- "Do I Know This Already?" Quiz
- Foundation Topics: Overview of the Seven-Step Information-Gathering Process
- Information Gathering
- Determining the Network Range
- Identifying Active Machines
- Finding Open Ports and Access Points
- OS Fingerprinting
- Fingerprinting Services
- Mapping the Network Attack Surface
- Summary
- Exam Preparation Tasks
- Review All Key Topics
- Define Key Terms
- Exercises
- Review Questions
- Suggested Reading and Resources
This chapter is from the book
This chapter is from the book
This chapter is from the book
Summary
In this chapter, you learned the seven steps that compose the pre-attack phase: information gathering, determining the network range, identifying active machines, finding open ports and access points, OS fingerprinting, fingerprinting services, and mapping the network attack surface.
This chapter is an important step for the ethical hacker because at this point you are gathering information to launch an attack and determine the best path forward. The more information that is gathered here, the better the chance of success. You might find enough information at this point to be able to launch an attack. If not, the information gathered will serve as a foundation for subsequent steps of the attack. An important part of ethical hacking is documentation. That’s why several ways to collect and document your findings are shown. There is no such thing as too much information. You may want to use a proxy or anonymizer to obscure the probes. These notes will prove useful when you prepare your report. Finally, make sure that the organization has given you written permission before beginning any work, even the reconnaissance.
