Securities Lab 3 Essay

543 Words3 Pages
Lab #3 – Assessment Worksheet Data Gathering and Footprinting on a Targeted Web Site Student Name: Overview The first phase of hacking is the footprinting phase, which is designed to passively gain information about a target. In this lab, you performed technical research against three Web domains using Internet search tools. You collected public domain information about an organization using the Google search engine to uncover information available on the Internet. Finally, you recorded the information you uncovered in a research paper, describing how this information can make an organization vulnerable to hackers. Lab Assessment Questions & Answers 1 What information can you obtain by using the WHOIS tool contained within Sam Spade? MANY THINGS, INCLUDING THE COMPANY NAME (UNLESS IT IS ASSIGNED TO THE AGENT), DOMAIN NAME, NAMESERVER, OWNERSHIP, AND CONTACT INFORMATION 2 Besides the WHOIS utility covered in this lab, what other functions did you discover are possible with the Sam Spade utility? PING, NSLOOKUP AND TRACERT 3 What is the purpose of the tracert command? What useful information does the trace route tool provide? How can this information be used to attack the targeted website? IT DISPLAYS THE ROUTERS ON A PATH THROUGH THE INTERNET TO GET TO A SPECIFIC DESTINATION – IT DISPLAYS THE IP ADDRESS FOR A NIC AND THE PORTS THAT ARE ACTIVE – KNOWING THE OPEN PORTS GIVES AN ADVANTAGE TO AN ATTACKER 4 Is Sam Spade an intrusive tool? What is your perspective on the use of a freeware utility such as Sam Spade? IT IS NOT AN INTRUSIVE TOOL – IT IS A SECURITY TOOL THAT IS FREE SO IT SEEMS TO BE A GOOD THING 5 By its nature, WHOIS information must be publicly available. What do you think companies and organizations should do with regard to this information? THEY SHOULD NOT PUT ALL OF THEIR IMPORTANT CONTACT INFORMATION IN THE
Open Document