Passive information gathering 1.0 – the traditional way
Let us deal with some of the most commonly used techniques for information gathering.
Getting ready
whois, Dig, and Nslookup are the three most basic and simplest steps for gaining initial information about our target. As both are passive techniques of gaining information, hence no connectivity with the target is required. These commands can be executed directly from the terminal of BackTrack. So, launch the terminal window and proceed further.
How to do it...
We will start our information gathering with a simple whois lookup. whois is an in-built command in BackTrack so we can directly invoke it from our terminal.
Let us quickly perform a whois lookup on www.packtpub.com
and analyze the output. The output can be big, so here we will only focus on relevant points of the output.
root@bt:~# whois www.packtpub.com
Domain Name: PACKTPUB.COM
Registrar: EASYDNS TECHNOLOGIES, INC.
Whois Server: whois.easydns.com
Referral URL: http...
