Information gathering, sometimes called foot printing or scanning, is probably one of the most important phases in penetration testing.  It shows how an attacker views a network from the outside and can help in determining vulnerabilities that can be exploited, open ports and the hosts and services that are running on each port.  It also creates a profile of the targets organizations systems and networks.I personally prefer BackTrack Linux for accomplishing the task as there are many tools included in the release that are useful.  There are many different types of information gathering that an attacker can use, from passive to active and even anonymous foot printing.  Attackers are even able to use the internet to accomplish what we call internet foot printing; this is where the attacker collects information about the target on the internet. 
Powered by