Passive Information Gathering
The first stage when targeting a company is to gather as muchinformation as possible without the company knowing. Information
can be gathered from a number of sources and used in subsequent
stages to derive more in depth information useful for an attack.
There are a number of Internet resources that can provide useful
information about the target company. Examples are:
• Regional Internet Registration databases.
• Domain name databases.
• EDGAR database.
• CNN news website.
What is Passive Information Gathering?
At this stage the information gathering is entirely passive. This meansthat the company is not contacted or probed directly and will therefore
not be able to detect that anyone is gathering information about them,
even if they have Intrusion Detection Software (IDS) installed. The
information almost invariably comes from third-parties who publish
such information freely on the web.
On the Internet, there are valuable resources that can be used for
passive information gathering. These generally take the form of
databases holding current or archived company information. Because
these databases are publicly accessible, it is not illegal or unethical to
query them. Many such databases provide the facilities and tools to
allow this action. The company's homepage is also a valuable resource
and can potentially reveal sensitive information inadvertently left there
by the author, again without necessarily notifying the target company
that they are being investigated.
No comments:
Post a Comment