Ping Sweeps and Port Scans Essay

This re user interface is to provide insight on nefarious estimator activities called rap sweeps and carriage sees as a request from management. I will identify them, explain what they argon use for, how they argon used and how to stop them from attacking a network. Finally I will talk over how they can be eliminated as security risk. The information in this report is designed to increase the discretion and knowledge of these two activities so that this companys IT department will be in a better position to recognize them and block potential attacks from their use. According to S. Branch (2012), in his article What is a Ping Sweep he says A ping sweep, also called an Internet Control Message protocol (ICMP) sweep, is a diagnostic technique used in computing to see what range of (IP) addresses are in use by live host, which are usually computers. Ping sweeps are non unusual, they are ofttimes used by administrators in diagnosing network issues however, hackers also use ping swe eps to demote spry computers so they will know where to concentrate their attacks. This can become a serious security scandalise for an unprepared network.Hackers send not one ping but many a(prenominal) packets at the same time. This tends to shadowy down a network. When the hackers ping sweep finds an active computer it can send request for hidden information. There is no reason to be alarmed by ping sweeps because the solution for stopping them is very(prenominal) simple. The system administrator only need to disable ICMP packets and if the system administrator wants to do a ping sweep, just enable the ICMP packets temporarily. According to S. Branch (2012), ping sweeps are older and slower technology, and are not in use as much as in the past. A port scan attack is a popular reconnaissance technique that attackers use to discover services they can detect into according to Yahoo Answers (2007), Author unknown. Yahoo Answers states that All machines connected to a network run many services that use TCP or UDP ports and there are more than 6000 defined ports available. Normally port scan does not make direct damage just by port scanning. Potentially a port scan helps the attacker find which ports are available to launch various attacks.A port scan sends a messageto each port one at a time. The response stock back indicates whether the port is being used and if so, the port will be probed for weakness. TCP ports are the nearly attacked ports because they are connected oriented and give good feedback to the attacker. The most frequent port scan attacks to view for are Stealth Scan, which is design to be undetected by auditing tools, SOCKS, which allows multiple machines to share a frequent internet connection, easy access when not configured correctly. Bounce Scans, are systems that they can bounce their attacks through. These systems are FTP server, Email server, HTTP Proxy, Finger and others. These all have vulnerabilities to do bounce scans. They also use UDP ports to find open ports, but it is not often used because it is easily blocked. style Scan attacks can be reduced or completely solved by deploying Firewalls at critical locations of a network to distort unwanted traffic. There is also Port Scan Attack Detectors (PSAD) on the market for free use. In the fast developing world of computer technologies there will always be hackers and other types aspect for ways to still. In the earlier days of computer technology they were not much of a problem if any. Today programmers and system builders program and build their goods with hackers and others in mind. Many security features are built in and other features are discussed and put in place at the beginning of the project. Nothing is foolproof, but if there is a way for them to get in, there is a way to keep them out.ReferencesAuthor unknown. (2007). What is a Port Scan Attack? Yahoo Answers http//answers.yahoo.com/question/index?qid=20061105020422AAtre1p Branch S. (2012 ). What is a Ping Sweep? 2003-2013 say Corporation http//www.wisegeek.com/what-is-a-ping-sweep.htm