Auditor Essay

701 WordsSep 22, 20133 Pages
Chris Bailey Sec208 Marvin Shumowitz | September 8 2013 | Case Study 1. Network probes | Ping Sweeps and Port Scans | Ping sweeps and port scans, should we be worried? These two network probes are tools that are used to find incursions and intrusions on the network. Network probes don’t actually do any harm. These probes are used to find access points into the network, and to use this information to make actual attacks, however, there are special tools that are available to sense these probes and alert an administrator to their activities. The administrator can then take steps to inhibit these access points from unauthorized intruders. Port scans are the most frequently used network probe. Intruders can use port scans to tell them of the services that are being used on a particular machine. The intruder is then able to see what services are being used and make an attempt to gain control of that machine. An example is if port 23 is open this would be an incredibly simple way in as this is the Telnet port, which is used to gain control of one computer from another on the same network. This is port is normally very helpful to a network administrator so that he/she does not have to be physically at the computer to find and do repairs to the machine. Port scans are relatively easy to see by most operating systems. This is then put into a log file that is easily referenced. There is a stealthier type of port scan that makes use of the three way handshake that is used in the TCP/IP format. This scan starts a communication on a particular port and when that machine sends its conformation the scan does not send back an acknowledgement, furthermore, the scan shuts itself down, not allowing the machine to make a log of the instance. The port scanner was able to tell what port was open from the response from the targeted machine; nevertheless there are special

More about Auditor Essay

Open Document