Week I

Labs Covered: Web Reconnaissance DNS Interrogation with Linux Network Reconnaissance with Linux Linux File System Access Control Web Browser Security and Configuration Windows O/S Hardening and Local Policy Windows Access Control/ Encryption Lab Selected: Web Reconnaissance Title: Gathering WHOIS with Linux Explanation: WHOIS is a particular service that allows you to look up people's names on a remote server. By executing WHOIS, we can gather the information about a domain name, such as IP address, who the technical and administrative contact and name of the servers. Tools: Using WHOIS command line in Linux Konsole Window. WHOIS (assigned domain address) can be IP address or URL Using Internet Network Information Center (InterNIC) at rs.Internic.net. It is a database that stored the most common Internet name server. Procedure: Using InterNIC: First, we open the web browser and typewww.Internic.net. Once we on that site, type the URL or IP address on the text box provided. Below the text box, there are three available radio buttons that each determined what kind of information you enter on the text box. For example, if you decide to use an IP address then you have to select the last option which says Nameserver. After click "Submit", list of information associate with that particular IP address will be displayed. Information gathered from Internic Using command command line in Linux: First, you have to open the console window. Then, if you want to display the information about www.uh.edu, you have to type "whois uh.edu" then click return key. This command will produce a list of information that is similar to the one using internic. Information displayed after executing the whois command line Reflection: Since WHOIS is a powerful tool used to generate information out of one URL or IP address, you have to be careful in maintaining the information listed. Make sure to protect the critical information and only give people access to the general or public information.