During the footprinting phase against ACME Corp, a whois lookup shows the company controls autonomous system number AS64500. You need an authoritative list of every publicly routable IPv4 prefix ACME is currently announcing so you can accurately scope subsequent scans. Which action will give you the most complete and up-to-date result while minimizing false positives?
Use a search engine to find lists labeled "ACME IP ranges" and adopt whatever blocks appear in the top results.
Collect the source IP addresses from the Received headers of recent outbound emails sent by ACME employees.
Run an Nmap ping sweep across the entire 0.0.0.0/0 space and record whichever IPs answer.
Query public BGP route-view databases (e.g., Route Views or RIPE RIS) for all prefixes originated by AS64500.
Public BGP route collectors such as the University of Oregon Route Views project or RIPE RIS continuously receive global BGP updates from many Internet routers. Querying these repositories for all prefixes originated by a target's AS number returns the exact IPv4 (and IPv6) networks that are actively being advertised on the Internet at that moment. This produces a comprehensive, current list with virtually no extraneous ranges.
A full 0.0.0.0/0 ping sweep is both impractical and unlikely to reveal every address, while also producing significant noise. Relying on web-search snippets or crowd-sourced pastebin lists can miss prefixes or include outdated information. Extracting IPs from email headers only shows the addresses of outbound mail relays, not the organization's complete routable space. Therefore, consulting BGP route-view databases is the most accurate and efficient network-footprinting technique in this scenario.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an Autonomous System Number (ASN)?
Open an interactive chat with Bash
How do public BGP route-view databases work?
Open an interactive chat with Bash
Why is querying BGP route collectors better than Nmap ping sweeps for footprinting?
Open an interactive chat with Bash
What is an Autonomous System (AS) Number?
Open an interactive chat with Bash
How do public BGP route-view databases work?
Open an interactive chat with Bash
Why is a 0.0.0.0/0 ping sweep not practical for footprinting?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Reconnaissance Techniques
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .