What is NTP Enumeration?

What Is NTP Enumeration?

What is NTP Enumeration? – Network Time Protocol (NTP) is designed to synchronize clocks of networked computers. It uses UDP port 123 as its primary means of communication, NTP can maintain time to within 10 milliseconds(1/100 seconds) over the public Internet. It can achieve accuracies of 200 microseconds or better in local area networks under ideal conditions. Arracker queries NTP server to gather valuable information such as: List of host connected to NTP server Clients IP addresses in a network, their system names and OSs Internal IPs can also be…

Read More

What is LDAP Enumeration?

What is LDAP Enumeration?

What is LDAP Enumeration? – Lightweight Directory Access Protocol (LDAP) is an Internet Protocol for accessing distributed directory services. Directory services may provide any organized set of records, often in a hierarchical and logical structure, such as a corporate email directory. A client strats a LDAP session by connecting to a Directory System Agent (DSA) on TCP port 389 and then sends an Operation request to the DSA. Information is transmitted between the client and the server using Basic Encoding Rules (BER). Attackers queries LDAP service to gather information such…

Read More

Top Five Footprinting Tool?

What is Footprinting?

Top Five Footprinting Tool? – Attackers are aided in footprinting with the help of various tools. Many organizations offer tools that make information gathering an easy task. This section describes tools intended for obtaining information from various sources. Footprinting tools are used to collect basic information about the target systems in order to exploit them. Information collected by the footprinting tools contain target’s IP location information, routing information, business information, address, phone number and social security number, details about a source of an email and a file, DNS information, domain…

Read More

What is Traceroot?

What is Traceroot?

What is Traceroot? – Traceroute programs works on the concept of ICMP protocol and used the TTL field in the Header of ICMP packets to discover the routers on the path to a target host. What is Traceroot? Finding the route of the target host on the network is neccessary to test against to test against man-in-the-middle attacks and other related attacks. Most operating systems come with a Traceroute utility to perform the task. It traces the path or route through which the target host packets travel in the network.…

Read More

What Is DNS Foorprinting?

What is Footprinting?

What Is DNS Foorprinting? – Attackers can gather DNS information to determine key hosts in the network and can perform social engineering attacks. What Is DNS Foorprinting? Extracting DNS Information DNS footprinting, namely Domain Name System footprinting, reveals information about DNS zone data. DNS zone data include DNS domain names, computer names, IP addresses, and much more about a particular network. An attacker uses DNS information to determine key hosts in the network, and then performs social engineering attacks to gather even more information. DNS footprinting helps in determining following…

Read More

What is Who is Lookup?

What is Who is Lookup?

What is Who is Lookup? – Gathering network-related information such as “Whois” information about the target organization is important when planning a hack. in this section, we will discuss whois footprinting. Whois foorprinting focuses on how to perform a Whois lookup, analyzing the Whois lookup results, and the tools used to gather Whois information. What is Who is Lookup? Whois Lookup Whois is a query and response protocol used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP…

Read More

Information Security Laws and Standards

Information Security Laws and Standards

Information Security Laws and Standards – law function as a system of rules and guidelines enforced by a particular country or community to govern behavior. A standard is a document established by consenus and approved by a recognized body that provides, for common and repeated use, rules, guidelines or characteristics for activities or thier results, aimed at the achievement of the optimum degree of order in a given context. This section deals with various laws and standards pertaining to information security in different countries. Information Security Laws and Standards Payment…

Read More

Information Security Threats and Attack Vectors

Information

Information Security Threats and Attack Vectors – There are various categories of information security threats, such as network threats, host threats, and application threats, and various attack vectors, such as viruses, worms, botnets, that might affect an organization’s information security. This section introduces you to the motives, goals, and objectives of information security attacks, top information security attack vectors, information security threat categories, and the types of attacks on a system. Information Security Threats and Attack Vectors Attackers generally have motives (goals), and objectives behind information security attacks. A motive…

Read More

Vulnerability Assessment Tools

Vulnerability Assessment Tool

Vulnerability Assessment Tools – Vendor-designed vulnerability assessment tools can be used to test a host or application for vulnerabilities. There are several vulnerability assessment tools available, including port scanners, vulnerability scanners, and OS vulnerability assessment scanners. The right tools have to be chosen based on the test requirements. These tools are able to test from dozens to thousands of different vulnerabilities, depending on the product. The selected tool should have a sound database of vulnerabilities and attack signatures that are updated frequently. The testing team should choose a tool that…

Read More