One of the things a security analyst must consider when protecting their infrastructure and information is the ability of an attacker to access information about an organization, systems they utilize, and the information their protecting. One of the techniques an attacker uses is reconnaissance. Reconnaissance is the first phase an attacker uses to gather information. This information is used to learn as much as possible about the target to determine competitive intelligence. The attacker might even uses legitimate and non-legitimate tools to monitor and scan a target system. This information is critical for an attacker to strategies their attack. Reconnaissance can also be referred to as "Footprinting."
Reconnaissance as simple as dumpster diving can divulge sensitive information. What kind of information do you think you could gather in dumpster diving? (Please answer)
Select five of the following and review what they offer and write a summary of what it does and why you would think it would help an IT security analyst.
- Whois database utility or website http://www.tamos.com/sw.htm or http://ws.arin.net/whois; http://www.whois.net
- GEOSpider or http://www.geowhere.net
- Web Site http://www.visualware.com
- Web Site www.samspade.com
- Web site www.waybackmachine.com
- Web site www.archive.org
- SpiderFoot www.binarypool.com/spiderfoot/
- ARIN https://www.arin.net/
- NEO Trace http://articles.techrepublic.com.com/5100-10878_11-1053295.html
- Angry IP http://www.angryyziber.com
- Solarwinds http://solarwinds.net
- Sensepost Footprint Tools http://www.sensepost.com/
- BiLE Suite http://www.vulnerabilityassessment.co.uk/bile.htm
- Alchemy Network Tool http://www.alchemy-lab.com/products/ant/
- Advanced Administrative Tool http://www.glocksoft.com/aatools.htm
- My IP Suite http://www.sabsoft.com/MyIPSuite/
- Wikto Footprinting Tool http://www.security-database.com/toolswatch/Wikto-2-2837-27211-just-released.html
- SmartWhois http://smartwhois.com/
- ActiveWhois http://activewhois.com/
- LanWhois http://lantricks.com/lanwhois/
- CountryWhois http://www.tamos.com/products/countrywhois/
- WhereIsIP http://whereisip.findmysoft.com/
- Ip2country http://ip2country.en.softonic.com/
- CallerIP http://www.callerippro.com/
- Web Data Extractor Tool http://www.webextractor.com/
- Online Whois Tools
- What is MyIP http://www.whatismyip.com/
- DNS Enumerator http://www.securiteam.com/tools/5VP0H1FHGO.html
- SpiderFoot http://www.binarypool.com/spiderfoot/
- Nslookup http://support.microsoft.com/kb/200525
You should understand that dumpster diving is sifting through waste to find items that have been discarded by their owners but are useful to the dumpster diver. Valuable information that can be gathered from dumpster diving includes information about business competitors. These include analysis reports, government reports, and discarded presentation. Also, dumpster diving can give important competition related information such as price lists, advertising budgets, promotions being used, tenders being submitted, and patent applications. The other important information that can be obtained during dumpster diving includes suppler information, participation details in trade shows, sales force reports, seminars organized/attended, records of terms with ...
Incoming and outgoing connections are explained in this response. The answer includes 6 references used.
Explain the purpose of the Fourth Amendment Exclusionary Rule
I need help answering this questions... Please help me answer this questions:
1. Explain the purpose of the Fourth Amendment Exclusionary Rule as well as discuss both the advantages and disadvantages of retaining the Fourth Amendment Exclusionary Rule.
2. Explain what the "interoperability challenge" is for law enforcement agencies and what steps have and can be taken to eliminate the interoperability problem.
3. Describe several of the ways in which "identity thieves" gather personal information and make use of that information to commit financial crimes and explain what steps that individuals can take to protect themselves from "identity thieves."
4. Explain what DNA evidence is, discuss what crimes it is most helpful for proving both the identity of the criminal perpetrator and explain how DNA evidence has changed criminal investigations and prosecutions over the past twenty years.