Terminology in Footprinting: In this section you will learn definitions that may appear on the CEH v10 (Certified Ethical Hacking) exam.
Open Source and Passive Information Gathering
As far as intelligence gathering goes, open source or passive information gathering is the least aggressive, basically, the process relies on obtaining information from those sources that are typically publicly available and out in the open.
Potential sources include newspapers, websites, discussion groups, press releases, television, social networking, blogs, and innumerable other sources.
With a skilled and careful hand, it is more than possible to gather operating system and network information, public IP addresses, web server information, and TCP and UDP data sources, just a name of few.
Active Information Gathering
Active information gathering involves engagement with the target through techniques such as social engineering. Attackers tend to focus their efforts on the soft target, which tends to be human beings.
A savvy attacker engages employees under different guises under various pretenses with the goal of socially engineering an individual to reveal information.
Passive Information Gathering
Passive information gathering is decidedly less aggressive and overt than active information gathering.
Whereas active information gathering requires much more direct engagement with the target, passive does not. Passive uses methods that gather information indirectly about a target from other source.
These sources include websites, job postings, social media, and other types of sources. Typically the information gathering process will start passively.
Pseudonymous involves gathering information from online sources that are posted by someone from the target but under a different name or in some cases a pen name.
In essence the information is not posted under a real name or anonymous; it is posted under an assumed name with the intention that it will not be traced to the actual source. Under normal conditions this technique can be used to get unsuspecting parties to contact you.
Using the name of someone within the company (whom you may have never met face to face) but form another office or location can be an easy way to entrap someone and gain useful information.
A pretty straightforward method of gaining information is to just use the Internet. I am talking about using techniques such as Google hacking (which uses Google Search and other Google apps to identify security holes in websites’ configuration and computer codes) and other methods to find out what your target wants to hide (or doesn’t know is public information) that a malicious party can easily obtain and use.