It’s imperative that we not only protect against these types of activities on the network, but that we also conduct them ourselves. Ping sweeps are what they sound like. They’re a regular ping that almost anyone in the IT field uses as a basic troubleshooting step but, they are conducted across an entire range of addresses. Whereas a normal administrator would only ping one or two destinations, a malicious user may conduct a ping sweep to find every endpoint on a network that they are allowed a connection to. Most utilities that perform this operation can also perform a DNS lookup on all the IP addresses as well to produce the end points names.
9/8/2013 SEC280 Case Study Week 1 Case Study: Ping Sweeps and Port Scans Ping sweeps and port scans are not an immediate threat to the company. While it may be used by an attacker to build a profile against the company, it can also be used by an administrator to gather information about the company. Although it is not an immediate threat, it should still be monitored for potential threats because it is a common way for hackers to attempt to break a network. In the following document, more will be discussed about what ping sweeps and port scans are and how they are used to gather information about a company’s network. What is a ping sweep and how does it work?
Software devices used are; firewalls, Host intrusion Prevention Systems (HIPS), and Antivirus/Malware scanners. The concept of “work factor” is an important part of layering and is defined as the amount of effort a hacker, malware, etc. must use to breach the security measures guarding our network. Obviously, the less work they have to do point out that our security isn’t good. Showing that we have strong, layered security around our data and network will convince them to go elsewhere.
Reconnaissance is one of the phases of a computer attack and is the safest and the easiest to accomplish. In this phase an attacker would be using various tools and applications that allows them to see which ports are open on a network or computer and what applications are listening in on the other end of the router or firewall. Some of the various tools that an attacker will use during the reconnaissance phase are: • DNS and ICMP tools within the TCP/IP protocol suite • Standard and customized SNMP tools • Port scanners and port mappers • Security probes (Introduction to Information Systems Security, 367) The attacker can use other internet related websites and such to find more information out on their target such as DNS Lookup or WHOIS Lookup. These will both give more information about the target's DNS server name. The attack will also use rpcinfo or telnet logon in order to find out if rpc is active for remote command execution and to find out how soft the perimeter
This includes hosts file poisoning, even though the hosts file is not properly part of the Domain Name System. Hosts file poisoning is discussed in the malware section since it involves changing a file on the user’s computer [14]. j) Content-Injection Phishing Describes the situation where hackers replace part of the content of a legitimate site with false content designed to mislead or misdirect the user into giving up their confidential information to the hacker. For example, hackers may insert malicious code to log user's credentials or an overlay which can secretly collect information and deliver it to the hacker's phishing server. k) Man-in-the-Middle Phishing This is harder to detect than many other forms of phishing.
Abstract. The most common ways to keep track of employees is video surveillance, monitoring e-mails, keeping track of pages visited on the Internet and anything else that happens on computer, fixing the time of arrival and departure from work, listen to and record telephone conversations. Some of these methods are quite obvious for employees - for example, time-stamping, but some are hidden and may be disturbing to learn about. Business conduct surveillance not just to protect their employees and property, but to insure that procedures that are in place are being followed and to have a control over the business environment. That invasion of privacy can be justified by employer, but can also be an offense to employee.
How can you minimize the risk of viruses on your PC? If you follow these few simple steps you should be able to avoid viruses from affecting your computer: 1. Virus detection: You need to have some sort of virus protection on your computer (an anti-virus program). This will warn you if you have accessed a program with a virus. These should be updated frequently to be able to detect the newest versions of viruses.
To be prepared for anything is hard to do but with research and good instincts a business could be and feel safe from manmade and natural disasters. Physical security can be used to fix any gaps or problems with security. They may bring in surveillance, fences, hiring someone for the front desk, security badges for employees, guards at entrances. Anything that could prevent unwanted visitors that would be the proper type of security for the business will be considered. Computer programs like firewalls and back up programs to prevent cyber crime.
IT department should ensure firewalls are in place and configured to filter the traffic as it comes through. You can also use EICAR standard anti-virus test file on client computers. Instruct users to select one antivirus and one anti-spyware product and install them on their computer: Norton Antivirus; McAfee Antivirus; Avast Pro Antivirus; Bull Guard Antivirus; Webroot; Bitdefender. Most antivirus products are capable of protecting against most malware. I would select Norton antivirus and Webroot anti-spyware Ensuring anti-malware software and data is up-to-date.
“Phishing,” for example, is still one of the common ways these “cybercriminals” get a person’s username and passwords to different sites. Another way “cybercriminals” can get information, such as credit card numbers, is by one keying in those valuable numbers on to an unprotected site. In doing this, you do not know who exactly is viewing this valuable information. With all of this being said, a great and 100% way to safeguard one’s self from becoming the next victim of identity theft is to be knowledgeable to how, who, and where you “share” this kind of information. Best bet is to not give out any personal information of this nature.