What is Footprinting ?
Footprinting is a part of the Inspection phase of Ethical Hacking in which you gather information about the system/ application. The main goal of Footprinting is to gather as much information as possible about the system/ application to narrow down the areas and techniques of attack. Footprinting is a very important part of Ethical Hacking.
Visualize you are a famous Ethical Hacker and you get a job to check a Web Application for vulnerabilities. You get the name of the association whose website you have to test. How would you start testing the website for vulnerabilities? You would start by gathering information about that website.
Why is Footprinting Important ?
Footprinting is one of the important phases of Ethical Hacking. For ex, Movie Plot. Assume you are looking a Bank robbery movie, there are people who have planned to rob a bank. Movies like Ocean’s Eleven, The Italian Job, or Fast and Furious, do the characters directly buy guns and masks and enter the bank to rob it? No! If they did this, they wouldn’t be able to rob the bank successfully.
So, what do they do before robbing the bank? They make a good plan on how to enter the bank, how to handle the security, and make an escape plan. And to plan the robbery, they need to see certain things about the bank, the way it activates, how the security works, etc. Knowing about the bank plays an important role in making the plan.
In the same way, knowing about the system/ application is very important for ethical hacking because it will let you know what type of vulnerabilities can be found and what attacks are suitable.
Types of Footprinting
It can be divided into two types:
- Active Footprinting
- Passive Footprinting
Active Footprinting
- It is the type of Footprinting where you gather information about the system/ application by directly relating with the system. When you use Active Foot printing, there is a high chance that some data like your IP address is saved by the system you are trying to gather the information about.
Passive Footprinting
- Here you gather information without relating with the system/ application you are trying to know about. You gather information via search engines or public records. When you use Passive Footprinting, there is no way that the system would save your IP address.
Footprinting helps to
Know Security Posture – The data gathered will help us to get an outline of the security posture of the company such as details about the presence of a firewall, security configurations of applications etc.
Reduce Attack Area – Can identify a specific range of systems and focus on particular targets only. This will greatly decrease the number of systems we are focussing on.
Identify vulnerabilities – We can build an information database holding the vulnerabilities, threats, loopholes available in the system of the target organization.
Draw Network map – Helps to draw a network map of the networks in the target organization covering topology, trusted routers, presence of server and other information.
How to Gather Information in Footprinting ?
Here I will show you some methods to gather information.
Now we will try to gather information about Wikitechy Website . Suppose you don’t know anything about Wikitechy site, how would you start gathering information? The first step is to use a search engine.
Footprinting using Search Engine
Open a browser and search for “Wikitechy”
You will find the URL of Wikitechy i.e., www.wikitechy.com. This is the first piece of information you have found.
Using the URL of the website, you can find the IP address of the website by pinging to it.
Ping to find the IP address
To find the IP address of Wikitechy website, open the terminal and run the below command:
ping www.wikitechy.com
You can see that we found the IP address of Wikitechy. The IP address is 260:4700:8d7f:92bd:15de:fe:2d9a:2448
The IP address is just a small part of information about the website. To get more information, we will use Whois Lookup.
Whois Lookup
It is a tool used to find out information such as DNS, domain names, name servers, IP addresses, etc. To find some more information about the Wikitechy website, open a browser and go to http://whois.domaintools.com/
Enter the website name (or IP address) and click “Search“
This search will display several information about the website.