This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: 1 Footprinting Security Engineering Original slides prepared by K. Liszka, Original slides prepared by K. Liszka, The University of Akron The University of Akron for 3460:453/553 for 3460:453/553 Footprinting Footprinting • Def: Gathering information about a potential system or Def: Gathering information about a potential system or network network – a.k.a. fingerprinting a.k.a. fingerprinting • Attacker Attacker ’s point of view s point of view – Identify potential target systems. Identify potential target systems. – Identify which types of attacks may be useful on target systems. Identify which types of attacks may be useful on target systems. • Defender Defender ’s point of view s point of view – Know available tools. Know available tools. – May be able to tell if system is being May be able to tell if system is being footprinted footprinted , be more , be more prepared for possible attack. prepared for possible attack. – Vulnerability analysis: know what information you Vulnerability analysis: know what information you ’re giving away, re giving away, what weaknesses you have. what weaknesses you have. Internet • Domain name • Network blocks • Specific IP addresses of systems reachable via the Internet • TCP and UDP services running on each system identified • System architecture – Ex. Sparc vs. x86 Internet • Access Control Lists (ACLs) and mechanism • Intrusion-detection systems (IDSs) • System enumeration...
View Full Document
- Fall '09
- Computer Security, IP addresses, Domain Name System, Company Web pages