wisemonkeys logo
FeedNotificationProfileManage Forms
FeedNotificationSearchSign in
wisemonkeys logo

Blogs

Reconnaissance

profile
Jermin Shaikh
Aug 30, 2022
0 Likes
0 Discussions
180 Reads

Reconnaissance is the best practice for discovering and collecting information about a system. Reconnaissance derives from military language, which refers to a mission to obtain information from enemy territory.

HOW DOES RECONNAISSANCE WORK;

Reconnaissance generally follows seven steps:

  1. Collect initial information
  2. Determine the network range
  3. Identify active machines
  4. Find access points and open ports 
  5. Fingerprint the operating system
  6. Discover services on ports
  7. Map the network

Using these steps, an attacker will aim to gain the following information about a network:

  • File permissions
  • Running network services
  • OS platform
  • Trust relationships
  • User account information 

One of the most common techniques involved with reconnaissance is port scanning, which sends data to various TCP and UDP (user datagram protocol) ports on a device and evaluates the response. 

THE TWO PHASES OF RECONNAISSANCE IN ETHICAL HACKING ARE AS FOLLOWS;

  • Active reconnaissance
  • Passive reconnaissance

1. Active reconnaissance:-

Dynamic reconnaissance is the kind of reconnaissance where you assemble data about the framework/application by straightforwardly connecting with the framework. At the point when you utilize Active reconnaissance, there is a high possibility that some data like your IP address is known by the framework you are attempting to accumulate the data about. 

2. Passive reconnaissance:-

On account of Passive reconnaissance, you assemble data without interfacing with the framework/application you are attempting to think about. You accumulate data through web indexes or freely available reports. At the point when you utilize Passive reconnaissance, it is highly unlikely that the framework would know your IP address.

HOW TO PREVENT RECONNAISSANCE?

Organizations can use penetration testing to determine what their network would reveal in the event of a reconnaissance attack. Organizations can outsource the work by hiring security testing professionals to carry out penetration testing, vulnerability assessment, compliance testing, etc.

During testing, organizations can deploy port scanning tools (which scan large networks and determine which hosts are up) and vulnerability scanners (which find known vulnerabilities in the network).

SIEM solutions can also detect source IPs that are running a port scanning tool in your network.

Steps followed in reconnaissance –

  • Accumulate inceptive data 
  • Decide the range of the network 
  • Recognize all active machines 
  • Get hold of the OS being used 
  • Uniquely mark the working framework 
  • Reveal services used on ports 
  • Understand the network map

An example used in Reconnaissance:-

Reconnaissance is mainly used for gaining information by visual observation or other detection methods, about the activities and resources of an enemy or potential enemy, or about the meteorologic, hydrographic, or geographic characteristics of a particular area.

 

Comments ()

Sign in

Read Next

A Short History of GIS

Blog banner

How Cyber Forensics help prevent Crimes

Blog banner

A MODERN OPERATING SYSTEM

Blog banner

Service Strategy In ITSM

Blog banner

Assignment-3

Blog banner

Trends that began during the pandemic

Blog banner

Education?

Blog banner

Define Instagram.

Blog banner

Direct memory access

Blog banner

Sniffing: A Cyber Security Threat

Blog banner

A-B-C of Networking: Part-1 (Basics)

Blog banner

File management -disha parekh

Blog banner

Earth with no trees

Blog banner

Music

Blog banner

Interesting fact about kangaroo.

Blog banner

ASANA- A Management System.

Blog banner

Privacy-Enhancing Computation Techniques

Blog banner

Deadlock and Starvation

Blog banner

Uniprocessor and Types

Blog banner

On-Page SEO

Blog banner

Understanding - Proof of Work!

Blog banner

POVERTY:Causes and solutions to problems

Blog banner

How Puppet Shows and Role Play Teach Empathy to Preschoolers

Blog banner

Article on team management software

Blog banner

Service Transition Process in ITSM

Blog banner

Security issues in Sensor Networks and gathering admissible evidence in Network Forensics

Blog banner

Memory Management

Blog banner

Crypto tax evasion

Blog banner

LinkedIn: Watch out for these 7 upcoming updates in 2023

Blog banner

Philadelphia Experiment : Was it real?

Blog banner

WORKFRONT SOFTWARE

Blog banner

Why Festivals Are the Best Classrooms for Young Minds?

Blog banner

Importance Of Education.

Blog banner

Why Inconel 625 and Monel 400 Remain Unbeatable in Refinery Applications?

Blog banner

Direct Memory Access

Blog banner

This is my first blog.

Blog banner

Threat management

Blog banner

MySQL

Blog banner

PHONE TECHNOLOGY

Blog banner

What is thread and multithreading ?

Blog banner

Hypothesis Testing in Data Science

Blog banner

IT security management

Blog banner