Now let’s circle back around to the first step in the process of ethical hacking: footprinting. Footprinting, or reconnaissance, is a method of observing and collecting information about a potential target with the intention of finding a way to attack the target. Foot-printing looks for information and later analyzes it, looking for weaknesses or potential vulnerabilities.
Footprinting generally entails the following steps to ensure proper information retrieval:
1. Collect information that is publicly available about a target (for example, host and network information).
2. Ascertain the operating system(s) in use in the environment, including web server and web application data where possible.
3. Issue queries such as Whois, DNS, network, and organizational queries.
4. Locate existing or potential vulnerabilities or exploits that exist in the current infrastructure that may be conducive to launching later attacks.