FN SECURE: Hacking Tool-ARIN

Call Us For Workshops Or Seminars.. In Your University, Colleges, or Schools.
Email Us At : vicky@globallyunique.in

Hacking Tool-ARIN



ARIN allows search on the whois database to locate information on networks autonomous system numbers (ASNs), network-related handles and other related point of contact (POC).

ARIN whois allows querying the IP address to help find information on the strategy used for subnet addressing.

The ARIN page also has a set of additional tools and links to other sites such as RWhois.net. ARIN would be a good starting point for information gathering as the information retrieved is more elaborate than a standard Whois lookup.

The purpose of discussing information gathering - and footprinting in particular - is that this is the information that both the hacker and the systems administrator can gather in a non-intrusive manner. All the approaches discussed so far are completely passive (with the exception of traceroute, as it can be detected) and undetectable by the target organization. The information gathered during this phase will be used continuously throughout the penetration test.

Doing a footprinting for an organization can help its systems administrator know what nature of information lies outside the organization and the potential threat it can pose to the organization. He can take preventive measures to see that these are not used as a means of exploit and increase user awareness regarding the use of information assets.

Up to date domain contact information is important not only for addressing administration issues but can also be used by security personnel on other networks to warn of pending attacks or active compromises. By not revealing essential information, more harm can be done.



OrgName:
Google Inc.
OrgID:
GOGL
Address:
2400 E. Bayshore Parkway
City:
Mountain View
StateProv:
CA
Postal Code:
94043
Country:
US

Net Range:
216.239.32.0 - 216.239.63.255
CIDR:
216.239.32.0/19
Net Name:
GOOGLE
Net Handle:
NET-216-239-32-0-1
Parent:
NET-216-0-0-0-0
Net Type:
Direct Allocation
Name Server:
NS1.GOOGLE.COM
Name Server:
NS2.GOOGLE.COM
Name Server:
NS3.GOOGLE.COM
Name Server:
NS4.GOOGLE.COM
Comment:
Reg Date:
2000-11-22
Updated:
2001-05-11

Tech Handle:
ZG39-ARIN
Tech Name:
Google Inc.
Tech Phone:
+1-650-318-0200
Tech Email:

Attack Methods 
From the Nslookup query, an attacker can find name servers, mail exchange servers and also what class they belong to. The mail exchange servers can be further resolved into IP addresses. He can then enumerate the network further by doing a reverse IP lookup.






In this case, we look up 216.239.33.25 which is the IP of smtp1.google.com
The query gives the following result.
25.33.239.216.in-addr.arpa
PTR
smtp1.google.com
33.239.216.in-addr.arpa
NS
ns1.google.com
33.239.216.in-addr.arpa
NS
ns2.google.com
33.239.216.in-addr.arpa
NS
ns3.google.com
33.239.216.in-addr.arpa
NS
ns4.google.com
ns1.google.com
A
216.239.32.10
ns2.google.com
A
216.239.34.10
ns3.google.com
A
216.239.36.10
ns4.google.com
A
216.239.38.10
Note that the IP actually points to .arpa domain. Further, we also retrieve more information on the name servers.

Leave a Reply

Save this Page

Download as PDF