As noted in the post, Methods of attack, attackers go through a series of stages. The first of these is reconnaissance. In this, a series of unobserved steps will allow the attacker to gain information without your knowledge.
Unobtrusive Public Research
Skilled attackers and others with some cause will research an organization to attack it. Before any attack starts it is generally easy to gain a large amount of information about a site. Some of the methods used are;
1) Checking whois information about a site. Whois information can provide names and phone numbers (both technical and management), domain names and IP addressing and sometimes ISP information as well,
2) Searches of NNTP (Newsgroups) may turn up technical information (such as systems used and possible problems),
3) Web based search engines may provide a wealth of information form the organization itself or from other sources (such as newspaper articles and references from vendors),
4) Web based search engines may also be used to search for mis-configured systems and network devices which run web browsers for management purposes. A commonly missed example is to do a search for printer management pages (many HP, Fujitsu etc printers support telnet – thus allowing access inside a network and set the password using a web page on the printer). It is a common error to miss this type of vulnerability as it is often not widely known.
5) Checking version information on public services. Opening a web page or SMTP mail session in a telnet client will often give the version on the server (unless the administrator has obscured it).
6) DNS searches using nslookup and DIG. These tools can be used to find the IP addressing of an organisation, its public servers and sometimes even version information.
7) Viewing bad pages will often give system information. For this reason it is recommended that error pages be customised.
There are numerous other sources of information that an attacker would search. For this reason “Security through Obscurity” is not a defense. No organization is obscure.