Orange County Computer Consultant

My photo
Orange County Computer Consultant helps small businesses with networking, installations and small business software.

Wednesday, May 11, 2011

Internet Host and Network Enumeration

An attackers can gain use full information about a target organization by querying:

Domain and IP Registers.
Whois databases.
Web and Newsgroup search engines.

With this information a attacker can create a map of your network and look for vulnerabilities. Telephone numbers can be used to scan blocks of phone numbers looking for modems.

Netcraft can be used to identify and fingerprint web servers. Technical contacts, phone numbers and emails can be found using the whois command.

Webserver crawling can be used to mirror the organizations webserver. Some tools include GNU Wget and Black Widow.