Free Essay

Ping Sweeps and Ports Scans Description

In: Computers and Technology

Submitted By lgsany2k
Words 648
Pages 3
THESIS STATEMENT
Infamous computer activities, such as port scans and ping sweeps, which can lead to intrusion of systems of a company or network, which enables the intruders to gain access to the systems and do changes in the settings or extract important information. These activities can be detected and stopped or prevented using special skills tool set.

INTRODUCTION
One of the most common disreputable computer activities are ping sweeps and port scans. They lead to breach of systems by intruders which can harm the whole system or network protocols. There are millions of entities around the world that utilize the internet and the problem is that, many are unaware of the threats and vulnerabilities that are lurking around. These probes can be detected and prevented for to be in a safe position rather than compromise.

Ping Sweep and Port Scans Events
Two methods that are used to attack a network is ping sweep and port scans. These activities can be used with malicious intent against, as well as, in effort to try to protect a network. Ping sweeps and port scans has been a notorious and yet a useful tool for hackers and system administrators. Ping sweeps and port scans at times can be a bother to both system administrators and network managers. Ping sweeps and port scans work together and can be dangerous but it also can be prevented. A ping sweep, also known as an internet control message protocol sweep (ICMP) is a basic network scanning technique used to determine the range of Internet Protocol (IP) addresses that are being used.

Port Scans
It is one of the most common infamous computer activities. Usually the intruders hit the target machine and discovers the services being run on it. They plan to attach on any vulnerable service. If succeeded they can get an access over the machine through exploit. Java and Perl are the two languages in which exploit programs can be easily made. Generally the ports scanning rely on the theory that the target host is compatible with transmission control protocol. There are six types of port scans, the following are;
• TCP Scanning
• SYN Scanning
• UDP Scanning
• ACK Scanning
• Window Scanning
• FIN Scanning

Ping Sweeps
These activities are not unusual, they are commonly used by administrators in troubleshooting network issues; however, hackers also use ping sweeps to find active computers so they will know where to concentrate their attacks. At the moment, most computer networks are secured, but for an unsecured/unprepared network this can become a serious security breach. Hackers send not one ping but many packets at the same time in a giving day; this tends to slow down a network. When the hackers ping sweep finds an active computer it can send request for confidential information. Also ping sweeps are often used in conjunction with port scans in a similar discovery process. Ping sweeps instead are used to see what targets are available on the network. For instance, we may be on a 192.168.1.0 VLAN with only a dozen or so machines. Typically the router or DHCP server will assign individual IP addresses in order by request, but sometimes they get out of order and skip numbers.

CONCLUSION
With the advancement of the computer technology, system administrator obviously has had to grow with the fast pace of technology. With that come hackers whose intent is to maliciously disturb or steal information from a network. Ping sweeps and port scans are computer software or activities that hackers and system administrators use to gain access to personal and company networks. This paper will explain what ping sweeps and port scans are. It will inform you on how hackers and system administrators used ping sweeps and port scans. While describing some of these notorious computer activities, these techniques will also be shown how system administrators can use to benefit the company.

Similar Documents

Premium Essay

Sec280

...SEC280 | Week 1 | Case study on Port scans & sweeps | | Jared's | 11/3/2012 | Brief description of what they are and are they dangerous to company! | To answer the main questions for the concerns of our network, NO. These items that have been heard about do not require immediate attention as they are considered normal. We are protected behind our firewall as well as if the employees do as asked at the end of their shift, we will have absolutely nothing to worry about. As more in likely that situation was handled when we brought the network online. Here is a brief rundown on your concerned areas: Ping Sweeps and Port Scans are the two most common network probes that serve as important clues in sensing invasions or intrusions that can harm any type of network. Network probes are not actual intrusions, although, they could be potential causes of actual intrusions. Port scans and ping sweeps can lead to an intrusion of companies’ network system, however, with today’s technological advancements, these activities can be detected and prevented. Ping Sweeps; Ping sweeps are a set of ICMP Echo packets that are sent out to network of computers, actually a range of IP addresses, to see if there are any responses. As an intruder sends out the ping sweeps, he looks for responses so he can figure out which machines he can attack. “Note that there are legitimate reasons for performing ping sweeps on a network—a network administrator may be trying to find out which...

