footprinting & intelligence gathering paterva & beyond wardell motley, c|eh, nsa iam\iem...
TRANSCRIPT
![Page 1: Footprinting & Intelligence Gathering Paterva & Beyond Wardell Motley, C|EH, NSA IAM\IEM BSides – Dallas Ft. Worth – 2010 infowarrior0@gmail.com](https://reader035.vdocuments.mx/reader035/viewer/2022072014/56649e855503460f94b86f1e/html5/thumbnails/1.jpg)
Footprinting & Intelligence GatheringPaterva & Beyond
Wardell Motley, C|EH, NSA IAM\IEM
BSides – Dallas Ft. Worth – 2010
![Page 2: Footprinting & Intelligence Gathering Paterva & Beyond Wardell Motley, C|EH, NSA IAM\IEM BSides – Dallas Ft. Worth – 2010 infowarrior0@gmail.com](https://reader035.vdocuments.mx/reader035/viewer/2022072014/56649e855503460f94b86f1e/html5/thumbnails/2.jpg)
Agenda
• Definitions
• So what this isn't 0 day!!
• Why should this matter to me...
As a Business?
As a Penetration Tester?
As the individual?
• The tools
Maltego
Maltego Mesh
![Page 3: Footprinting & Intelligence Gathering Paterva & Beyond Wardell Motley, C|EH, NSA IAM\IEM BSides – Dallas Ft. Worth – 2010 infowarrior0@gmail.com](https://reader035.vdocuments.mx/reader035/viewer/2022072014/56649e855503460f94b86f1e/html5/thumbnails/3.jpg)
Definitions
Footprinting In computer security, footprinting is the process of accumulating data
regarding a specific network environment, usually for the purpose of finding ways to intrude into the environment.
http://www.networkdictionary.com/security/f.php
Intelligence Gathering In government and military operations, evaluated information
concerning the strength, activities, and probable courses of action of international actors that are usually, though not always, enemies or
opponents. http://www.answers.com/topic/intelligence-information-gathering
![Page 4: Footprinting & Intelligence Gathering Paterva & Beyond Wardell Motley, C|EH, NSA IAM\IEM BSides – Dallas Ft. Worth – 2010 infowarrior0@gmail.com](https://reader035.vdocuments.mx/reader035/viewer/2022072014/56649e855503460f94b86f1e/html5/thumbnails/4.jpg)
So what this isn't 0 Day!!
![Page 5: Footprinting & Intelligence Gathering Paterva & Beyond Wardell Motley, C|EH, NSA IAM\IEM BSides – Dallas Ft. Worth – 2010 infowarrior0@gmail.com](https://reader035.vdocuments.mx/reader035/viewer/2022072014/56649e855503460f94b86f1e/html5/thumbnails/5.jpg)
Why should this matter to me…
What good is 0 Day if you don’t know anything about your target?
![Page 6: Footprinting & Intelligence Gathering Paterva & Beyond Wardell Motley, C|EH, NSA IAM\IEM BSides – Dallas Ft. Worth – 2010 infowarrior0@gmail.com](https://reader035.vdocuments.mx/reader035/viewer/2022072014/56649e855503460f94b86f1e/html5/thumbnails/6.jpg)
As a Business?
• Competitors
• Compliance ≠ Security
• Information leakage I have all my boxes checked but the receptionist just
gave the delivery guy the secret key code to get into the front after hours
![Page 7: Footprinting & Intelligence Gathering Paterva & Beyond Wardell Motley, C|EH, NSA IAM\IEM BSides – Dallas Ft. Worth – 2010 infowarrior0@gmail.com](https://reader035.vdocuments.mx/reader035/viewer/2022072014/56649e855503460f94b86f1e/html5/thumbnails/7.jpg)
As a Business?
• User Training (This Means a Continuous Process)
Does the receptionist really need to give out that much information?
• Map out your information flow
Who has access to what and why?
• Avoid privilege creep
If someone changes functions in a company take away the old permissions.
*Remember Defense in Depth can be circumvented by Tom Foolery and lack of common sense…
![Page 8: Footprinting & Intelligence Gathering Paterva & Beyond Wardell Motley, C|EH, NSA IAM\IEM BSides – Dallas Ft. Worth – 2010 infowarrior0@gmail.com](https://reader035.vdocuments.mx/reader035/viewer/2022072014/56649e855503460f94b86f1e/html5/thumbnails/8.jpg)
As a Pen Tester?
• Proper Intelligence gathering & footprinting is key to protecting & understanding your clients!
• The more time spent gaining Intel the less Nessus plugin’s you will need to run!
![Page 9: Footprinting & Intelligence Gathering Paterva & Beyond Wardell Motley, C|EH, NSA IAM\IEM BSides – Dallas Ft. Worth – 2010 infowarrior0@gmail.com](https://reader035.vdocuments.mx/reader035/viewer/2022072014/56649e855503460f94b86f1e/html5/thumbnails/9.jpg)
As a Pen Tester?
What else can I look for beyond the usual?
• Where does the information flow?
Over & Under the firewall
P2P & Torrent sites, Online Storage Sites
Google Docs anybody?
Old Exchange User Archives
![Page 10: Footprinting & Intelligence Gathering Paterva & Beyond Wardell Motley, C|EH, NSA IAM\IEM BSides – Dallas Ft. Worth – 2010 infowarrior0@gmail.com](https://reader035.vdocuments.mx/reader035/viewer/2022072014/56649e855503460f94b86f1e/html5/thumbnails/10.jpg)
As the Individual?
That ex girlfriend is back!!
![Page 11: Footprinting & Intelligence Gathering Paterva & Beyond Wardell Motley, C|EH, NSA IAM\IEM BSides – Dallas Ft. Worth – 2010 infowarrior0@gmail.com](https://reader035.vdocuments.mx/reader035/viewer/2022072014/56649e855503460f94b86f1e/html5/thumbnails/11.jpg)
The Tools
• Maltego 3 by Paterva (paterva.com)
• Zoominfo.com
• Many Many others!!!
![Page 12: Footprinting & Intelligence Gathering Paterva & Beyond Wardell Motley, C|EH, NSA IAM\IEM BSides – Dallas Ft. Worth – 2010 infowarrior0@gmail.com](https://reader035.vdocuments.mx/reader035/viewer/2022072014/56649e855503460f94b86f1e/html5/thumbnails/12.jpg)
Questions?