Reconnaissance : It is a process of information gathering .And to be a successful at reconnaissance you should have a strategy .
Now Most of you might be wondering WTH do i mean by strategy in defacing or exploting a website.. Lets check the case scenario below:-
There are two hackers one is n00b and another one is skilled hacker . Once the n00b finds a vulnerabilty on a www.some-----------ie.com and he knows how to deface a website . Without thinking anything he will go forward and deface that site and leave fingerprints on the log . While the other, a skilled hacker ,
♣He first start gathering all the information ,
♣He also use webhttrack software to copy whole website and then,
♣He analyse that government website offline which help him to stop leaving fingerprint on the log .
♣He scans for all the open ports ,as he find the vulnerebilties he dosen't start exploiting ,
♣He first wait & hide himself by using tor proxy .
♣Now finally he defaces that website .
So conclusion comes out from this case scenario is : The skilled hacker has more chance to survive and there be a less chance to being caught by the forensic department .So always make a strategy first . Before exploiting any target .
Let move further in Reconnaissance .
Reconnaissance is of two type -
○Active
○Passive
Active Reconnaissance : When accessing the target directly . It may be noted that during this process , the target server may record our ip ,mac and all our activity online .
Passive Reconnaissance : When we talk about the passive reconnaissance , we are actually accessing the target indirectly . This strategy works as such the target has no way to recording or logging our activity .
To gather information by HTTrack on Backtrack which we will take on next post .
Now Most of you might be wondering WTH do i mean by strategy in defacing or exploting a website.. Lets check the case scenario below:-
There are two hackers one is n00b and another one is skilled hacker . Once the n00b finds a vulnerabilty on a www.some-----------ie.com and he knows how to deface a website . Without thinking anything he will go forward and deface that site and leave fingerprints on the log . While the other, a skilled hacker ,
♣He first start gathering all the information ,
♣He also use webhttrack software to copy whole website and then,
♣He analyse that government website offline which help him to stop leaving fingerprint on the log .
♣He scans for all the open ports ,as he find the vulnerebilties he dosen't start exploiting ,
♣He first wait & hide himself by using tor proxy .
♣Now finally he defaces that website .
So conclusion comes out from this case scenario is : The skilled hacker has more chance to survive and there be a less chance to being caught by the forensic department .So always make a strategy first . Before exploiting any target .
Let move further in Reconnaissance .
Reconnaissance is of two type -
○Active
○Passive
Active Reconnaissance : When accessing the target directly . It may be noted that during this process , the target server may record our ip ,mac and all our activity online .
Passive Reconnaissance : When we talk about the passive reconnaissance , we are actually accessing the target indirectly . This strategy works as such the target has no way to recording or logging our activity .
To gather information by HTTrack on Backtrack which we will take on next post .
Note:
The hacking related stuff is for education purposes only! The tutorials and Demos are provided for those who are curious to learn Hacking or make their own systems more secure. When we talk here about "Hacking" shall be regarded as Ethical hacking.We are not responsible for any Exploits :)
No comments:
Post a Comment