Data Scavenging

Table 3-2 shows the summary information for the data-scavenging attack.

Table 3-2. Data Scavenging

Attack name

Data scavenging

Class/subclass

Read/reconnaissance

Sample implementations

Network utilities: Whois, Nslookup, Finger, Traceroute, Ping

Google (http://www.google.com)

Prerequisites

None

Pertinent vulnerability

None

Typical use

Learn IP ranges, DNS servers, mail servers, public systems, points of contact, and so forth

Attack result

Disclosure of information

Likely follow-up attack

Probing and scanning

OSI layers

37

Detection

Nearly impossible

Protection

None

Detection difficulty

5

Ease of use

4

Frequency

5

Impact

1

Overall rating

32

Data scavenging is generally step 1 in any deliberate attack against a network. Here, the attacker uses a combination of network-based utilities and Internet search engine queries to learn as much as possible about the target company. The attack is almost impossible to detect for two main reasons:

• If the attack is using network utilities such as Ping, Traceroute, and so on, the volume of traffic is so low that it is impossible to single out the attacker. Additionally, it is hard to differentiate between legitimate use of these protocols and an attacker's use of them.

• The information gained through Whois, Nslookup, or Internet search engines is usually public information that can be learned by anyone.

Oftentimes, the information gained by the attacker comes from servers other than the victim's servers (as is the case with Whois queries). Using an Internet search engine can yield all sorts of good information as well. After a successful data-scavenging attack, the attacker might know the following about the victim network:

• IP addresses of critical systems (WWW, DNS, mail)

• IP ranges assigned to the victim

• Internet service provider (ISP) of the victim

SEO Guide for Top Rankings

SEO Guide for Top Rankings

Search engines are special sites on the web that are designed to help people find information stored on other sites. There are differences in the ways various search engines work. Learn more about this topic within this guide.

Get My Free Ebook


Post a comment