When performing passive reconnaissance, which Linux command can be used to identify the technical and administrative contacts of a given domain?
- netstat
- dig
- whois
- nmap
|
Explanation & Hint: The whois command identifies domain technical and administrative contacts, though it must be remembered that many organizations keep their registration details private and use domain register organization contacts. Nmap is an active reconnaissance tool. Dig can be used to perform passive reconnaissance based on DNS data. The netstat command displays active network connections on a host.
|