Case Study #1
Case Study #1
09/07/2014
Principles Info Sys Security
Ping sweeps and port scans are used for hackers and intruders to find a way into a network and is a problem for all companies. These are two ways that are used to try and hack into networks to steal information. Port scans and ping sweeps are two very common ways that hackers use to gain access into a network.
A ping sweep is a kind of network probe to try and gain access by pinging a machine (computer) to see if it is on. During a ping sweep, the intruder sends a set of ICMP ECHO packets to a network of machines to see which ones respond. The whole point of doing the ping sweep is to determine which machines are left on and which are turned off. Once the hacker knows which machines are on, he can focus on the machines to attack. Hackers usually send ICMP ECHO packets to an IP range to see which machines reply back.
They may also use what is called fping, which can be used for conducting ping sweeps. Fping takes the list of IP addresses and sends them ping packets. Unlike the normal ping, fping sends one ping packet to one IP address, and then proceeds immediately to the next IP address in a rotation.
The port scan is a method used by intruders/hackers to discover the services running on a target machine (computer). The hacker can use the information he finds to then plan an attack on any service they find. If the hacker finds a port that is open, they may proceed to find out what process is running on that computer or machine. If the process version is vulnerable, the hacker may be able to gain super user access. Port scanning can also cause a slowdown on the machine or the network, because of all of the traffic.
Running a port scan is a very simple task to perform these days. All that needs to be done is to connect to a series of ports on a machine and find out which ports respond and which don't. A simple port scanner program can be written usually under 15 minutes by a programmer in a language such
09/07/2014
Principles Info Sys Security
Ping sweeps and port scans are used for hackers and intruders to find a way into a network and is a problem for all companies. These are two ways that are used to try and hack into networks to steal information. Port scans and ping sweeps are two very common ways that hackers use to gain access into a network.
A ping sweep is a kind of network probe to try and gain access by pinging a machine (computer) to see if it is on. During a ping sweep, the intruder sends a set of ICMP ECHO packets to a network of machines to see which ones respond. The whole point of doing the ping sweep is to determine which machines are left on and which are turned off. Once the hacker knows which machines are on, he can focus on the machines to attack. Hackers usually send ICMP ECHO packets to an IP range to see which machines reply back.
They may also use what is called fping, which can be used for conducting ping sweeps. Fping takes the list of IP addresses and sends them ping packets. Unlike the normal ping, fping sends one ping packet to one IP address, and then proceeds immediately to the next IP address in a rotation.
The port scan is a method used by intruders/hackers to discover the services running on a target machine (computer). The hacker can use the information he finds to then plan an attack on any service they find. If the hacker finds a port that is open, they may proceed to find out what process is running on that computer or machine. If the process version is vulnerable, the hacker may be able to gain super user access. Port scanning can also cause a slowdown on the machine or the network, because of all of the traffic.
Running a port scan is a very simple task to perform these days. All that needs to be done is to connect to a series of ports on a machine and find out which ports respond and which don't. A simple port scanner program can be written usually under 15 minutes by a programmer in a language such