ISSC 262 Week 1 Assignment Brian Duvall

docx

School

American Military University *

*We aren’t endorsed by this school

Course

262

Subject

Information Systems

Date

Apr 3, 2024

Type

docx

Pages

6

Uploaded by ColonelTapirPerson570

Report
Hacker Research Report Brian Duvall American Military University ISSC 262: Red and Blue Team Security February 11, 2024 1
Hacking Research Report In the field of cybersecurity, hackers are skilled at using easily accessible online data to plan various destructive actions. Hackers use social engineering techniques to carefully collect personal information from social media sites and create phishing schemes that look real and fool people into sending sensitive information, such as bank account information or login passwords. Hackers also use painstaking reconnaissance to learn details about possible targets, such as staff responsibilities, organizational structures, and technological infrastructure. This information helps them identify weak points and prepare specific attacks. During this week’s lab, information pertaining to Microsoft.com, Facebook.com, Target.com and Apple.com was uncovered. This included details about the owners of the domains associated with Target.com, Apple.com, Microsoft.com, and Facebook.com, as well as their respective contact information. Utilizing Nslookup and tracert, IP addresses linked to each domain were obtained, along with the routes taken to reach these websites. This process unveiled additional IP addresses that could potentially serve as attack points and offered insights into the possible geolocation of each server. Furthermore, a particular emphasis was put on Target.com, where additional investigation was carried out to find related social media accounts, enabling the collection of additional data. Additionally, the physical address of the company's headquarters was found via a Google search, along with information about the number of workers at its major sites, the identities of all its directors and executive officers, and the important partners that Target has relationships with. A deeper comprehension of the targeted entities and their digital footprints was made possible by this all- encompassing approach.
Hacking Research Report The goal of the study was to create a detailed profile of every target, including more general information like affiliations, staff, and organizational structure in addition to more technical specifics like IP addresses and server paths. A comprehensive understanding of the targets' digital presence and potential vulnerabilities was produced by combining multiple research techniques, such as network analysis and internet searches. This allowed for well-informed decision-making on security measures and risk mitigation strategies. A potential attacker might use a lot of this information to target either organization. An attacker might locate potential weaknesses in these access points and take advantage of any lax security measures by finding IP addresses linked to each domain's route. This could be a point of entry for unauthorized users to access the companies' systems through trusted paths. Furthermore, the investigation on target.com turned out important information that may be used for physical attacks, like the headquarters' physical address. Furthermore, an attacker with access to a list of senior officials could use focused phishing techniques to obtain more private data. According to Rashid (Rashid, 2019), attackers might create convincing phishing attempts targeted to target specific personnel if they had access to the personal information of executives and directors. Moreover, details regarding important partners may provide an additional means of accessing the company's systems, especially if these partners have laxer security procedures. This emphasizes the need for strong cybersecurity defenses and increased awareness to fend off possible assaults coming from a variety of directions. The Sam Spade tool was the main instrument used to perform technical research on Apple.com, Microsoft.com, Facebook.com, and Target.com. Sam Spade is well-known for its adaptability and provides several tools that let users access information that is open to the public. This program's Whois function was used to obtain comprehensive data about every domain, which will be further discussed in the discussion that follows. In addition, further resources like Tracert and Nslookup were used. Tracert
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
Hacking Research Report helps determine the network pathways that need to be taken to connect two network devices, whereas Nslookup makes it easier to get DNS records linked to domain names. Technical Results The ensuing data was collected from each domain as outlined below. Utilizing the Whois feature of the Sam Spade program, pertinent information was extracted from apple.com, revealing: Registry Domain ID: 1225976_Domain_com-VRSN, WHOIS server and registrar URL is http://www.comlaude.com , contact email abuse@comlaude.com , contact phone number 442074218250. Using Nslookup, the IP address for the domain is 17.253.144.10. This web server is located in Cupertino, CA. Microsoft Sam Spade extracted data: Registry Domain ID: 2724960_DOMAIN_COM-VRSN, WHOIS server and registrar URL is http://www.markmonitor.com , contact email abusecomplaints@markmonitor.com , contact phone number 2086851750. Using Nslookup, the IP addresses for the domain are 20.231.239.246, 20.70.246.20, 20.112.250.133, 20.76.201.171, 20.236.44.162. These web servers are in Ashburn, Virginia, Sydney, Australia, Des Moines, Iowa, Amsterdam, Netherlands, Moses Lake, Washington. Facebook Sam Spade extracted data: Registry Domain ID: 2320948_DOMAIN_COM-VRSN, WHOIS server and registrar URL is http://www.registrarsafe.com , contact email abusecomplaints@registrarsafe.com , contact phone number 6503087004. Using Nslookup, the IP address for the domain is 31.13.65.36. This web server is located in Lithia Springs, GA. Target Sam Spade extracted data:
Hacking Research Report Registry Domain ID: 117595_DOMAIN_COM-VRSN, WHOIS server is brandsight.com and registrar URL http://gcd.com , contact email abuse@gcd.com , contact phone number 5189669187. Using Nslookup, the IP addresses for the domain are 151.101.130.187, 151.101.194.187, 151.101.66.187, 151.101.2.187. All the web servers are in San Francisco, CA. Target.com was selected as the e-commerce site for this assignment. Through the use of Google as the search engine, the URL https://www.target.com was found. Target has also been found to have social media accounts on sites like Facebook, Instagram, and Twitter. Target Plaza, the company's physical headquarters, is situated at 1000 Nicollet Mall, Minneapolis, MN 55403, and that address was also disclosed. Important partners were also discovered, including Wine Cube, Boots & Barkley, and Archer Farms. All the top executives, including President Roxanne S. Austin, CIO Mike McNamara, and CEO Brian C. Cornell, were identified after thorough investigation. In conclusion, the lab investigation's findings provided important information about Facebook.com, Target.com, Microsoft.com, and Apple.com. This involved finding the registered proprietors of every domain and getting in touch with them. In addition, related IP addresses for every domain were identified, as well as the paths that led to them. Regarding the chosen company, Target.com, thorough Google searches turned up the company's social media accounts on Facebook, Twitter, and Instagram, as well as the address of the headquarters. In addition, a thorough investigation produced a list of Target's partners, the names of all executive officers and directors, and the total number of employees across the board and at each physical store. To learn more about specific directors or executives of these companies, further channels can be investigated, which may reveal prospective targets for assault. If important partners are investigated further, it can be discovered that some access points are weakly secured. Further investigation of the IP addresses found via the tracert procedure may further reveal potential avenues for assault. Identifying
Hacking Research Report the kind of firewalls, server operating systems and identifying employees who might be the target of customized phishing attacks designed to steal login credentials are important considerations when considering a hacking attack. References: Rashid. F. (2020 November 24) 8 types of phishing attacks and how to identify them. Retrieved February 11, 2024, from https://www.csoonline.com/article/563353/8-types-of-phishing-attacks- and-how-to-identify-them.html
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Laboratory 4 WINTER (2)-8851426.docx
Research Paper.docx
Individual Application #1.pdf
SPED6043 Discussion 10.docx
SPED6043 Discussion 3.docx
Week 2 Lab report.docx
ISSC 290 week 4 quiz.docx
Chapter 3 Quiz_ Systems Documentation Techniques5.pdf
Quiz 3.2_ Flowcharts quiz 3.pdf
Chapter 3 Quiz_ Systems Documentation Techniques 1.pdf
Chapter 3 Quiz_ Systems Documentation Techniques10.pdf
Chapter 3 Quiz_ Systems Documentation Techniques 2.pdf