John works as a professional Ethical Hacker. He has been assigned the project of testing the
security of www.we-are-secure.com. In order to do so, he performs the following steps of the pre-attack phase successfully: Information gathering Determination of network range Identification of
active systems Location of open ports and applications Now, which of the following tasks should
he perform next?
A.
Perform OS fingerprinting on the We-are-secure network.
B.
Map the network of We-are-secure Inc.
C.
Install a backdoor to log in remotely on the We-are-secure server.
D.
Fingerprint the services running on the we-are-secure network.
Explanation:
John will perform OS fingerprinting on the We-are-secure network. Fingerprinting is
the easiest way to detect the Operating System (OS) of a remote system. OS detection is
important because, after knowing the target system’s OS, it becomes easier to hack into the
system. The comparison of data packets that are sent by the target system is done by
fingerprinting. The analysis of data packets gives the attacker a hint as to which operating system
is being used by the remote system. There are two types of fingerprinting techniques as follows:
1.Active fingerprinting 2.Passive fingerprinting In active fingerprinting ICMP messages are sent to
the target system and the response message of the target system shows which OS is being used
by the remote system. In passive fingerprinting the number of hops reveals the OS of the remote
will be easy to identify which services are running on the network since there are many services
that run only on a specific operating system. After performing OS fingerprinting, John should
gathering all relevant knowledge of a network should John install a backdoor.