{"id":3390,"date":"2016-09-21T22:13:01","date_gmt":"2016-09-22T02:13:01","guid":{"rendered":"http:\/\/community.mis.temple.edu\/itacs5211fall16\/?p=3390"},"modified":"2016-09-21T22:21:04","modified_gmt":"2016-09-22T02:21:04","slug":"mauchel-barthelemy-mis-5211-001-fall-2016-analysis-report-i","status":"publish","type":"post","link":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/2016\/09\/21\/mauchel-barthelemy-mis-5211-001-fall-2016-analysis-report-i\/","title":{"rendered":"MIS 5211.001 – Fall 2016 | Analysis Report I"},"content":{"rendered":"

Reconnaissance Report of ForManMills<\/u><\/strong><\/p>\n

 <\/p>\n

Scope:<\/u><\/strong><\/p>\n

Reconnaissance is the first crucial step to launch a successful hacking attack. It enables an attacker to become familiar with basic, or not so basic information about a company. For example, information such as: Corporate culture, terminology, employee information, trading secrets, technology, and so forth. Conversely, reconnaissance can also be utilized as a wakeup call to help companies protect confidential information online. It is in the same line of idea that I develop the following reconnaissance findings about ForManMills or www.formanmills.com<\/a>, one of Philadelphia\u2019s largest local retail stores, using search bar commands.<\/p>\n

 <\/p>\n

The following report is divided into two parts:<\/p>\n

Part I<\/strong> \u2013 Reconnaissance Information and Part II<\/strong> \u2013 Mitigation Strategy Recommendations.<\/p>\n

 <\/p>\n

Part I <\/strong>\u2013 Reconnaissance Information<\/p>\n

First, a simple WHOIS search via http:\/\/www.networksolutions.com\/<\/a> reveals an array of network information about FMM. Information such as: Registry Domain ID 720897_DOMAIN_COM-VRSN, corporate headquarters: 12808 Gran Bay Parkway West, Jacksonville, FL 32258, Admin Email: p32ep7r49gy@networksolutionsprivateregistration.com<\/a>, domain creation date 1997-12-31T05:00:00Z,name of servers: NS1.NXLKHOST.COM and NS2.NXLKHOST.COM.<\/p>\n

Next, DNSstuff.com confirms servers and IP information such as: Created date :<\/strong>1997-12-31T05:00:00Z,\u00a0updated date :<\/strong>2015-01-28T23:42:27Z and WHOIS server:<\/strong>whois.verisign-grs.com.<\/p>\n

Moreover, http:\/\/www.ip-tracker.org\/<\/a> helps uncover additional material about FMM\u2019s DNS server, IP Addresses and server names. See below.<\/p>\n

IP Address: 156.154.64.25 [IP Blacklist Check] Reverse DNS: 25.64.154.156.in-addr.arpa Hostname: ns1.hostingsvcs.com Name servers: ns3.hostingsvcs.com >> 156.154.66.25 ns1.hostingsvcs.com >> 156.154.64.25 ns2.hostingsvcs.com >> 156.154.65.25 ns4.hostingsvcs.com >> 156.154.67.25<\/p>\n

Furthermore, analyzing www.formanmills.com<\/a> domain through http:\/\/www.accessify.com\/f\/formanmills.com<\/a> discloses page size, programing languages and other poor results of technology resources that FMM relies upon (More detailed information are shared via slides).<\/p>\n

Lastly, a Google hack of Site:formanmills.com -www.formanmills.com<\/strong> of the company unveils several more critical data. For example, people can understand that FMM is utilizing Monster.com and Indeed.com for recruiting purposes. This is something that can help determine when the retail store is experiencing shortage in staff in a certain area. In addition, this hacking query can help identify the type of personal information FMM collects from job applicants via http:\/\/formanmills.com\/corporatecareers\/apply-page.htm<\/a>. Other websites that FMM either owns or associates with are also publicly displayed with this Google search command.<\/p>\n

\u201cGoogle Cache<\/strong>\u201d would beat FMM\u2019 website security to successfully access Formanmills.com\u2019s text format without leaving a footprint in the hosting server logs. This is something that would make it difficult to track down an attacker after hacking into the website.<\/p>\n

 <\/p>\n

Part II<\/strong> \u2013 Mitigation Strategy Recommendations<\/p>\n

A good analysis report constitutes of not only finding potential problems, but at least offer good mitigation methods too. The following are essential steps managerial decision-makers\u00a0at FMM can take to ensure an effective first line of defense of its website. First, it would be a clever idea to think like a hacker. In other words, study and use the similar methods as attackers, but in an ethical fashion. Secondly, it would be critical that the company evaluates and tests its systems regularly. Next, FMM should rely on multiple systems such as Intrusion Detection Systems (IDS), Firewalls, apply vulnerability scanner programs (Nessus would be a good choice), etc. in order to maintain safer online presence. Last of all, make it a FMM culture to consider IT Security as a vital part of its network because refrain from doing so would lead to catastrophic problems. The clear advantage of applying these is to ensure a better first line of defense and safer online presence against hackers. On the other hand, implementing these are associated with disadvantages such as: Give up critical network or PII information to third party testers, systems could be difficult and costly to maintain, also systems crash or failure of production environment.<\/p>\n

mis-5211-analysis-report-1-pp<\/a><\/p>\n

mis-5211-analysis-report-1<\/a><\/p>\n

\nhttp:\/\/community.mis.temple.edu\/itacs5211fall16\/files\/2016\/09\/Reconnaissance-Analysis-2.mp4<\/a><\/video><\/div>\n

 <\/p>\n

 <\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

Reconnaissance Report of ForManMills   Scope: Reconnaissance is the first crucial step to launch a successful hacking attack. It enables an attacker to become familiar with basic, or not so basic information about a company. For example, information such as: Corporate culture, terminology, employee information, trading secrets, technology, and so forth. Conversely, reconnaissance can also […]<\/p>\n","protected":false},"author":11666,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[715345],"tags":[],"class_list":{"0":"post-3390","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-week-04-enterprise-architecture","7":"entry"},"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/posts\/3390","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/users\/11666"}],"replies":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/comments?post=3390"}],"version-history":[{"count":7,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/posts\/3390\/revisions"}],"predecessor-version":[{"id":3404,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/posts\/3390\/revisions\/3404"}],"wp:attachment":[{"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/media?parent=3390"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/categories?post=3390"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/tags?post=3390"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}