wisemonkeys logo
FeedNotificationProfileManage Forms
FeedNotificationSearchSign in
wisemonkeys logo

Blogs

Reconnaissance

profile
Jermin Shaikh
Aug 30, 2022
0 Likes
0 Discussions
180 Reads

Reconnaissance is the best practice for discovering and collecting information about a system. Reconnaissance derives from military language, which refers to a mission to obtain information from enemy territory.

HOW DOES RECONNAISSANCE WORK;

Reconnaissance generally follows seven steps:

  1. Collect initial information
  2. Determine the network range
  3. Identify active machines
  4. Find access points and open ports 
  5. Fingerprint the operating system
  6. Discover services on ports
  7. Map the network

Using these steps, an attacker will aim to gain the following information about a network:

  • File permissions
  • Running network services
  • OS platform
  • Trust relationships
  • User account information 

One of the most common techniques involved with reconnaissance is port scanning, which sends data to various TCP and UDP (user datagram protocol) ports on a device and evaluates the response. 

THE TWO PHASES OF RECONNAISSANCE IN ETHICAL HACKING ARE AS FOLLOWS;

  • Active reconnaissance
  • Passive reconnaissance

1. Active reconnaissance:-

Dynamic reconnaissance is the kind of reconnaissance where you assemble data about the framework/application by straightforwardly connecting with the framework. At the point when you utilize Active reconnaissance, there is a high possibility that some data like your IP address is known by the framework you are attempting to accumulate the data about. 

2. Passive reconnaissance:-

On account of Passive reconnaissance, you assemble data without interfacing with the framework/application you are attempting to think about. You accumulate data through web indexes or freely available reports. At the point when you utilize Passive reconnaissance, it is highly unlikely that the framework would know your IP address.

HOW TO PREVENT RECONNAISSANCE?

Organizations can use penetration testing to determine what their network would reveal in the event of a reconnaissance attack. Organizations can outsource the work by hiring security testing professionals to carry out penetration testing, vulnerability assessment, compliance testing, etc.

During testing, organizations can deploy port scanning tools (which scan large networks and determine which hosts are up) and vulnerability scanners (which find known vulnerabilities in the network).

SIEM solutions can also detect source IPs that are running a port scanning tool in your network.

Steps followed in reconnaissance –

  • Accumulate inceptive data 
  • Decide the range of the network 
  • Recognize all active machines 
  • Get hold of the OS being used 
  • Uniquely mark the working framework 
  • Reveal services used on ports 
  • Understand the network map

An example used in Reconnaissance:-

Reconnaissance is mainly used for gaining information by visual observation or other detection methods, about the activities and resources of an enemy or potential enemy, or about the meteorologic, hydrographic, or geographic characteristics of a particular area.

 

Comments ()

Sign in

Read Next

Computer Security

Blog banner

OS DESIGN CONSIDERATIONS FOR MULTIPROCESSOR

Blog banner

EVOLUTION OF THE MIRCOPROCESSOR

Blog banner

Teenagers of Today

Blog banner

PERT Overview

Blog banner

Article on Team Work

Blog banner

Threat from Inside: Educating the Employees Against Cyber Threats

Blog banner

Dekkers Algorithm

Blog banner

Why You Need 2FA (Two-Factor Authentication) On Your Email And Other Online Accounts

Blog banner

The Power of Cyber Forensic in Solving Crimes

Blog banner

Why Skipping Afternoon Meals Affects More Than Just Your Hunger?

Blog banner

Expressing and Measuring Risk (Risk Management)

Blog banner

Multiprocessor and Multicore Organization

Blog banner

Digital Marketing

Blog banner

Is It Too Late to Straighten My Teeth as an Adult?

Blog banner

Multiprocessor and Multicore Organization

Blog banner

DATA VAULT

Blog banner

Data Science & AI

Blog banner

Decoding the Weave — How to Identify Original Patola Art on a Fabric

Blog banner

Virtual memory

Blog banner

Article on Zoho Corporation

Blog banner

What is service level Agreement?

Blog banner

Why Consistency in Eating Habits Matters and How Meal Maharaj Makes It Easy

Blog banner

Webmail

Blog banner

Traditional UNIX Scheduling

Blog banner

VIRTUAL MEMORY

Blog banner

undefined

Blog banner

How to setup a professional looking business account on Instagram?

Blog banner

Note on Process, Process creation and Process termination

Blog banner

Constrains in service design

Blog banner

The Essential Guide to Dynamic Arrays vs. Linked Lists: Which to Use and When ?

Blog banner

Jira Software

Blog banner

The Impact of Cyber Forensics on Corporate Governance and Compliance

Blog banner

Uniprocessor Scheduling

Blog banner

LEMON PICKLE (NIMBU KA ACHAR)

Blog banner

Cyber Forensics

Blog banner

Women Empowerment

Blog banner

Data-Driven Prediction of Virtual Item Prices in Online Games

Blog banner

Understanding Mobile Device Forensics

Blog banner

Fudgy Tahini Date Chocolate Bars

Blog banner

Nature’s Brush on Silk: The Secret Behind Patola Colours

Blog banner

KASHMIR TRIPS

Blog banner