Tuesday, 2 June 2020

What is VoIP and VPN Footprinting?

EC-Council Study Material, EC-Council Guides, EC-Council Exam Prep, EC-Council Pre

What is digital footprinting and why is it important?


Digital footprinting refers to information gathering procedures and methodologies used by hackers aimed at gaining insightful information and learning as much as possible about the targeted systems. Footprinting, also known as reconnaissance (one of the five phases of ethical hacking), is done to invade systems by gathering all relevant data and exposing its vulnerabilities. In the same way that those vulnerabilities could be exploited, organizations are hiring ethical hackers to protect their systems by uncovering such vulnerabilities.

The reconnaissance stage is crucial,as all relevant information about the target organization is collected. This information may be online without the organization’s knowledge either through accidental indexing of back-end online web pages or through an internet-connected Industrial Control Systems (ICS) device. Some FAQ websites may also contain information that can reveal sensitive information once aggregated.

What are the two types of digital footprints?


There are two types of footprints – active and passive.

Active footprint: This type of digital footprint is often created with an intent. This is often done by posting online via social media accounts, sending emails, etc.

Pass footprint: This type of digital footprint is often created unintentionally. This type of information is generally collected via cookies stored on your system as you browse or through your IP address.

How is a digital footprint used?

Footprinting is used to discover the organization’s network stance, such as its remote network access capabilities and the organizations’ ports and services. It can also be used to attain information such as demographics, religion, political affiliations, or interests using cookiesstored on your computer.

Online reconnaissance methods are known as open-source intelligence tools (OSINT) and can include metadata searches, code searches, and image analysis. But the two that we will highlight in this article are:

◉ Google hacking database: footprinting for information through querying search engines using advanced string methods to enable Google to return a specific result such as website indexes and specific file types. For instance, “inurl:view_items.php?id=” means that listed websites have a SQL injection attack

◉ Shodan: a search engine providing data on all connected IoT devices

Footprintingwith VoIP & VPN


VoIP (Voice over Internet Protocol) is an internet protocol that allows the transmission of voice calls over the internet. It does so by converting the regular phone signals into digital signals. Virtual Private Networks(VPN) provide a secure connection to an organizations’ network. Therefore, VoIP traffic can pass over an SSL-based VPN, effectively encrypting VoIP services.

When conducting reconnaissance, in the initial stages of VoIP footprinting, the following publicly available information can be expected:

◉ All open ports and services of the devices connected to the VoIP network
◉ The public VoIP server IP address
◉ The operating system of the server running VoIP
◉ The network infrastructure

EC-Council Study Material, EC-Council Guides, EC-Council Exam Prep, EC-Council Pre

The highlighted search above, for instance, returns network configurations and device information.

EC-Council Study Material, EC-Council Guides, EC-Council Exam Prep, EC-Council Pre

The results then provide the following information on the targeted network:

EC-Council Study Material, EC-Council Guides, EC-Council Exam Prep, EC-Council Pre

A search on Shodan displays servers running VoIP in the targeted network, and focus can be on a specific server with UDP port 5060, which is used by SIP VoIP service providers.

EC-Council Study Material, EC-Council Guides, EC-Council Exam Prep, EC-Council Pre

The Shodan scan also provides the internal and external IP addresses, which afterward is used to delve into the next phase, which entails the scanning of internal networks for additional information.

Source: eccouncil.org

Related Posts

0 comments:

Post a Comment