Technical (Bottom-Up) Methodology 113
This tool helps by eliminating the need for us to guess what the Internet
domain for our company is; it shows us any Web sites that contain the name
of our company; and finally, it allows us to look over the search results to
see if there are any potentially compromising Web sites postings about our
target network. We will be looking in the search results for Web site postings
that may be an HTML version of an e-mail posting to a newsgroup. We would
be looking for postings made by internal employees, past or present, that
may have information such as the types of systems the target network is
running. Sometimes, it is possible to find Web sites with postings such as:
Hi I’m Bob from Pelttech. We just got a new CheckPoint Firewall-1 in
our organization, and I’m having some trouble trying to configure split-
level DNS. Can anyone offer suggestions?
Thanks in advance,
Bob
Sam Spade
URL: http://www.samspade.org/ssw (Exhibit 15)
Price: Free
OS: NT
Vendor’s comments: Sam Spade does the majority of the work in the zero-
information-based section. It does a great job of taking UNIX command-
line tools and making them easier through the point-and-click interface.
There are a couple of key points to note about the Sam Spade utility. The
first item is that, by default, no nameserver is listed and no e-mail address is
listed. To do the spam relay check later on, you will need to put an e-mail
address in the e-mail address field. The nameserver field does not have to
build completed; however, if you are going to be using the tool frequently,
it is a time saver to have a nameserver already listed. Exhibit 15 reveals these
options.
The second point of note with Sam Spade is that some of the functionality
is disabled by default. To turn on all of these functions, you need to go to
the ”Edit” menu and then select ”Options” (Exhibit 16) and ”Advanced”
(Exhibit 17).
Once you have the options set in Sam Spade, you are ready to begin using
the tool. The best way to begin is to simply plug the domain name uncovered
in the Copernic search into the target field and either click on the “Whois”
button on the left-hand side or simply hit the Enter key. The tool runs a
standard “Whois” lookup on the domain name that you specified in the target
field. Exhibit 18 illustrates these fields.
There are several pieces of useful information that you can get from the
simple “Whois” search in Sam Spade. The first and possibly most useful piece
of information is the location of the company that registered the domain.