Information Gathering and Defenses
Throughout this chapter we have discussed methods for gathering information about an organization through both passive and active methods. While you are gathering information, you need to remain aware of the defensive mechanisms that your target may have in place.
Defenses Against Active Reconnaissance
Defenses against active reconnaissance primarily rely on network defenses, but reconnaissance cannot be completely stopped if any services are provided to the outside world. Active reconnaissance prevention typically relies on a few common defenses:
- Limiting external exposure of services to those that absolutely must be exposed
- Using an IPS or similar defensive technology that can limit or stop probes to prevent scanning
- Using monitoring and alerting systems to alarm on events that continue despite these preventative measures
Most organizations will prioritize detecting active reconnaissance on their internal networks, and organizations with a...