FFootprinting...

   The Network Administrator

Yellow BeardFootprinting, as referred to in Hacking Exposed, a book written by Stuart McClure, Joel Scambray and George Kurtz. They use this term to describe peering into an organizations DNS server and pulling out the server names that are associated to their corresponding IP Addresses. This method is of course, very effective in discovering a company's e-mail and server naming convention. I myself have used it many times when looking for server information or e-mail addresses. By using the TCP/IP utility NSLOOKUP you may look up name server information; the e-mail address of the administrator, the mail servers IP address, web server, and any other server listed. You may also find any aliases such as; www, ftp and mail in the DNS server. Once, I even found a routers password this way. Not all break-ins are malicious, I have masked my way through many a system or network only to leave my wife a message to call me. It is important not to name your computers what their functions are. For example; MainCashDatabase, would probably not be a good idea. I use geeky names that can't be so easily associated with its function. I once took over a network where my predecessor used a book of classical composers to name their computers, so I had no choice but to continue this naming convention. You must pick your naming convention carefully, too many computer people use the same names; Names from Star Trek, Star Wars, Babylon 5 and the British like to use names for a popular space satire called Red Dwarf.

I always hesitate answering young eager to be computer geeks when they ask how I did something. Showing them how to use DNS and other everyday IP tools seems to take the magic out of it for them and they always look disappointed. Some even say; "I could have did that!" But they never do. A hacker is nothing more than someone that can utilize everything he or she has learned to achieve whatever goal they are after. Okay, and there's magic too.

Of course, this was nothing more than a brief overview of Footprinting. I recommend that you study DNS and NSLOOKUP if you want to know more about profiling a site.

 --Doug Chick

...
...