Words: 1129 - Pages: 5

Free Essay

Ceh Test Questions

...Exam : 312-50 Title : Ethical Hacker Certified Ver : 02-23-2009 312-50 QUESTION 1: What is the essential difference between an 'Ethical Hacker' and a 'Cracker'? A. The ethical hacker does not use the same techniques or skills as a cracker. B. The ethical hacker does it strictly for financial motives unlike a cracker. C. The ethical hacker has authorization from the owner of the target. D. The ethical hacker is just a cracker who is getting paid. Answer: C Explanation: The ethical hacker uses the same techniques and skills as a cracker and the motive is to find the security breaches before a cracker does. There is nothing that says that a cracker does not get paid for the work he does, a ethical hacker has the owners authorization and will get paid even if he does not succeed to penetrate the target. QUESTION 2: What does the term "Ethical Hacking" mean? A. Someone who is hacking for ethical reasons. B. Someone who is using his/her skills for ethical reasons. C. Someone who is using his/her skills for defensive purposes. D. Someone who is using his/her skills for offensive purposes. Answer: C Explanation: Ethical hacking is only about defending your self or your employer against malicious persons by using the same techniques and skills. QUESTION 3: Who is an Ethical Hacker? A. A person whohacksfor ethical reasons B. A person whohacksfor an ethical cause C. A person whohacksfor defensive purposes D. A person whohacksfor offensive purposes Answer:...

Words: 34575 - Pages: 139

Premium Essay

Vulnerability in Information

...Threats, and Attacks Upon completion of this chapter, you should be able to answer the following questions: ■ ■ What are the basics concepts of network security? What are some common network security vulnerabilities and threats? ■ ■ What are security attacks? What is the process of vulnerability analysis? Key Terms This chapter uses the following key terms. You can find the definitions in the glossary at the end of the book. Unstructured threats Structured threats External threats Internal threats Hacker Cracker Phreaker Spammer Phisher page 21 page 21 page 21 page 21 page 21 page 20 page 20 page 20 page 21 White hat Black hat page 21 page 21 page 28 page 28 Dictionary cracking Brute-force computation Trust exploitation Port redirection page 28 page 29 page 30 Man-in-the-middle attack Social engineering Phishing page 30 page 30 2 Network Security 1 and 2 Companion Guide The Internet continues to grow exponentially. Personal, government, and business applications continue to multiply on the Internet, with immediate benefits to end users. However, these network-based applications and services can pose security risks to individuals and to the information resources of companies and governments. Information is an asset that must be protected. Without adequate network security, many individuals, businesses, and governments risk losing that asset. Network security is the process by which digital information assets are protected. The goals of network...

Words: 13317 - Pages: 54

Free Essay

Ethical Hacking

...This page was intentionally left blank This page was intentionally left blank Hands-On Ethical Hacking and Network Defense Second Edition Michael T. Simpson, Kent Backman, and James E. Corley ———————————————————————— Australia • Brazil • Japan • Korea • Mexico • Singapore • Spain • United Kingdom • United States Copyright 2010 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s). Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it. This is an electronic version of the print textbook. Due to electronic rights restrictions, some third party content may be suppressed. Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. The publisher reserves the right to remove content from this title at any time if subsequent rights restrictions require it. For valuable information on pricing, previous editions, changes to current editions, and alternate formats, please visit www.cengage.com/highered to search by ISBN#, author, title, or keyword for materials in your areas of interest. Copyright 2010 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated...

Words: 185373 - Pages: 742

Free Essay

A Hands on Intro to Hacking

...Penetration testing Penetration testing A Hands-On Introduction to Hacking by Georgia Weidman San Francisco Penetration testing. Copyright © 2014 by Georgia Weidman. All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher. Printed in USA First printing 18 17 16 15 14   123456789 ISBN-10: 1-59327-564-1 ISBN-13: 978-1-59327-564-8 Publisher: William Pollock Production Editor: Alison Law Cover Illustration: Mertsaloff/Shutterstock Interior Design: Octopod Studios Developmental Editor: William Pollock Technical Reviewer: Jason Oliver Copyeditor: Pamela Hunt Compositor: Susan Glinert Stevens Proofreader: James Fraleigh Indexer: Nancy Guenther For information on distribution, translations, or bulk sales, please contact No Starch Press, Inc. directly: No Starch Press, Inc. 245 8th Street, San Francisco, CA 94103 phone: 415.863.9900; fax: 415.863.9950; info@nostarch.com; www.nostarch.com Library of Congress Cataloging-in-Publication Data Weidman, Georgia. Penetration testing : a hands-on introduction to hacking / Georgia Weidman. pages cm Includes index. ISBN 978-1-59327-564-8 (paperback) -- ISBN 1-59327-564-1 (paperback) 1. Penetration testing (Computer security) 2. Kali Linux. 3. Computer hackers. QA76.9.A25W4258 2014 005.8'092--dc23 2014001066...

