Theme images by MichaelJay. Powered by Blogger.

Followers

Subscribe Via Email

Sign up for our newsletter, and well send you news and tutorials on web design, coding, business, and more! You'll also receive these great gifts:

AD (728x60)

Follow on Google+

Recent Posts

Popular Posts

Pages

Follow on Facebook

Flickr Images

A Theme For

Follow Me on Facebook.com

Flickr Photos

Featured Post (TOP)

Like Us

Popular Posts

Tuesday, 17 March 2015

Banner Grabbing

 

Banner Grabbing

Hello friends finally I'm here with my first post.It's about a Reconnaissance technique called "Banner Grabbing".It's a nice thing,hope u'll like it.


Banner Grabbing is a technique used by hackers to extract information about a host. If successful, it can identify the operating system, web server and other applications running on the target host.

What is a Banner?

A banner is simply the text that is embedded with a message that is received from a host. Usually this text includes signatures of applications that issue the message. So, they reveal themselves to us.

What is Banner Grabbing?

Banner Grabbing is a fingerprinting technique. The term fingerprint comes from old fashioned police work. It refers to any trace (finger prints) that could be used for identification purposes.
Banner Grabbing essentially relies on morphed or empty TCP packets that are sent over to a target machine. The response, which is in most cases an error, is then analyzed for identification. In some scenarios, a simple connection request could be exploited. Linux would respond differently than Windows. Apache and IIS (Internet Information Services) will reply differently. Valuable information is excavated out of nothing but a harmless (rather friendly) message.

How it's done?


Telnet, Netcat, Nmap and many more tools can be used to pull this off.
For OS and web server detection, we can grab a banner of HTTP. Since HTTP works on port 80.To gather information about a websites ftp server(If they have one,ofcourse. :-) ),we can grab a banner of FTP .The Below Screenshots shows the same:-


                                                        Command  Used (Telnet)

Result (Grabbed Banner)

Why To Care About Banners:

Hackers grab banners all the time. Although IPs can be logged, hackers usually hide their real IP before grabbing. If they are successful in grabbing a few banners they can then use this information to find applications that are weak or have a security flaw.
Attackers then focus on exploits that are targeted to the services that you are running. There are hundreds of services that can be queried for banners and more than often, a few have flaws or are simply old versions.


How to Defend your systems:

This technique reveals critical information that can be devastating. To get rid of this, first you need to thoroughly analyze what information is leaked.
Set up your services properly. Default settings are always insecure. Read the documentation and turn off all the features that are unnecessary. Especially Apache and IIS.
Turn off services that you don't need such as telnet. On a windows system go to Control Panel > Programs and Features > Turn on/off windows features.
Don't use a Banner which gives out any information of your system.You might also use some  tricky
Banners.

Hope it would have been informative for you,and I would like to thank you for visiting.



Disclaimer:
 All the information provided on this site are for educational purposes only. The site is no way responsible for any misuse of the information.Please read the Disclaimer before using this Information anywhere.


Author:Vivek Yadav

No comments:
Write comments

Interested for our works and services?
Get more of our update !