Ethical Hacking and Penetration Testing: Footprinting and Security

Verified

Added on 2022/08/12

AI Summary

This report delves into the realm of ethical hacking and penetration testing, focusing on the crucial initial phase of footprinting. It defines footprinting as the process of gathering information about a network environment to identify vulnerabilities and potential entry points. The report highlights several footprinting tools, including Sam Spade, nslookup, traceroute, Nmap, and neotrace, detailing their functionalities and applications. Furthermore, it emphasizes the importance of securing networks against potential attacks and outlines key security measures such as using WPA2 encryption, restricting DHCP, implementing VPNs, utilizing SSL certificates, and employing IPS/IDS systems. The report underscores the necessity of protecting sensitive information from hackers and securing system vulnerabilities to maintain network integrity.

Running head: ETHICAL HACKING AND PENETRATION TESTING
ETHICAL HACKING AND PENETRATION TESTING
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1ETHICAL HACKING AND PENETRATION TESTING
Discussions
In computers, footprinting is the procedure of accumulation of data regarding a
particular environment of network, usually for the reason of finding ways in order to intrude
into the environment (Hassan & Hijazi, 2018). The footprinting can reveal the vulnerabilities
of the system and upgrade the effortlessness with which they can be subjugated.
The tools those are utilised for footprinting are Sam Spade, nslookup, traceroute,
Nmap and neotrace.
Sam Spade: Sam Spade is a tool that is used in footprinting and it is a windows software tool
that is designed in order to track down sources of the spam of e-mail (Yang et al.,2019). It
was also the name of a free service of web that offers access to the same online tools. Steve
Atkins designed the Sam Spade utility in the year 1997. The features of this software include:
 Transfer of zone
 Decoding URL
 Browse web
 Parse headers of email
 Scanning of addresses
 Relay check of SMTP
Nslookup: nslookup is a command line tool for the administration of the network and it is
available in the operating systems of the computers in order to query the Domain Name
System in order to get the IP address mapping, the domain name, or the other records of DNS
(Mun et al.,2018). Nslookup is a useful command in order to get the information from the
server of DNS. It is a tool of network administration in order to query the Domain Name
System to get the domain name.

2ETHICAL HACKING AND PENETRATION TESTING
Traceroute: A traceroute tool is a tool of network that is used in order to show the route that
is taken by the packets across a network of IP (Sundaresan, 2019). The tool of traceroute will
show the user each hops in a series, and total hops those are needed. For every hop, it will
show the hop#, times of roundtrip, best time, IP address, country and TTL. The purpose of
the traceroute software is to trace the route to the host.
Nmap: the full form of Nmap is Network Mapper is an open source and free tool for the
scanning of vulnerability and discovery of network. The administrators of network utilised
Nmap in order to recognise the devices those are executing on their systems, discovering the
hosts those are available and the services they provide, identifying the ports those are open
and detecting the risks of security (Shah et al.,2019). Nmap can be utilised in order to
monitor the hosts those are single as well the networks those are large that include many
devices and multitudes of subnets.
Neotrace: neotrace is a tool that is used for the network footprinting. Neotrace take steps as a
full blown and whistled GUI for some of the commands of troubleshooting. It shows a
representation that is graphical of the route from the local machine to a location that is remote
(Kao et al., 2018). The software works by sending out the packets of ICMP to the location
that is specified. These packets can travel to a short distance that causes the ICMP packets to
expire early and then return to the neotrace.
The companies need to protect these informations from the hackers so that they cannot
enter the systems through the network and access the sensitive information those are
available on the internet (Xu, Fan & Yang, 2018). In order to do this, the network of the
network must be protected so that they cannot enter the system. The vulnerability of the
system should also be secured. The procedures by which the network can be protected are as
follows:

3ETHICAL HACKING AND PENETRATION TESTING
 Using WPA2: use of an encrypted protocol for the passwords on the router for the
network of the business.
 Restriction of DHCP: DHCP refers to the addresses of IP that the devices those are
present on the network are using. The entire feature must be disabled in order to make it
secure
 Using VPN: A VPN is a network that encrypts the connections of internet and the data
that is transmitted through the network and it has a functionality that disconnects the
hardwares from the network when the connected those protected are lost
 Using certificates SSL: in order to run online transactions of customers, a certificate of
SSL is used that permits a link that is encrypted between the server of web and web
browser
 Using IPS or IDS: a company in order to find and prevent the threats must use IDS and
IPS. IDS are utilised in order to detect any type of attackers; IPS prevents the negative
influence of the attackers those are detected.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4ETHICAL HACKING AND PENETRATION TESTING
References
Hassan, N. A., & Hijazi, R. (2018). Technical Footprinting. In Open Source Intelligence
Methods and Tools (pp. 313-339). Apress, Berkeley, CA.
Kao, D. Y., Wang, Y. S., Tsai, F. C., & Chen, C. H. (2018, February). Forensic analysis of
network packets from penetration test toolkits. In 2018 20th International Conference
on Advanced Communication Technology (ICACT) (pp. 363-368). IEEE.
Mun, H., Choi, K., Kim, J., Cho, I., Na, J., Park, H., ... & Springer, J. (2018, June). A Packet
Visualization Tool for Individuals. In 2018 IEEE International Conference on
Consumer Electronics-Asia (ICCE-Asia) (pp. 206-212). IEEE.
Shah, M., Ahmed, S., Saeed, K., Junaid, M., & Khan, H. (2019, January). Penetration Testing
Active Reconnaissance Phase–Optimized Port Scanning With Nmap Tool. In 2019
2nd International Conference on Computing, Mathematics and Engineering
Technologies (iCoMET) (pp. 1-6). IEEE.
Sundaresan, S. (2019, March). Service Traceroute: Tracing Paths of Application Flows.
In Passive and Active Measurement: 20th International Conference, PAM 2019,
Puerto Varas, Chile, March 27–29, 2019, Proceedings (Vol. 11419, p. 116). Springer.
Xu, A., Fan, K., & Yang, H. (2018). Research on Power Network Security Technology and
Protection. In MATEC Web of Conferences (Vol. 246, p. 03016). EDP Sciences.
Yang, L. A., Chang, Y. J., Chen, S. H., Lin, C. Y., & Ho, J. M. (2019). SQUAT: a
Sequencing Quality Assessment Tool for data quality assessments of genome
assemblies. BMC genomics, 19(9), 238.