Sec 280 Wk 4 Case Study

429 Words2 Pages
Almost any system administrator of a large network has been probed more than once before. Network probes are technically not infringements themselves, they should not be taken lightly they could lead to actual invasions in the future. There is a saying better be safe than sorry. The most commonly use network probe is the port scan. A port scan is a technique used by intruders to discover the services running on the object machine. The intruder can plan an attack on any unprotected service that it finds. For example, if the intruder finds that a port is open, it could continue to find out what type of IMAP is running on the objective system. If the version is at risk, it could be able to get access to the system using an “exploit” (a program that exploits a security hole). A port scan is essentially very simple to implement. All we have to do is to attach to a series of ports on the system and find out which ports answer and which don't. A pretentious port scanner can be written in less than 15 minutes by a respectable programmer in a linguistic such as Java or Perl. Nonetheless, this form of port scan is certainly noticeable by the operating system of the object system. Subsequently it's so easily obvious; most invaders will not run this kind of port scan against a system these days. A ping sweep is additional kind of network probe. In a ping sweep, the invader sends a set of ICMP ECHO packets to a network of system (typically indicated as a range of IP addresses) and sees which ones answers. The entire point of this is to define which systems are active and which ones aren't. It's a tad like hitting on a neighbors' door at 3 a.m. to see whose sleeping and who's not. As soon as the invader identifies which systems are active, they can concentrate on which system to use and work from that location. There are appropriate causes to execute ping sweeps on a

More about Sec 280 Wk 4 Case Study

Open Document