Information Gathering

This time I will talk about information gathering, information gathering is divided into 2 of the technical and non technical factors
technical factors are also to be 2, Direct (active) and indirrect (passive)
Is our understanding of the active search for information directly to the target with tools
and passive is the use of a bridge or a third person in committing or search for target information such as search engines. For non-technical factors themselves can use social enginering (cheat)
The following is how mendapatkann information by using a direct technique or jump directly to the target
I tried using tools zenmap
open tools zenmap

terget fill, here I use a block ip 192.168.0.0/24 then click on scan

All the connected ip LAN networks will appear, this time I will find out the IP 192.168.0.59
we have immediately informed the target

MAC Address: 00:26:2 D: 91:45:56 (Wistron)
Device type: general purpose
Running: Linux 2.6.x
OS CPE: cpe: / o: linux: kernel: 2.6
OS details: Linux 2.6.38 - 2.6.39
IP ID Sequence Generation: All zeros

We also can see what ports are open by selecting the tab Ports / Host

here is an open port 

PORT    STATE SERVICE      VERSION

80/tcp   open   http              Apache httpd 2.2.14 ((Ubuntu))

139/tcp open   netbios-ssn  Samba smbd 3.X (workgroup: WORKGROUP)

445/tcp open   netbios-ssn  Samba smbd 3.X (workgroup: WORKGROUP)

902/tcp open   ssl/                vmware-auth VMware Authentication Daemon 1.10(Uses VNC, SOAP)

Test in web browser 192.168.0.59:80