Chapter 4 – Information Gathering

Publisher Summary This chapter provides an overview of information gathering process that involves scamming users out of information, such as user names and passwords. It introduces several techniques used by the network crackers to gather information about networks they are considering infiltrating. One of these techniques is social engineering, which uses a variety of inperson, telephone, and e-mail scams to convince users to divulge system access information. The best defense against social engineering is good user education. Web pages and DNS databases can also provide a wealth of information, including the names of employees, e-mail addresses, titles, and phone numbers, which can form the basis of social engineering attacks. Published information can also reveal the IP addresses of servers, which can then be targeted for further information gathering. The best defense is to limit the information revealed by public sources. Port scanning is another process that reveals the TCP ports on which a host is listening for Internet traffic. The best defense is to close all ports that are not in use and to place servers behind firewalls that perform proxy serving, shielding the servers' actual IP addresses from the Internet. Network discovery and mapping provides a map of the layout of a network, showing connected devices and their IP addresses. The best defense is to prevent ping packets from entering the network so that no hosts behind the firewall can respond.