Tuesday, March 5, 2019
Threat Assessment of Ping Sweeps and Port Scans
Threat Assessment of strike Sweeps and carriage S butt joints Ping sweeps and appearance skips are two techniques that a malevolent computer substance abuser much(prenominal) as a hacker can utilize to agree an effort networks gage and gain bother to their proprietary data. For example, private netmail messages can be forwarded to a rogue destination email turn Done by installing a virus program into a users email client through a observed active computers open TCP/IP IMAP user interfacehole (port figure 143) that is non being currently used by that user (Clarke, 2008).The virus whence could take advantage of security vulnerabilities in that users email client program and forward emails from that users inbox all over to another destination email address without them crafty about it. Therefore, in light of such exploits as just depict it is vitally important to address and mitigate the security problem to an Enterprise network from ping sweeps and port scans tha t can be incurred from outside sources by the use of strong Firewall protections. To better comprehend the danger that ping sweeps and port scans can represent here is a more detailed explanation of each of these techniques.Ping sweeps First, a ping is a computer network benefit tool using the Internet Control Message Protocol (ICMP) to diffuse multiple data packets to a print legions device such as horde, workstation, or printer to establish whether that waiter device on a network is actively present (turned on, or active) and able to communicate. If the target host device in question sends back a resolve and so that device is determined to indeed be active on the network. So therefore, a ping sweep is number of pings that are penalize to determine which out of a range of IP addresses map over to live host devices (Rouse, 2005).To perform this task there are several(prenominal) available software tools to choose from, such as fping, gping, and Nmap for UNIX systems. Also , there is Rhino9s Pinger software and SolarWinds Ping Sweep for Windows systems. After using such a tool a malicious user can know which host devices on a network are actively available and then proceed to performing a technique called a port scan to try to gain access to those devices. Port Scanning Port examine is technique used to identify any open or virtuallyd(a) TransmissionControl Protocol (TCP) or User Datagram Protocol (UDP) network communication ports or services on a network host device. For example, port number 110 is assigned to Post Office Protocol three (POP3) for email client application communications on a network. There can be up to 65,000 ports any one computer or host device and any unused open ports as determined by a port scan may allow a malicious user unauthorized access to it. This is akin to an open window in a house whereas a burglar can gain access to it (Facts about port, ).Also, accessive port scanning can lead to a demur of service (DoS) attack an d not allow authorized users to access their data. Finally, there are again several utility tools available to perform port scanning such as Nmap as mentioned previously or SolarWinds Port scanner. Firewall To mitigate the security threat posed by ping sweeps and port scans it is highly recommended that firewall protection on all network hosts devices should be enabled to close any unused ports to protect them from unauthorized access.Also, is recommended that the use of a firewall server to protect the network from any outside intruders be used as well. In conclusion, ping sweeping and port scanning can exist the security of a Business Enterprises network and steps to handle security should be implemented to mitigate as much as practical any possibility that any data is kept confidential, that its integrity clay intact, and is always available.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment