This website uses cookies to ensure you have the best experience. Learn more

Ping Sweeps And Port Scans Essay

1200 words - 5 pages

Ping Sweeps & Port Scans:
Potential Dangers and Defense Strategies


Insert Your Name

Name of University
SEC 280 Week 1
Insert Tutor’s Name
1st, October, 2012
1) Introduction (pg.3)
2) Ping Sweeps & Port Scans (pg.3)
a) Ping Sweeps (pg.3)
b) Port Scans (pg.4)
3) Recommendations & Conclusion (pg.5)
4) References (pg.7)

Ping Sweeps & Port Scans
While running businesses, owners must be aware of crucial security threats that their ...view middle of the document...

An individual, thereafter, can use various utilities on the internet to exploit identified “open doors” within a system and gain access to sensitive information as explained in the following paragraphs.
a) Ping Sweeps
A ping sweep is a kind of network probe where an individual sends a set of “ICMP ECHO” packets to a range of machines so as to establish which machines are alive and which ones are not. Hence, it is an attempt to establish which machines in a network are actually on and responding before a hacker can launch his attack on running machines. Although intruders can use ping sweeps to conduct illegal activities, there are legitimate reasons for conducting them. For instance, a network administrator may conduct a ping sweep so as to establish active machines on the network for diagnostic purposes. Teo (2000) assert that most utilities that can perform a ping sweep - including fping - can also perform a DNS search on all IP addresses and generate endpoints names. This crucial information will then allow an attacker to launch an attack on the machine of much preference.
Detection and Defense against Ping Sweeps
The first step in reducing network attacks on a particular system is to detect then attempt to establish proper ways of eliminating the vulnerabilities. Ping sweeps can be detected through various methods such as looking for ARP packets using EtherPeek NX and EtherPeek tools (Wild Packets, 2002). This involves the creation of a filter searching for ARP packets that are usually easy to spot, which are then looked into in order to establish the senders IP address. Ippl is an IP protocol logger that runs in the background and listens for packets; hence, it is high profile ping sweep detection tool (Teo, 2002).
b) Port Scans
A port scan is another common network probe that is generally used by intruders to establish services that are actually running on the target machine (SANS Institute, 2002). Port scans allow intruders to establish vulnerable services in machines where attacks can be successfully launched. As such, a port scan refers to a process where a hacker attempts to establish a connection with target machine on various TCP or UDP ports in order to spot potential vulnerabilities of the system (Wild Packets, 2002). Port scans are generally easy to perform since it involves connecting to a series of ports on the target machine and identifying the ones that respond. Programmers can actually write a simple port scanner in a few minutes, but these are usually very easily detected by the operating system on the target machine as describe in the following paragraph.
Detection and Defense against Port Scans
Port scans are legally accepted unless an attacker uses information from a port scan to...

Other assignments on Ping Sweeps And Port Scans

Lab 1 Assesment Question Essay

428 words - 2 pages , and the IP default gateway router? 1. The IP host is 2. The IP host address is 3. The IP host address is 3. Did the targeted IP hosts respond to the ICMP echo-request packet with an ICMP echo-reply packet when you initiated the “ping” command at your DOS prompt? If yes, how many ICMP echo-request packets were sent back to the IP source? Yes. Four packets. 4. If you ping the TargetWindows01 server and the

The Internet Protocol Suite And The Osi Reference Model

906 words - 4 pages isolate network hardware problems and incompatible configurations. Isolate Host Routing Problems Step 1 Check the host’s ability to send packets inside its own subnet. Either ping the host’s default gateway IP address from the host, or ping the host’s IP address from the default gateway. If the ping fails, do the following: * a. Ensure that the router’s interface used at the default gateway is in an “up and up” state. * b. Check the

Unit 5 Assignment 2 Define An Acceptable Use Policy (Aup)

339 words - 2 pages quadrating for unknown file types - Disablement for ping, probing, and port scanning on all exterior IP devices - Denying of outbound traffic using source IP addresses - Apply file transfer monitoring, scanning and alarming for unknown file types Web Surfing is the usage of the internet browsing a series of web browsers For Security (Administrators and Managers) - Apply domain-name content filtering at the internet entry/access point - Employees

It Infrastructure

310 words - 2 pages scans) does the Intense Scan using ZenMap GUI perform?Port Scanning, OS detection, Version detection, Network Distance, TCP sequence prediction, Trace route5. From the ZenMap GUI pdf report page 6, what ports and services are enabled on the Cisco Security Appliance device? 443/tcp open ssl/http, No exact OS matches for host, Aggressive OS guesses: Cisco Catalyst 1900 Switch, Software v9.00.03 (89%).6. What is the source IP address of the Cisco Security Appliance device (refer to page 6 of the pdf report)? Nmap scan report for How many IP hosts were identifie

