FOOTPRINTING IS A PROCESS that passively gathers information about a target from many diverse sources. The goal of footprinting is to learn about a target environment prior to launching an attack. If footprinting is performed patiently and thoroughly, a very detailed picture of a victim can be achieved, but that still leaves this question: What’s next? If all this information is gathered and organized, how can an attacker use it to launch an attack? This next step, port scanning, is an active process that gathers information in more detail than footprinting can.

After the target has been analyzed and all relevant information organized, port scanning can take place. The goal of performing port scanning is to identify open and closed ports as well as the services running on a given system. Port scanning forms a critical step in the attack process because the hacker needs to identify what services are present and running on a target system prior to initiating an effective attack. Port scanning also helps to determine the course of action in future steps because once the nature of running services is identified, an attacker can select the best tools for the attack. For example, a hacker may have a specific tool to target vulnerabilities found in the Microsoft Internet Information Services (IIS) web server. However, if the victim is running the Apache web server, the exploit tool will be incompatible. Once a port scan has been thoroughly performed, the hacker can then move on to mapping the network and looking for vulnerabilities that can be exploited.