Words: 117203 - Pages: 469

Free Essay

Ccnp Route Ccnp Nstructor Lab Menual V6.0

...Systems, Inc. Permission is granted to print and copy this document for non-commercial distribution and exclusive use by instructors in the CCNP TSHOOT course as part of an official Cisco Networking Academy Program. CCNPv6 ROUTE Chapter 1 Lab 1-1, Tcl Script Reference and Demonstration Instructor Version Topology Objectives • • Use Tcl scripts to verify full connectivity. Identify causes of failures. Background The Cisco IOS Scripting feature provides the ability to run Tool Command Language (Tcl) commands from the Cisco IOS command-line interface (CLI). Tcl scripts can be created to accomplish routine and repetitive functions with Cisco IOS-based networking devices. In this lab, you create and execute a Tcl script that sends pings to multiple IP addresses in the network to test overall network connectivity. Note: Cisco IOS Release 12.3(2)T and later supports Tcl scripting. Required Resources • • 2 routers (Cisco 1841 with Cisco IOS Release 12.4(24)T1 Advanced IP Service or comparable) Serial and console cables Note: This lab uses Cisco 1841 routers with Cisco IOS Release 12.4(24)T1 and the advanced IP image c1841-advipservicesk9-mz.124-24.T1.bin. Other routers (such as a 2801 or 2811) and Cisco IOS Software versions can be used if they have comparable capabilities and features. Depending on the router model and Cisco IOS Software version, the commands available and output produced might vary from what is shown in this lab. All contents are Copyright © 1992–2010...

Words: 171031 - Pages: 685

Premium Essay

Vulnerability Mangement

...QUALYSGUARD® ROLLOUT GUIDE July 12, 2012 Copyright 2011-2012 by Qualys, Inc. All Rights Reserved. Qualys, the Qualys logo and QualysGuard are registered trademarks of Qualys, Inc. All other trademarks are the property of their respective owners.  Qualys, Inc. 1600 Bridge Parkway Redwood Shores, CA 94065 1 (650) 801 6100 Preface Chapter 1 Introduction Operationalizing Security and Policy Compliance..................................................... 10 QualysGuard Best Practices ........................................................................................... 11 Chapter 2 Rollout First Steps First Login......................................................................................................................... Complete the User Registration.......................................................................... Your Home Page................................................................................................... View Host Assets .................................................................................................. Add Hosts .............................................................................................................. Remove IPs from the Subscription..................................................................... Add Virtual Hosts ................................................................................................ Check Network Access to Scanners .....................................

Words: 38236 - Pages: 153

Premium Essay

Security Analyst

...History 2. What Is an Ethical Hacker? 3. Summary 4. Exam Essentials 5. Review Questions 4. Chapter 2: System Fundamentals 1. Exploring Network Topologies 2. Working with the Open Systems Interconnection Model 3. Dissecting the TCP/IP Suite 4. IP Subnetting 5. Hexadecimal vs. Binary 6. Exploring TCP/IP Ports 7. Understanding Network Devices 8. Working with MAC Addresses 9. Intrusion Prevention and Intrusion Detection Systems 10. Network Security 11. Knowing Operating Systems 12. Backups and Archiving 13. Summary 14. Exam Essentials 15. Review Questions 5. Chapter 3: Cryptography 2 1. Cryptography: Early Applications and Examples 2. Cryptography in Action 3. Understanding Hashing 4. Issues with Cryptography 5. Applications of Cryptography 6. Summary 7. Exam Essentials 8. Review Questions 6. Chapter 4: Footprinting and Reconnaissance 1. Understanding the Steps of Ethical Hacking 2. What Is Footprinting? 3. Terminology in Footprinting 4. Threats Introduced by Footprinting 5. The Footprinting Process 6. Summary 7. Exam Essentials 8. Review Questions 7. Chapter 5: Scanning Networks 1. What Is Network Scanning? 2. Checking for Live Systems 3. Checking for Open Ports 4. Types of Scans 5. OS Fingerprinting 6. Banner Grabbing 7. Countermeasures 8. Vulnerability Scanning 9. Drawing Network Diagrams 10. Using Proxies 11. Summary 12. Exam Essentials 13. Review Questions 8. Chapter 6: Enumeration of Services 3 1. A Quick Review 2. What Is Enumeration? 3. Windows Basics 4. Enumeration...

