Footprinting: How Hackers Build a Profile of Your Organisation
May 14, 2026
Footprinting is the first step in any targeted intrusion — building a comprehensive profile of a target organisation including domain names, IP addresses, open ports, services, OS details, user accounts, routing tables, and SNMP information.
Footprinting Techniques
| Technique | Purpose |
|---|---|
| Ping Sweep | Identify which IP addresses in a range are alive |
| TCP Scan | Determine open services on target hosts |
| UDP Scan | Probe UDP ports; ICMP “unreachable” replies indicate no service |
| OS Identification | Send malformed packets; unique responses fingerprint the OS |
| HTTP Fingerprinting | Identify web server type from headers and error responses |
HTTP Fingerprinting Example
nc 200.44.76.254 80HEAD / HTTP/1.0HTTP/1.1 200 OKServer: Apache/1.3.3 (Unix) (Red Hat/Linux)
The Server header directly reveals the web server software and OS. Best practice: suppress or customise this banner.
Prevention Guidance
- Shut down unnecessary services and ports; perform post-installation hardening.
- Suppress or customise HTTP server banners.
- Keep all patches current — daily or weekly if possible.
- Use an IDS configured to detect footprinting patterns.
- Change all default passwords after every installation.
- Lock consoles physically — an unlocked desktop gives instant network access.
CISSP Made Easy 