The very first stage of hacking is PAG i.e Passive Attack Gathering.  In plain English we collect all the information about our victim network or a system for planning the attack. Remember following things are explained for a penetration testing scenario & not for hacking actual hacking.  So don’t misuse this information, I will not be responsible for anything you do with it.

What type of information we need in Pre attack stage  ?

If you are planning to intruding in some network, you’ll need following information.

What is the primary domain name of that organization who’s network you are testing. This is basically needed in performing a black box & not a white box. Any ethical hacker is hired to test network’s vulnerabilities from outside & he have no idea of the subjected network.

We need these things before attack:

Primary Domain names , their IP addresses

There Name servers (e.g ns1.victim.com, ns2.victim.com & so on..)

Owner of domain names, their addresses & phone numbers.

Then we need to know the basic mail server details (we need to trace route fro that)

Operating systems & arrangement

Basic information about firewalls.

So, we perform some queries from global database of domain names like ‘who is query’ to accomplish our information gathering attack. It is called as passive as we do not directly intrude inside the network & still can access all these data by indirect attacks. So this step is called as passive attack gathering.

Tools to be used for Passive Attack Gathering :

Nslookup : for details of Ip’s & mail servers

Who.is : It is a website gives you all data about domain owner.

Visual lookout : Connection details are shown up

Traceroute : Shows you a results of rout trace query

Neo Trace or Visualtrace : Shows you graphical interface of route tracing

Email Tracker Pro : Its a website you can try for gaining IP addresses from emails.

Advertisements