searches.


• EDGAR databases, provide legal data.


• Stock Exchange websites.


• Company homepage may yield the HTML source code holding sensitive data.


• News webs, newsgroups and various search engines.

There are various techniques that can be employed for the process of information gathering or Footprinting.
Queries for Domain name servers, network, organisations, SNMP, point of contact queries, registrar or voice queries can be made for data access.
Network Enumeration, OS identification, ping sweeps, protocol scanning and WWW spidering are other handful of techniques more than enough for the purpose.
Seven steps are followed for gathering the information.
1. Gathering initial information.
2. Then network range is determined.
3.Third step involves identifying active machines.
4.Discovery of open ports and access points.
5.Fingerprinting the operating system.
6.Uncovering services on ports.
7.Network mapping.

Tools that are used for Footprinting are:
Sam Spade, nslookup, traceroute, Nmap and neotrace.

Sam Spade, found on its home page, www.samspade.org is a downloadable executable is compiled to run on a Windows operating system though there is also a reduced functionality web-based version, accessible by the internet clients.

NeoTrace gets the path information. The graphical display displays the route between the source, intermediaries and remote sites. It is a wide used GUI program used for route tracing, which also display information about every node. Wireshark is the software used for footprinting.
Footprinting could be both passive and active.
1. Active Footprinting
In active one, you will directly interact with the computer system to gain information. This information can be relevant and accurate. But there is a risk of getting detected if you are planning it without permission.
System admins have rights to take severe actions against the hackers if found doing so. For example, social engineering to gain access to sensitive data.
2. Passive Footprinting
In Passive Information Gathering, the company is not contacted directly and will therefore not be able to detect that anyone is gathering information about them, even if they have Intrusion Detection Software (IDS) installed.
The information comes from third-parties who publish such information as databases holding current or archived company information.
And, since they are publicly accessible, it is not illegal or unethical to query them. The company's homepage is also a valuable resource and can potentially reveal sensitive information without notifying the target company.
Browsing the target's website, visiting social media profiles of employees, searching for the website on WHOIS, reviewing a company’s website is an example of passive footprinting.

Advantages of footprinting

• Hackers can easily gather, extract and exploit security of targets, nodes of system network, route and data flow.


• Once vulnerability is identified, the focus moves to a particular part of target, rather than whole of it.


• Hackers can identify the most optimal attacks, which may yield maximum information.

Counter measures

• Confidential data shouldn't be posted on social media.


• Unwanted friend requests aren't meant to be accepted on social media platforms.


• Promote various hacking education and tricks.

Usage of footprinting techniques for identifying and removing #sensitive information from social media platforms.

Proper configuration of web servers to avoid loss of information about system configuration.