LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 06-26-2004, 03:33 PM   #1
xathras
LQ Newbie
 
Registered: Jun 2004
Posts: 25

Rep: Reputation: 15
Information Gathering


DISCLAIMER:
Any information that is used in this document is to outline how easy information about your network can be found, this information should not be used to exploit any host without the permission of the administrator and relevant people/organisations.


Introduction:
This document is very brief, it will not go into detail nor will it discuss how to install and configure the relevant tools to gather such information, this is why companies and outstanding individuals on the internet spead their own time, resources and money to produce such materials for you.

Example:
In this document we will use google. Google is one of the most valuable tools on the internet to gather information, also google is well known by all and a 'quick load' site.


Tools that will be used:

samspade www.samspade.org
netcraft www.netcraft.com
google www.google.com


SamSpade

Whois: gathers valuable registration information about the domain, nameservers, registrant name, address, agents and much more.

06/26/04 20:36:44 whois google.co.uk
.uk is a domain of United Kingdom
(international dialing code 44)
Searches for .uk can be run at http://www.britain.eu.net/naming-co/whois-form.html

whois -h whois.nic.uk google.co.uk ...

Domain Name:
google.co.uk

Registrant:
Google Inc

Registrant's Address:
2400 Bayshore Parkway
Mountain View
94043
CA

Registrant's Agent:
Alldomains.com, Inc. t/a Alldomains.com/NetCorps [Tag = ALLDOMAINS]
URL: http://www.alldomains.com

Relevant Dates:
Registered on: 14-Feb-1999
Renewal Date: 14-Feb-2005
Last updated: 18-Oct-2002

Registration Status:
Registered until renewal date.

Name servers listed in order:
ns.google.com 216.239.32.10
ns2.google.com 216.239.34.10

WHOIS database last updated at 20:35:00 26-Jun-2004

--
(c) Nominet UK 1996 - 2004

For further information and terms of use please see http://www.nic.uk/whois
Nominet reserves the right to withhold access to this service at any time.


Ping
Ping allows use to send a number of packets to the address and see its alive, the ping event will also display how long a round trip event took

06/26/04 20:38:38 ping google.co.uk
Ping google.co.uk (216.239.57.104) ...
1 Addr:216.239.57.104, RTT: 149ms, TTL: 236
2 Addr:216.239.57.104, RTT: 148ms, TTL: 236
3 Addr:216.239.57.104, RTT: 148ms, TTL: 236
4 Addr:216.239.57.104, RTT: 148ms, TTL: 236
5 Addr:216.239.57.104, RTT: 148ms, TTL: 236
6 Addr:216.239.57.104, RTT: 148ms, TTL: 236
7 Addr:216.239.57.104, RTT: 148ms, TTL: 236
8 Addr:216.239.57.104, RTT: 148ms, TTL: 236
9 Addr:216.239.57.104, RTT: 148ms, TTL: 236
10 Addr:216.239.57.104, RTT: 148ms, TTL: 236

DNS
The DNS tool in samspade allows use to gather details on the DNS servers for the network

06/26/04 20:40:08 dns google.co.uk
Canonical name: google.co.uk
Addresses:
216.239.57.104
216.239.59.104
216.239.39.104

IP Block
The IP Block tool allows user to discover the IP block thats owned by google. A scanner could be used for that block to check for open ports, operating system information, service information etc.

Trace Tool
The traceroute tool will allow you to trace the location of the machine by going through all hops.

For the purpose of this document I have not included the output as this will disclose my ip information

NETCRAFT
Netcraft.com is a tool that can tell us what operating system and http server is running for a domain. It will also tell us the last time a change was made, IP addresses and the netblock owner

More information can be found on by going to:

http://uptime.netcraft.com/up/graph?...w.google.co.uk


GOOGLE:

By using google you can search for specific information about a company, you could even search the companies site for more information using the following:

site:www.google.co.uk password

This will search google.co.uk for all pages with password on, a index of these will be displayed once found.

Click here for more information:

http://www.google.co.uk/search?hl=en...password&meta=
 
Old 06-27-2004, 11:50 PM   #2
J.W.
LQ Veteran
 
Registered: Mar 2003
Location: Boise, ID
Distribution: Mint
Posts: 6,642

Rep: Reputation: 85
Sorry, maybe I'm missing something, but I don't understand this post. Are you asking a question, or merely posting the results of whois entry? -- J.W.
 
Old 06-28-2004, 06:16 AM   #3
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
How do you feel about reposting this in the LinuxQuestions Wiki?
http://wiki.linuxquestions.org/

This would allow it to be refined over time and become a useful resource..
There is more room to discuss different aspects of "Information Leakage" there than in the basic forum..
 
Old 06-28-2004, 07:43 AM   #4
xathras
LQ Newbie
 
Registered: Jun 2004
Posts: 25

Original Poster
Rep: Reputation: 15
how would i do this.

In reply to the post about the user who couldnt determine what it was for, it was just general information for someones use on host profiling.

Its only basic
 
Old 06-28-2004, 01:23 PM   #5
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 67
You can find more information about the LQ Wiki and see a Getting Started guide on the help page:
http://wiki.linuxquestions.org/wiki/....org_Wiki:Help
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Gathering post breach information on linux xxx_anuj_xxx Linux - Security 3 11-12-2005 10:08 AM
Gathering computer system (linux )information in C minil Programming 2 03-09-2005 05:47 AM
Database Gathering Adler Linux - General 0 10-28-2004 08:48 PM
Magic The Gathering and IE tcaptain LinuxQuestions.org Member Success Stories 7 04-06-2004 03:50 PM
Linux gathering Ztyx Linux - General 1 06-29-2002 03:00 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:14 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration