A penetration tester is performing a footprinting exercise on a target company. The tester wants to identify the network range and ISP of the target. Which of the following tools or techniques is MOST appropriate for this purpose?
Trap 1: Query the Netcraft site for the domain
Netcraft gives technology stack, not ISP.
Trap 2: Use nslookup to query the authoritative name servers
nslookup only resolves DNS records.
Trap 3: Run a traceroute to the target web server
Shows path, not ISP ownership.
- A
Query the Netcraft site for the domain
Why wrong: Netcraft gives technology stack, not ISP.
- B
Perform a WHOIS lookup against the domain
WHOIS provides IP range and ISP info.
- C
Use nslookup to query the authoritative name servers
Why wrong: nslookup only resolves DNS records.
- D
Run a traceroute to the target web server
Why wrong: Shows path, not ISP ownership.