passive-attacking-gathering

Passive attack gathering is one of the Pre-attack stage where attacker collects information about his victim.

It is also known as footprinting.This attack is done on big organization having very large network.

It is the method by which we collect information about structure under organizational network. We sort of predict the flow of network by collecting information indirectly.

Following information we dig in PAG (Passive attack Gathering)

1. Domain Name Queries
2. Detect owner information (Addresses and phone Numbers)
3. Locate Network Ranges
4. Detect Open Ports & Active Machines
5. Reveals services on the network
6. Detect Operating systems
7. And Finally creates Network Map

All the above mentioned processes are done by means of enumerating and scanning soft wares as well as by the use of search engines.

Who is :
By performing who is query we can collect information about owner of domain name and his details.

Nslookup:
It is a program that diagnose domain name to find sensitive information about additionally takes IP addresses , MX records which can detect mail servers on the network.
It can operated in both Unix and Windows.

ARIN: It stands for American Registry of Internet Numbers. It allows us to search who is databse freely unknowing of the victim.

we can also find related points of contact (POC) and autonomous system numbers (ASN) through its database.

Trace Route and Neo Trace:

By this we can trace the routes that UDP and TCP packets are following between two addresses which can give us idea about the map of the network.
Neo Trace allows us to see this trace route output graphically (visually), which makes it more easy to map the network.

Visual Lookout:
This software provides high level access to internal network data and reveals ‘who is connected’ and ‘what types are services are being used.’
Also gives out number of active connection and type of connection (Inbound or Outbound)

Email Tracker Pro :

Its a tool that enables to analyse the email sent , its route and gives out its headers information by using a simple graphical interface.

All above mentioned queries are performed indirectly before enumeration and scanning which are not performed directly by attack. Therefore it is known as Passive Attack Gathering.

6 thoughts on “Passive Attack Gathering and the Tools Required

  • September 13, 2009 at 3:31 am
    Permalink

    send me de tools plz >_<

    Reply
  • June 12, 2009 at 1:23 pm
    Permalink

    Hey, I am having IPTV brodcast coming in my modem, can you tell me the way through which I can detect the IP address and port number of broadcast???

    Reply
  • February 11, 2009 at 3:12 pm
    Permalink

    plz send me program or trick for hack the orkut password

    Reply
  • January 30, 2009 at 4:21 am
    Permalink

    Hi thanks for great tutorial but where i can download all this software like NeoTrace Pro with crack

    if you have the link download for all this software plz send to my email vasco_skynet@yahoo.com

    Thanks mate

    Reply
  • December 25, 2008 at 8:37 am
    Permalink

    hii Richard,

    To be very simple, Attacker collects information about its victim passively means without getting victim’s attention.

    Reply
  • December 24, 2008 at 9:54 pm
    Permalink

    so, basically , what does one do with this?? i dnt understand a thing………..english plssss

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.