Words: 71242 - Pages: 285

Free Essay

Is4550 Unit 3 Assignment 1

...The  Critical  Security  Controls   for   Effective  Cyber  Defense   Version  5.0                     1       Introduction   .....................................................................................................................................................................  3   CSC  1:    Inventory  of  Authorized  and  Unauthorized  Devices  ............................................................................  8   CSC  2:    Inventory  of  Authorized  and  Unauthorized  Software  .......................................................................  14   CSC  3:    Secure  Configurations  for  Hardware  and  Software  on  Mobile  Devices,  Laptops,   Workstations,  and  Servers  .......................................................................................................................................  19   CSC  4:    Continuous  Vulnerability  Assessment  and  Remediation  .................................................................  27   CSC  5:    Malware  Defenses  ..........................................................................................................................................  33   CSC  6:    Application  Software...

Words: 31673 - Pages: 127

Premium Essay

Computer Engineer

...* CCNA Routing & Switching 200-120 * Chapter 1 – Understanding Networks and their Building Blocks * 1-1 Introduction to Networks * 1-2 Networking Types * 1-3 OSI Reference Model * 1-4 TCP/IP Model * 1-5 Ethernet Technologies and Cabling * 1-6 Cisco 3 Layer Model * 1-7 Summary * Chapter 2 – IP Addressing and Subnets * 2-1 IP Addresses – Composition, Types and Classes * 2-2 Private and Public IP addresses * 2-3 Subnetting * 2-4 Variable Length Subnet Masks (VLSM) * 2-5 Route Summarization * 2-6 Troubleshooting IP Addressing * Chapter 3 Introduction to Cisco Routers, Switches and IOS * 3-1 Introduction to Cisco Routers, Switches, IOS & the Boot Process * 3-2 Using the Command-Line Interface (CLI) * 3-3 Basic Configuration of Router and Switches * 3-4 Configuring Router Interfaces * 3-5 Gathering Information and Verifying Configuration * 3-6 Configuring DNS & DHCP * 3-7 Saving, Erasing, Restoring and Backing up Configuration & IOS File * 3-8 Password Recovery on a Cisco Router * 3-9 Cisco Discovery Protocol (CDP) * 3-10 Using Telnet on IOS * 3-11 CCNA Lab #1 * Chapter 4 Introduction to IP Routing * 4-1 Understanding IP Routing * 4-2 Static, Default and Dynamic Routing * 4-3 Administrative Distance and Routing...

Words: 95744 - Pages: 383

Premium Essay

Test Paper

...CompTIA Security+: Get Certified Get Ahead SY0-401 Study Guide Darril Gibson Dedication To my wife, who even after 22 years of marriage continues to remind me how wonderful life can be if you’re in a loving relationship. Thanks for sharing your life with me. Acknowledgments Books of this size and depth can’t be done by a single person, and I’m grateful for the many people who helped me put this book together. First, thanks to my wife. She has provided me immeasurable support throughout this project. The technical editor, Steve Johnson, provided some good feedback throughout the project. If you have the paperback copy of the book in your hand, you’re enjoying some excellent composite editing work done by Susan Veach. I’m extremely grateful for all the effort Karen Annett put into this project. She’s an awesome copy editor and proofer and the book is tremendously better due to all the work she’s put into it. While I certainly appreciate all the feedback everyone gave me, I want to stress that any technical errors that may have snuck into this book are entirely my fault and no reflection on anyone who helped. I always strive to identify and remove every error, but they still seem to sneak in. About the Author Darril Gibson is the CEO of YCDA, LLC (short for You Can Do Anything). He has contributed to more than 35 books as the sole author, a coauthor, or a technical editor. Darril regularly writes, consults, and teaches on a wide variety of technical...