Information Systems Security

3283 words - 14 pages the router, firewall and network appliance operating system. The most effective methods that we have found to mitigate these threats are disabling ping, port scanning and probing altogether; applying strict security monitoring controls for intrusion detection and prevention; disallowing IP port numbers that are used for probing and scanning; monitoring for inbound traffic anomalies; and defining a strict zero-day vulnerability window (Kim &amp

Security Plan Outline For Richman Investments

501 words - 3 pages network. LAN to WAN Domain • Disable ping, probing, and port scanning of exterior devices. • Strict monitoring for intrusion detection on inbound IP traffic. • Apply file monitoring and scanning of traffic from unknown sources. Monitoring traffic will help for see intrusions into the network. Any traffic that is out of the ordinary will raise a red flag to system administrators. WAN Domain • Email attachment quarantine of unknown file

Is3220 Week 7

1569 words - 7 pages on the internal network behind the VPN server. 2. Users can't access anything on the corporate network Sometimes users will be able to connect to the remote access VPN server but are unable to connect to any resources on the corporate network. They are unable to resolve host names and unable to even ping resources on the corporate network. The most common reason for this problem is that users are connected to a network on the same

Network Security And Ethical Hacking

5261 words - 22 pages in question, a combination of results from passive research and tools such as ping, traceroute and nmap can help to accurately produce a network map. An extension of network mapping is Port Scanning; this method is designed to attempt identification the types of services available or running on a target device. Once completed the result set can help identify particularly important information relating to the use of a particular device (e.g. Web


2593 words - 11 pages supported by the IOS for legacy purposes. Document the router prompt and full commands to configure the console port on AUS. Use the password cisco. * AUS(config)#line console 0 * AUS(config-line)#password cisco * AUS(config-line)#login * AUS(config-line)#exec-timeout 30 0 <--Optional * AUS(config-line)#logging synchronous <--Optional 5. Document the router prompt and full commands to configure the Telnet lines on AUS. Use

Advantages And Disadvantages Of Modern Technologies

2125 words - 9 pages Economic History of Hong Kong Hong Kong’s economic and political history has been primarily determined by its geographical location.  The territory of Hong Kong is comprised of two main islands (Hong Kong Island and Lantau Island) and a mainland hinterland. It thus forms a natural geographic port for Guangdong province in Southeast China. In a sense, there is considerable continuity in Hong Kong’s position in the international economy since its

Cis 175 Assignment 1

2878 words - 12 pages installed in ceiling above the reception area. CAT5 or CAT6 cables can support up to 100 meters before signal degradation. These connections can be routed form the reception area ceiling coming out like a star and then down the walls or separations and out to a port jack. Each workstation’s PC would connect to their corresponding wall Ethernet jack. In many workstation cases, the cable goes form the wall jack to their phone on their desk and back down

Similar Documents

Ping Sweeps And Port Scans Essay

562 words - 3 pages Ping Sweeps and Port Scans James A. Fort SEC 280 Professor Dau July 15, 2012 Ping Sweeps and Port Scans With computer networks becoming larger hackers are looking more and more for ways to illegally gain access to our networks and procure information about our customers that they can use for their gain. Some tools that hackers are using are called ping sweeps and port scans. Now in the hands of Network Administrators these tools are not

Case Study Week 1

600 words - 3 pages other activity in which our systems can still be accessed if we aren’t careful. Specifically, two harmful activities, ping sweeps and port scans can have a major impact on computer systems and can definitely cause worry if they aren’t prevented. Ping sweeps could have a major impact on computer systems because they are the first step of an intruder making his entry (Conklin, White, 2010). A ping sweep sends a ping or an ICMP echo request to the

Funsec Slm Lab01 Essay

452 words - 2 pages Plus, Quick Traceroute, Regular Scan, Slow comprehensive scan © Jones & Bartlett Learning, LLC. NOT FOR SALE OR DISTRIBUTION 2 7. How many different tests (i.e., scripts) did your Intense Scan perform? Ping (or Arp Ping), TCP Port Scan (SYN Stealth), Service Scan, Operating System Detection (OS detection), and Traceroute 8. Based on your interpretation of the Intense Scan, describe the purpose/results of each tests script performed

Cis 333 Lab 1 Essay

342 words - 2 pages vary? TIL = 128 for windows and 64 for unbuntu 5. What is the command line syntax for running an “Intense Scan” with Zenmap on a target subnet of nmap -T4 -A -v -PE -PS22,25,80 -PA21,23,80,3389 6. Name at least five different scans that may be performed from the Zenmap GUI. Document under what circumstances you would choose to run those particular scans. Intense scan ping scan quick scan regular scan