Attack Methods
The attacker may choose to source the information from:
* A web page (save it offline, e.g. using offline browser such as Teleport pro
* Yahoo or other directories. (Tifny is a comprehensive search tool for USENET newsgroups.
* Multiple search engines (All-in-One, Dogpile), groups.google.com is a great resource for searching large numbers of news group archives without having to use a tool.
* Using advanced search (e.g. AltaVista),
* Search on publicly trade companies (e.g. EDGAR).
* Dumpster diving (To retrieve documents that have been carelessly disposed)
* Physical access (False ID, temporary/contract employees, unauthorized access etc)
There are four RIRs, each maintaining a whois database holding details of IP address registrations in their regions. The RIR whois databases are located at:
*
ARIN (North America and sub-Saharan Africa)
*
APNIC (Asia Pacific region)
*
LACNIC (Southern and Central America and Caribbean)
*
RIPE NCC (Europe and northern Africa)
Tools
There are tools available to aid a whois lookup. Some of them are Sam Spade (downloadable from www.samspade.org). Smart Whois (downloadable from www.tamos.com). Netscan (downloadable from www.netscantools.com) and GTWhois (Windows XP compatible) (www.geektools.com) etc.
0 comments:
Post a Comment