Information Technology Reference
In-Depth Information
trar information. The hacker simply needs to know which registrar the company is listed
with. There are five types of queries listed under this section which areas follow:
Registrar Queries:
Registrar Queries or WHOIS (pronounced as the phrase who is) is a
query and response protocol that is widely used for querying databases that store the re-
gistered users or assignees of an Internet resource, such as a domain name, an IP address
block, or an autonomous system, but is also used for a wider range of other information.
The protocol stores and delivers database content in a human-readable format.
Organizational Queries:
This is searching a specific registrar to obtain all instances of the
target's name. The results show many different domains associated with the company as it
may use a large number of domains with its dedicated server or system you can say.
Domain Query:
A domain query is based off of results found in an organizational query.
Using a domain query, you could find the company's address; domain name, administrator
and his/her phone number, and the system's domain servers as while registering a domain
this is included in registration forum. The administrative contact could be very useful to
a hacker as it provides a purpose of how to do social engineering. So this is where social
engineering comes into play. Many administrators now post false phone numbers to protect
themselves from this so that they may not be fooled so easily.
POC Query:
This query finds the many IP addresses a machine may have which are ma-
jorly public and are associated with machine.
DNS Interrogation:
After gathering the information needed using the above techniques, a hacker would begin
to query the DNS using tools. A common problem with system administrators is allowing
untrusted, or worse, unknown users, to perform a DNS Zone Transfer. Many freeware tools
can be found on the internet and can be used to perform DNS interrogation. Tools such as
nslookup, for PC, and AGnet Tools, for Mac, also in Linux flavor many open source ap-
plications are present for this purpose. I,ll do write about them separately in other articles.
Similar common Tricks and Techniques regarding Footprinting:
OS Identification:
This involves sending illegal ICMP (Internet Control Message Pro-
tocol) or (TCPTransmission
Control Protocol) packets to a machine for identifying Operating system used on server or
machine in simple words.
