O'Reilly logo

Build Your Own Security Lab: A Field Guide for Network Testing by Michael Gregg

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 3. Passive Information Gathering

Whereas previous chapters examined what is needed from a hardware and software perspective, this chapter begins to explore how to start to utilize your new equipment. Although you might be eager to start loading advanced tools and learning more about exploits, this chapter focuses on your brain. This approach might not be what you were expecting, but what is important to remember here is that when applying for a security position, you are not only selling your technical skills; you are also selling your ability to think and reason. Before you ever purchase your first firewall upgrade or the deploy an intrusion detection system (IDS), you need to look at the types of nontechnical security leaks that are occurring. That is what this chapter examines. This chapter explores the ways in which information leakage can damage an organization. The chapter guides you through some common areas where attackers and others will look to gather information to potentially exploit the company or business entity.

Information gathering can be defined as the act of collecting data relevant to a specific goal. Although this process can take on many different forms, such as businesses gathering information about their customers and buying habits (metadata), the type of information gathering discussed here deals with methods used to profile and attack a potential target. Remember, after all, most attacks do not occur in a void. The attacker must first know something ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required