Lab 8: Perform Network Footprinting

 

Lab 8: Perform Network Footprinting


Module 02: Footprinting and Reconnaissance

Lab 8: Perform Network Footprinting


Task 1: Locate the Network Range


Here, we will locate the network range using the ARIN Whois database search tool.


go to https://www.arin.net/about/welcome/region

enter the IP address of the target organization

You will get the information about the network range along with the other information such as network type, registration information, etc.


---------------------------------------------------------------------------------------------------------------------------------------


Module 02: Footprinting and Reconnaissance

Lab 8: Perform Network Footprinting


Task 2: Perform Network Tracerouting in Windows and Linux Machines


cmd

tracert www.certifiedhacker.com

enter

to view the hops that the packets made before reaching the destination.

tracert /? 

press Enter to show the different options for the command, as shown in the screenshot.

Type tracert -h 5 www.certifiedhacker.com and press Enter

to perform the trace, but with only 5 maximum hops allowed.



in parrot you can 

 type traceroute www.certifiedhacker.com and press Enter to view the hops that the packets made before reaching the destination.


Since we have set up a simple network, you can find the direct hop from the source to the target destination.

 However, screenshots may vary depending on the target destination.


Lab Scenario

With the IP address, hostname, and domain obtained in the previous information gathering steps, as a professional ethical hacker, your next task is to perform network footprinting to gather the network-related information of a target organization such as network range, traceroute, TTL values, etc. This information will help you to create a map of the target network and perform a man-in-the-middle attack.

Lab Objectives

  • Locate the network range
  • Perform network tracerouting in Windows and Linux Machines

Overview of Network Footprinting

Network footprinting is a process of accumulating data regarding a specific network environment. It enables ethical hackers to draw a network diagram and analyze the target network in more detail to perform advanced attacks.

Task 1: Locate the Network Range

Network range information assists in creating a map of the target network. Using the network range, you can gather information about how the network is structured and which machines in the networks are alive. Further, it also helps to identify the network topology and access the control device and operating system used in the target network.

Here, we will locate the network range using the ARIN Whois database search tool.

  1. Click Windows 10 to switch to the Windows 10 machine.

  2. Open any web browser (here, Mozilla Firefox). In the address bar of the browser place your mouse cursor and click https://www.arin.net/about/welcome/region and press Enter.

    If More secure, encrypted DNS lookups notification appears at the top section of browser, click Disable.

  3. ARIN website appears, in the search bar, enter the IP address of the target organization (here, the target organization is certifiedhacker.com, whose IP is 162.241.216.11), and then click the Search button.

    Screenshot

  4. You will get the information about the network range along with the other information such as network type, registration information, etc.

    Screenshot

  5. This concludes the demonstration of locating network range using the ARIN Whois database search tool.

  6. Close all open windows and document all the acquired information.

Task 2: Perform Network Tracerouting in Windows and Linux Machines

The route is the path that the network packet traverses between the source and destination. Network tracerouting is a process of identifying the path and hosts lying between the source and destination. Network tracerouting provides critical information such as the IP address of the hosts lying between the source and destination, which enables you to map the network topology of the organization. Traceroute can be used to extract information about network topology, trusted routers, firewall locations, etc.

Here, we will perform network tracerouting using both Windows and Linux machines.

  1. Click Windows 10 to switch to the Windows 10 machine, open the Command Prompt window. Type tracert www.certifiedhacker.com and press Enter to view the hops that the packets made before reaching the destination.

    Screenshot

  2. Type tracert /? and press Enter to show the different options for the command, as shown in the screenshot.

    Screenshot

  3. Type tracert -h 5 www.certifiedhacker.com and press Enter to perform the trace, but with only 5 maximum hops allowed.

    Screenshot

  4. After viewing the result, close the command prompt window.

  5. Now, click Parrot Security to switch to the Parrot Security machine.

  6. Click the MATE Terminal icon at the top-left corner of the Desktop window to open a Terminal window.

    2020-08-19_14-39-17.jpg

  7. Parrot Terminal window appears. In the terminal window, type traceroute www.certifiedhacker.com and press Enter to view the hops that the packets made before reaching the destination.

    Since we have set up a simple network, you can find the direct hop from the source to the target destination. However, screenshots may vary depending on the target destination.

    Screenshot

  8. This concludes the demonstration of performing network tracerouting using the Windows and Linux machines.

  9. You can also use other traceroute tools such as VisualRoute (http://www.visualroute.com), Traceroute NG (https://www.solarwinds.com), etc. to extract additional network information of the target organization.

  10. Close all open windows and document all acquired information.

Comments

Post a Comment

Popular posts from this blog

Lab 1: Perform S3 Bucket Enumeration using Various S3 Bucket Enumeration Tools

Image
Lab 1: Perform S3 Bucket Enumeration using Various S3 Bucket Enumeration Tools Lab Scenario As an ethical hacker, you must try to obtain as much information as possible about the target cloud environment using various enumeration tools. This lab will demonstrate various S3 bucket enumeration tools that can help you in extracting the list of publicly available S3 buckets. Lab Objectives Enumerate S3 buckets using lazys3 Enumerate S3 buckets using S3Scanner Overview of Enumeration Tools Enumeration tools are used to collect detailed information about target systems to exploit them. Information collected by S3 enumeration tools consists of a list of misconfigured S3 buckets that are available publicly. Attackers can exploit these buckets to gain unauthorized access to them. Moreover, they can modify, delete, and exfiltrate the bucket content. Task 1: Enumerate S3 Buckets using lazys3 lazys3 is a Ruby script tool that is used to brute-force AWS S3 buckets using different permutations. This...
Read more

Lab 5: Perform Cryptanalysis using Various Cryptanalysis Tools

Image
Lab 5: Perform Cryptanalysis using Various Cryptanalysis Tools Module 20: Cryptography Lab 5: Perform Cryptanalysis using Various Cryptanalysis Tools Task 1: Perform Cryptanalysis using CrypTool CrypTool is a freeware program that enables you to apply and analyze cryptographic mechanisms, and has the typical look and  feel of a modern Windows application. CrypTool includes a multitude of state-of-the-art cryptographic functions and allows you  to both learn and use cryptography within the same environment. CrypTool is a free, open-source e-learning application used in  the implementation and analysis of cryptographic algorithms. Here, we will use the CrypTool tool to perform cryptanalysis. refer to blog  little long --------------------------------------------------------------------------------------------------------------------------------------- Module 20: Cryptography Lab 5: Perform Cryptanalysis using Various Cryptanalysis Tools Task 2: Perform Cryptanalysis us...
Read more

Task 2: Perform OS Discovery using Nmap Script Engine (NSE)

Image
  Task 2: Perform OS Discovery using Nmap Script Engine (NSE) Module 03: Scanning Networks Lab 3: Perform OS Discovery Task 2: Perform OS Discovery using Nmap Script Engine (NSE) open zenmap nmap -A [Target IP Address]   = -A: to perform an aggressive scan. nmap -O [Target IP Address]   = -O: performs the OS discovery. nmap --script smb-os-discovery.nse [Target IP Address]   = --script: specifies the customized script and smb-os-discovery.nse: attempts to determine the OS, computer name, domain, workgroup, and current time over the SMB protocol (ports 445 or 139). end Nmap, along with Nmap Script Engine (NSE), can extract considerable valuable information from the target system. In addition to Nmap commands, NSE provides scripts that reveal all sorts of useful information from the target system. Using NSE, you may obtain information such as OS, computer name, domain name, forest name, NetBIOS computer name, NetBIOS domain name, workgroup, system time o...
Read more