Читать книгу Hacking For Dummies - Kevin Beaver - Страница 67

Active information gathering produces more details about your network and helps you see your systems from an attacker’s perspective. You can do the following things:

 Use the information provided by WHOIS searches to test other closely related IP addresses and host names. When you map and gather information about a network, you see how its systems are laid out. This information includes determining IP addresses, host names (typically external but occasionally internal), running protocols, open ports, available shares, and running services and applications.

 Scan internal hosts when they’re within the scope of your testing. (They really ought to be because that’s where the large majority of vulnerabilities exist.) These hosts may not be visible to outsiders (you hope they’re not), but you absolutely need to test them to see what rogue (or even curious or misguided) employees, other insiders, and even malware controlled by outside parties can access. A worst-case situation is that the intruder has set up shop on the inside. Just to be safe, examine your internal systems for weaknesses.

If you’re not completely comfortable scanning your systems, consider using a lab with test systems or a system running virtual machine software, such as the following:

 VMware Workstation Pro (www.vmware.com/products/workstation-pro.html)

 VirtualBox, an open-source virtual-machine alternative (www.virtualbox.org)