1
00:00:09,870 --> 00:00:16,860
In the last spectacle, we saw how to identify the servers, the technology, how to identify the domain

2
00:00:16,860 --> 00:00:23,010
and domain name schema and how to identify the service oriented architecture that is the ASWAY information

3
00:00:23,790 --> 00:00:30,210
in this spectacle, we will see how to identify the male Xynthia and name server IP address and the

4
00:00:30,210 --> 00:00:33,480
location and the entities that start the practical.

5
00:00:34,720 --> 00:00:39,010
We have already grabbed the website into the on the screen now.

6
00:00:40,450 --> 00:00:41,770
This the entity.

7
00:00:44,870 --> 00:00:47,900
Go to all transforms and select domain DNS.

8
00:00:54,050 --> 00:00:56,270
We have done this in the last lecture.

9
00:00:56,750 --> 00:01:02,730
Now the domain unclick two DNS name IMEX Mail Server.

10
00:01:07,730 --> 00:01:15,020
This transform returns to mail server associated with the domain by identifying the e-mail exchanges

11
00:01:15,020 --> 00:01:21,530
over attacker's attempt to exploit the vulnerabilities in the server and thereby use it to perform malicious

12
00:01:21,530 --> 00:01:24,270
activities, such as sending spam emails.

13
00:01:25,010 --> 00:01:27,860
Now select the e-mail server and deleted.

14
00:01:36,650 --> 00:01:43,520
Right, click the government entity and select all transforms to DNS name and name server.

15
00:01:45,720 --> 00:01:51,660
But identifying the primary name, server and attacker can implement various techniques to exploit the

16
00:01:51,660 --> 00:01:58,710
server and thereby perform malicious activities such as business hijacking and your direction, the

17
00:01:58,710 --> 00:02:02,660
NSA name server, it is the name servers associated with the domain.

18
00:02:03,390 --> 00:02:05,870
You can see the names, addresses in history.

19
00:02:06,120 --> 00:02:13,770
And as for anyone and us to select all the entities and delete them.

20
00:02:16,890 --> 00:02:19,980
Now, you also need to delete the domain entity.

21
00:02:23,610 --> 00:02:30,120
Right, click the main website entity and go to all transforms the IP address DNS.

22
00:02:34,490 --> 00:02:40,670
This displays the IP address of the website by obtaining the IP address of the website, and attacker

23
00:02:40,670 --> 00:02:46,520
can simulate various scanning techniques to find open ports and vulnerabilities and thereby attempting

24
00:02:46,520 --> 00:02:54,800
to in the network and exploit them right to the IP address entity and select to location, city and

25
00:02:54,800 --> 00:02:55,250
country.

26
00:02:57,020 --> 00:03:01,890
This transform identifies the geographical location where the IP address is located.

27
00:03:03,680 --> 00:03:07,730
You can see the IP address is located in United States.

28
00:03:10,990 --> 00:03:16,690
Were obtaining the information related to geographical location, attackers can perform social engineering

29
00:03:16,690 --> 00:03:23,040
attacks by making voice calls or is wishing to an individual in attempt to leverage sensitive information.

30
00:03:28,290 --> 00:03:35,130
Now, again, we need to find a domain name that's right and go to all transforms and domain DNS.

31
00:03:38,200 --> 00:03:47,800
We have obtained the domain entity, now Solectron transforms and entities from whois IBM Watson.

32
00:03:55,380 --> 00:04:00,060
This transform returns the entities pertaining to the owner of the room in.

33
00:04:01,550 --> 00:04:08,930
Voula, we have gathered a lot of information like the name of corporation, random amyloids, the exact

34
00:04:08,930 --> 00:04:15,320
location where the IP addresses Olstad, the name of the organization HOLDA, and various random phone

35
00:04:15,320 --> 00:04:15,950
numbers.

36
00:04:17,470 --> 00:04:20,080
This is a whole lot of information you can get.

37
00:04:22,020 --> 00:04:29,070
Select all the entities and direct them, but obtaining this information and attacker can exclude the

38
00:04:29,070 --> 00:04:35,190
servers disputing the result or simulate a brute force attack or any other technique to hack into the

39
00:04:35,190 --> 00:04:40,240
admin e-mail account and send phishing mills to the contacts in that account.

40
00:04:40,950 --> 00:04:41,940
Click a new of.

41
00:04:43,400 --> 00:04:45,520
And drag the person and dirty.

42
00:04:51,300 --> 00:04:59,460
The personal entity is in the personal tab, the name of the entity is that a John Doe by default to

43
00:04:59,460 --> 00:05:06,030
assign a target person name DoubleClick, John Doe and type the name of the targeted person will give

44
00:05:06,030 --> 00:05:07,890
the name as Bill Gates.

45
00:05:14,750 --> 00:05:19,850
Now click the entity and select all transforms to e-mail address.

46
00:05:22,150 --> 00:05:23,350
Very common.

47
00:05:39,230 --> 00:05:45,710
Bullah, they've got a lot of women risk, but remember, this is not the e-mail address of the founder

48
00:05:45,710 --> 00:05:46,350
of Microsoft.

49
00:05:46,350 --> 00:05:47,170
That is the Bill Gates.

50
00:05:47,720 --> 00:05:55,010
These are the email addresses of all the people who are registered as Bill Gates, multicore displays,

51
00:05:55,010 --> 00:06:01,970
all the valid e-mail address on your screen, as is the email address, and determine which phone belongs

52
00:06:02,150 --> 00:06:03,270
to the target person.

53
00:06:04,010 --> 00:06:07,220
Now select all the e-mail address and delete them.

54
00:06:10,540 --> 00:06:17,920
This is all for the spectacle in the next spectacle, we will see the HST track website mithering.