In this discussion, I will teach you important things about Footprinting, such as how attackers gather target information publicly and privately, how we can avoid becoming victims of footprinting, and some essential prevention strategies. So, let's dive in! And shhh... remember, nothing is 100% safe.
What is Footprinting?
Footprinting:
Footprinting is the process of gathering information about a target system, network or Organization to identify potential security vulnerabilities. It is the first phrase of ethical hacking and involves collecting data publicly/Privately Available Data through Open-Source intelligence (OSINT) Frameworks/Methods
So lets talk about the types of Footprinting
Type Of Footprinting:
1. Passive Footprinting:
Passive footprinting is a way to gather information about a target without directly interacting with it. It's a stealthier method than active footprinting, which involves directly interacting with the target.(e.g. Browsing the target's website, Visiting social media profile, Searching for the website on WHOIS,and Crawling websites and social media platforms.)
2. Active Footprinting:
Active footprinting is a process that involves gathering information about a target by interacting with their system. It can be done manually or with automated programs. (e.g.)
DNS Querying: Extracting DNS records using tools like nslookup, whois.
Port Scanning: Using tools like Nmap to identify open ports and running services on a target system.
Social Engineering: Directly interacting with employees or people associated with the target to extract information.
Types of Information Collected
Types of Information Collected through Footprinting
When hackers do footprinting, they try to gather many different kinds of information about a computer system or network. This information helps them understand how the system works and where its weak spots might be. Here’s a list of the main things hackers often look for.
Information Collected:
- IP Addresses(For Gaining Access)
- Whois Records(Domain Information)
- Types of Programs used(To Avoid Detection)
- Firewall(Network Strenght)
- Personal Information(Family Information)
- Network Numbers(Phone Numbers)
- System Settings(OS Settings)
- Sensitive Information(E-mails & Passwords)
Conclusion:
Try your best to remove as much of your personal and private information as possible, such as your name, phone number, email, and location, from public platforms. Keep your information private and never share it with anyone.
Always keep your system up to date and choose a robust antivirus, such as AVAST, AVG, or KASPERSKY. If possible, strengthen your network security and stay vigilant. Educate others as much as you can, and remember: No one is 100% secure!
Top comments (0)