Following in the hackers' footsteps Print E-mail
‘Footprinting’ an organisation involves a range of information-gathering techniques – from identifying active machines to rifling through rubbish. The practice can ensure a hack is quick, effective and virtually untraceable.

The technique allows for the accumulation of data regarding a specific network environment and can revel system vulnerabilities and improve the ease with which they can be exploited. The increase in footprinting is coupled with a boom in areas to exploit with the growth in Google searches, forums and software as a service.

Hackers can spend up to 90 per cent of an attack researching the network vulnerabilities, according to security experts at Firebrand Training (known as The Training Camp). In response to the increasing number of network vulnerabilities, Firebrand Training has launched a White Paper, ‘Footprinting’ – following in the hackers’ footsteps.

Produced by Firebrand Training’s CSO, Richard Millett, the paper explores key strategies in passive and active reconnaissance of network vulnerabilities – as well as more technical methods, such as port scanning, ping sweeps and traceroute. It is critical that organisations start to understand the technique before they are caught out.

Once the footprinting process is complete it should be possible to produce a network map of a target containing the following information:
· Host names
· IP addresses
· Open port numbers
· Operating systems
· The function of particular hosts

“For years, organisations have been trying to think like hackers to beat them at their own game,” said Richard Millett, CSO, Firebrand Training. “Footprinting a network can take months of careful observation and planning, while a strike can take just seconds,” he added. “Organisations need to make sure networks reveal as little information as possible to potential attackers. Essentially, even small lapses could prove fatal to the network’s security.”