Week 1 Report
Class SEC 280
In today’s report I will give a basic definition of and explain to the best of my ability what port scanning is and also what a ping sweep is and I will also try to provide examples of these techniques. Lastly I will show how these simple this can be done and or avoided and how they can affect us as a company. In today’s age with more and more computers being connected to the internet every day the presence of these new users on the global network creates an issue of security. Common questions might be as follows, how do I keep my network secure from the outside world? What can I do as an individual to keep us safe? Can we implement any new policy’s to counter this threat? These are all great questions and it is my task to answer these question first I must begin by explaining what threats we face and how to deal with those threats accordingly. To begin one of the most basic types of possible threats can come from what is called an IP sweep. What an IP sweep basically is a broad area ping that allows the user to determine what hosts if any exist on a network given a certain IP address range. A normal ping consists of a single hello message from one computer to the receiving computer. A ping sweep pings any and all computer to determine which are alive so that the attacker can figure out where he can attack the network. The next technique that can be used is called a port scanner, what a port scanner does is looks for any and all ports that can be accessed to put it in simple terms it is looking for any open routes (or doorways) into the computer or network it is scanning. Port scanning by itself can and is a useful tool; essentially, a port scan consists of sending a message to each port, one at a time. The response the person doing the scanning gets indicates whether the port is being used or not and from there the attacker can research the port for weakness. Typical ports scans can show up in system logs and thus...
Please join StudyMode to read the full document