James A. Crosby
Assessment Lab 3
1. What information can you obtain by using the WHOIS tool contained within Sam Spade?
Domain, company name, server name, IP Address, Country, Technical contact, created date, update date, host name, a lot of useful info.
2. Besides the WHOIS utility covered in this lab, what other functions did you discover are possible with the Sam Spade utility? Ping, nslookup, IP block, Traceroute, Finger, SMTP verify Time, Blacklist and Abuse Lookup.
3. What is the purpose of the tracert command? What useful information does the trace route tool provide? How can this information be used to attack the targeted website? IP and DNS, Pings are provided. Useful in finding the packets routes and can be used to identify potential intermediate attack points with the geological location of the server.
4. Is Sam Spade an intrusive tool? What is your perspective on the use of a freeware utility such as Sam Spade? This tool is non-intrusive but it provides the information needed to begin an intrusive process; but can also be used in the same measure as a security tool.
5. By its nature, WHOIS information must be publicly available. What do you think companies and organizations should do with regard to this information? Understand and plan for this information always being available or compromised and ensure CIA stability and security.
6. How can you find out who is the CEO of a company?
You can simply google.com search who the CEO of a company is.
7. What is the goal when trying to use a search engine for data gathering or footprinting?
Gathering this data is used to intrude into systems, or penetrate test.
8. From the basis of the information you uncovered, who are the primary technical contacts for the apples.com, oranges.com and bananas.com domains?
Apple- Handle JD1-APPLES, Name Werner Speiss has his address, email and phone.
Oranges – Handle JD1-Oranges Name: Bob Jones has...