Data Scavenging

Google Sniper

Search Engine Traffic Guide

Get Instant Access

Table 3-2 shows the summary information for the data-scavenging attack.

Table 3-2. Data Scavenging

Attack name

Data scavenging



Sample implementations

Network utilities: Whois, Nslookup, Finger, Traceroute, Ping

Google (



Pertinent vulnerability


Typical use

Learn IP ranges, DNS servers, mail servers, public systems, points of contact, and so forth

Attack result

Disclosure of information

Likely follow-up attack

Probing and scanning

OSI layers



Nearly impossible



Detection difficulty


Ease of use






Overall rating


Data scavenging is generally step 1 in any deliberate attack against a network. Here, the attacker uses a combination of network-based utilities and Internet search engine queries to learn as much as possible about the target company. The attack is almost impossible to detect for two main reasons:

• If the attack is using network utilities such as Ping, Traceroute, and so on, the volume of traffic is so low that it is impossible to single out the attacker. Additionally, it is hard to differentiate between legitimate use of these protocols and an attacker's use of them.

• The information gained through Whois, Nslookup, or Internet search engines is usually public information that can be learned by anyone.

Oftentimes, the information gained by the attacker comes from servers other than the victim's servers (as is the case with Whois queries). Using an Internet search engine can yield all sorts of good information as well. After a successful data-scavenging attack, the attacker might know the following about the victim network:

• IP addresses of critical systems (WWW, DNS, mail)

• IP ranges assigned to the victim

• Internet service provider (ISP) of the victim

Was this article helpful?

+1 0
SEO Secrets Uncovered

SEO Secrets Uncovered

Announcing an important message for Webmasters. Who Else Wants to Generate Massive Traffic and Crank Up the Exposure Their Websites Receive by Tapping Into the Unlimited Power of Today's Top Search Engines? As a webmaster, do you spend time studying the number of hits your website is receiving? Do you worry whether you and your clients are getting the exposure needed?

Get My Free Audio Book

Post a comment