Slashdot Mirror

← Back to Stories (view on slashdot.org)

Reconnaissance In Virtual Space

Posted by ryuzaki0 on from the weekend-project dept.

An anonymous reader writes "Whitedust Security have released an interesting article discussing online reconnaissance techniques. From the article: 'Sometimes thirty-two bits are all you need. This is a guide to Internet reconnaissance - a guide to finding out as much as you can concerning a target via the Internet'."

12 of 89 comments (clear)

  1. Virtual Space by ciroknight · · Score: 3, Funny

    What.. is Cyberspace no longer a valid buzzword???

    --
    "Victory means exit strategy, and it's important for the President to explain to us what the exit strategy is." G.W.Bush
  2. Goodbye AMD by Nom+du+Keyboard · · Score: 4, Funny
    thirty-two bits are all you need.

    Well, there goes my need for AMD64.

    --
    "It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
  3. 32 bits is all you need... by sokoban · · Score: 4, Funny

    if you want to catch a 2-bit crook

    --
    09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 is the magic number.
  4. Using your personal website to pick up women by pHatidic · · Score: 4, Funny

    1) Enable webstats
    2) Look at who has been going to your website
    3) If someone from a college you have a (hot girl) friend at visits your site, use facebook to see if the hit is from the dormroom they are in
    4) If so, shoot them an email saying that you were thinking of them and asking how they are
    5) Wait until they write back and say, "what a coincidence, I was thinking of you too!"
    6) ????
    7) Profit!

    And the best thing is technically they're the one stalking you

    (exercepted from an article to be published on kuro5hin in the mysterious future on using your personal website to get pick up women)

  5. And this would be reconnaissance? by giorgiofr · · Score: 4, Informative

    A guide to internet reconnaissance? WHERE? This is just an overview of the whois command! And it made the frontpage on /.
    How sad.

    --
    Global warming is a cube.
  6. little content by MJArrison · · Score: 5, Insightful

    There is very little here besides:

    man nslookup
    man whois

    Try those commands for a more complete understanding of what's going on.

  7. Reconnaissance!? by david+duncan+scott · · Score: 4, Insightful
    nslookup and whois? My God, is it legal to disseminate such critical information as this?

    Jeez, I was hoping for something vaguely Kevin Mitnick, and instead I get Sam Spade. This may not be Intarweb 101, but it's maybe 102.

    --

    This next song is very sad. Please clap along. -- Robin Zander

  8. Who is/are Whitedust Security? by CyricZ · · Score: 4, Interesting

    I haven't heard of Whitedust Security before. Who exactly are they? What are some notable accomplishments of this group in the field of computer security? Have they performed any other notable studies, or written any revolutionary papers?

    --
    Cyric Zndovzny at your service.
    1. Re:Who is/are Whitedust Security? by aster_ken · · Score: 3, Insightful

      Given that their current poll concerns a recent browser security controversy instead of an actual security issue, I would guess they are a company that was recently started by an amateur computer security consultant.

      Actually, why does a security site even have a poll?

    2. Re:Who is/are Whitedust Security? by twiddlingbits · · Score: 3, Funny

      These were the guys who used to be the heat for the Columbian Cocaine Cartel. Since the Columbian Goverment busted the cartel they branched out into the Internet security area. Why not, they are as qualifed as most of the consultants out there!

  9. DNS and whois? by slavemowgli · · Score: 3, Informative

    To sum up the article:

    1) You can use the DNS system to resolve IP addresses to hostnames, which may tell you something about the organisation they belong to.
    2) For more information, perform a whois query.

    That's news? Seriously, people, that's like saying that you can control your car with the help of this "steering wheel"...

    --
    quidquid latine dictum sit altum videtur.
  10. For people who want high-tech, a fascinating book by Beryllium+Sphere(tm) · · Score: 3, Informative
    >And now, your tips?

    To triangulate the source of spoofed IP packets, to (theoretically) sniff a keyboard by recording TCP sequence numbers, and even how to build a distributed computer out of covert channels, see Michal Zalewski's Silence On The Wire. It's less practical than nslookup and whois but it's a glorious romp through the fun parts of information security. Read it for inspiration and to jar you into thinking outside the box.

    (Disclosure: I got a free review copy.)