Hello again! I'm pretty late with this post, but I am very busy all this time, so there wasn't time for my blogging... Now I'm back :)
Next thing I'm going to talk about is active information gathering.
So, what is it? What is the difference from passive information gahtering?
The difference is that now we are going to make some contact with our target. Let see how it looks like...
We are going to begin with Ping. I suppose that everyone sometimes heard for ping command.
Well, that is very useful command to find active machines on the network. Ping command sends an Internet Control Message Protocol (ICMP) ECHO_REQUEST to obtain an ICMP_ECHO_RESPONSE from a host. I'm not going to talk more about this command, it's very simple, has several options and it's very easy to use.
So, we use ping to see if our target is up.
Next very useful command is tracert(traceroute in windows os).
Tracert command attempts to trace the route an IP packet follows to an Internet host by launching UDP probe packets with a small maximum time-to-live, then listening for a ICMP_TIME_EXCEEDED from gateways along the route.
It's very easy to use, has several options, so enough about it.
Next command I'm going to mention is NSLookup.
NSLookup command queries the Internet domain name servers in two modes. Interactive mode alows you to query the name servers for informations such as hosts and domains, or to print a list of hosts in some domain, while in the non-interactive mode the names and requested information are printed for a specified host or domain.
You can enter the interactive mode when you type just nslookup without any arguments, or when the first argument is - (minus sign) and the second argument is the host name or Internet address of a name server. The nslookup command executes in non-interactive mode when the first argument is the name of Internet address of the host that we are searching for.
Very useful, and simple to use.
Next command is Finger. The finger command is used to gahter and locate user information on our target system. The finger provides a list of all the users who are logged at the system in that time. By default, finger lists the login name, full name, the host and the terminal name, write status, idle time, login time, login location, and all that for each user.
One more, very simple to use, and can be pretty useful in information gathering.
Ok, this is it for now. In next post I'm going to continue about active information gahtering, and I'll explain some more advanced technics and tools for that purpose.
It's getting more and more interesting... so, stay tuned...
