Searching for the Digital Needle in Relational Hackstack

In the entire world of network security, I think the thing I like the best is footprinting. In the basic pen testing methodology, footprinting is the first step to discovering your target. Way back when, this process was only lightly touched and folks rushed into enumeration like kids running out of school for the start of Summer vacation. A former colleague of mine used to say, "Information is the only commodity worth having" (Shout out to Dodson Dietrich!) That should be the mantra of every security professional out there today, because in its most basic form, that is the relationship between hackers and security professionals. Relational databases and the Internet has really changed the emphasis on the pen testing methodology. Information is really a funny thing. You can steal it, without ever removing it, you can sell it without every physically touching it. Many times, footprinting is the actual hack. Unfortunately, folks look at network security as stopping hackers, when really, network security has split and subdivided so many times that network security is broad term for large interest group. Kinda like the term "Sports" describes hundreds of athletic actives and a Huey Lewis album. 1983 represent yo! Let me share a few of the tools I use to help customers identify their possible exposure. Of course most of us know about Johnny Long's great GoogleDork database and papers/books on using Google as a World Wide Grep. http://johnny.ihackstuff.com/ghdb.php (Johnny has went offline for some reason; http://johnny.ihackstuff.com/HFC/Home.html But the Googlehacking Database is still operational. I wish him well.) But Google while good still only indexes the part of the web that can be crawled with spiders. To search the "Deep Web" we need a different type of search engine. The Deep Web is basically the web that is not discovered by algorithmic methods. This can be for many reasons. Some are: - Robot exclusion files - HTML coding - Dynamic content - Unlinked pages Some folks state that this content is x500 larger then the surface web, but that number seems kinda high to me. Either way, there is a real gold mine of data out there just waiting to be accessed. This is often referred to as Federated Searching. The federated search engines I seem to use the most are http://www.pipl.com, http://www.science.gov and http://www.nlsearch.com. (Google does offer a federated search engine called Google Scholar) Other Deep Web searchers include ICQ, Hoovers and Lexis/Nexis but some of these are fee based. Even StumbleUpon is a type of federated searching but since human interaction is involved, it is really more of a web harvester and truthfully, a heck of a lot of fun!. I also check out the Chinese Google called Baidu http://www.baidu.com/ since they also search a little differently then others. I have previously blogged about a fantastic data correlater like Maltego that assembles data connections from multiple resources. Check out the Deep Web for your next footprinting method. You will be surprised at the info you can find off Google. Jimmy Ray Purser Trivia File Transfer Protocol Does this armor make my tail look too big? Maybe, in the Middle Ages, a full suite of combat armor could weigh in at a whoppin' 80Lbs!

Copyright © 2009 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022