Words: 125224 - Pages: 501

Premium Essay

Computer Tricks

...academic text books and courses of study in information security, computer forensics, disaster recovery, and end-user security. By repurposing the essential content of EC-Council’s world class professional certification programs to fit academic programs, the EC-Council | Press was formed. With 8 Full Series, comprised of 27 different books, the EC-Council | Press is set to revolutionize global information security programs and ultimately create a new breed of practitioners capable of combating this growing epidemic of cybercrime and the rising threat of cyber war. This Certification: C|EH – Certified Ethical Hacker Certified Ethical Hacker is a certification designed to immerse the learner in an interactive environment where they will learn how to scan, test, hack and secure information systems. Ideal candidates for the C|EH program are security professionals, site administrators, security officers, auditors or anyone who is concerned with the integrity of a network infrastructure. The goal of the Ethical Hacker is to help the organization take...

Words: 61838 - Pages: 248

Premium Essay

Test

...Checking 13 2.5 Application Security 13 2.5.1 World Wide Web (WWW) Applications 13 2.5.2 E-mail Systems 15 2.5.3 Mobile Code 15 2.5.4 Database Applications 17 2.5.5 Domain Name Service (DNS) 17 2.6 Personal Digital Assistants (PDAs) 18 3. VULNERABILITY ASSESSMENTS 21 4. INFORMATION ASSURANCE VULNERABILITY ALERT (IAVA) PROCESS 23 5. SOFTWARE DEVELOPMENT GUIDANCE 25 5.1 Purpose 25 5.2 Recommendations 25 5.3 Protocols 25 5.4 Operating Systems (OSs) 25 5.5 Encryption 26 5.6 General Considerations 26 5.7 Software Development References 26 5.7.1 Microsoft Windows NT OS 27 5.7.2 UNIX OS 27 6. DISA ENCLAVE SECURITY IMPLEMENTATION DESCRIPTION AND EXTENSION REQUIREMENTS 29 6.1 Guidance 29...

Words: 19685 - Pages: 79

Premium Essay

Hello

...Securing Cisco Routers (SECR) Glossary A AAA ABEND Access Access attacks Authentication, Authorization, Accounting. Allows all facets of user security to be defined on a central server. Abnormal END. Abnormal termination of software. 1.) In dealing with network security it is an all-encompassing term that refers to unauthorized data manipulation, system access, or privileged escalation. An all-encompassing term that refers to unauthorized data manipulation, system access, or privileged escalation. Unauthorized data retrieval is simply reading, writing, copying, or moving files that are not intended to be accessible to the intruder. Limiting the flow of information from the resources of a system to only the authorized persons or systems in the network. See ACE. access control Access Control Entry access control list See ACL. access device access layer Access Method Hardware component used in your signaling controller system: access server or mux. The point at which local end users are allowed into the network. 1.) Generally, the way in which network devices access the network medium. 2.) Software within an SNA processor that controls the flow of information through a network. Defines access rights and privileges for the network users. The access policy should provide guidelines for connecting external networks, connecting devices to a network, and adding new software to systems. The remote computer system which connects a personal computer to the Internet. Access Virtual...

Words: 23221 - Pages: 93

Free Essay

Arduino

...Arduino Cookbook Arduino Cookbook Michael Margolis Beijing • Cambridge • Farnham • Köln • Sebastopol • Tokyo Arduino Cookbook by Michael Margolis Copyright © 2011 Michael Margolis and Nicholas Weldin. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://my.safaribooksonline.com). For more information, contact our corporate/institutional sales department: (800) 998-9938 or corporate@oreilly.com. Editors: Simon St. Laurent and Brian Jepson Production Editor: Teresa Elsey Copyeditor: Audrey Doyle Proofreader: Teresa Elsey Indexer: Lucie Haskins Cover Designer: Karen Montgomery Interior Designer: David Futato Illustrator: Robert Romano Printing History: March 2011: First Edition. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. Arduino Cookbook, the image of a toy rabbit, and related trade dress are trademarks of O’Reilly Media, Inc. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O’Reilly Media, Inc., was aware of a trademark claim, the designations have been printed in caps or initial caps. While every precaution...

Words: 90321 - Pages: 362