© Wojciech Kaczkowski, 123RF.com
What tools do intruders use to
ReconTime
During reconnaissance, intruders gather information from public sources to learn about the target: the nature of the business, the technical infrastructure, architecture, products, and network configuration. The actions required to discover this information might seem harmless and might even be overlooked by security administrators as "network noise," but the information gathered in the reconnaissance phase can be useful for launching a network attack. Social Engineering – manipulating people to divulge confidential information or tricking people to do things beneficial to the user – might become prevalent at this stage. If the reconnaissance is pulled off successfully, the target might not know until it is too late.
In this article, I describe some tools and techniques used in the planning, scoping, and recon portion of a penetration test. If you learn to use these recon tools, you'll get a head start on the intruder by finding these vulnerabilities before they are subject to attack.
Domain Tools
Intruders and penetration testers use a number of tools to obtain DNS information. Many of these tools are very familiar to IT professionals. Tools such as nslookup and dig provide information on domain names, name servers, and network hosts accessible through the Internet. The popular whois service also offers a means for discovering domain information. The Nmap scanner's -sL option (nmap -sL) performs a reverse DNS lookup on every IP address in the scan and queries the DNS server each time an IP address is listed.
In addition to these standard DNS tools, a pair of lesser known utilities also inhabit the toolboxes of many experienced pen testers. Dnsrecon [1], written by Carlos Perez, provides different methods for enumerating targets, such as querying for
...
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
Intruder Tools
Professional attackers have much more pointed at your site than just Nmap, and you should too if you want to test your network’s security. We’ll show you some tools intruders use to gather information.
-
Open source intelligence tools for pen testing
Automating the pen test discovery process in the era of IoT, the cloud, and social media. -
Kali Linux is the complete toolbox for penetration testing
The Kali Linux distribution is a complete toolbox for penetration testing. -
Improved defense through pen testing
Discover indicators of compromise with open source pen testing tools. -
Checking DNS configurations for errors
Correct name resolution is a fundamental prerequisite for trouble-free communication between servers and between servers and users. We look at practical tools for troubleshooting DNS configurations.
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
