Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
Networks are continually vulnerable to threats, which is why it is important to understand the ramifications of ping sweeps and port scans. While ping sweeps and port scans are not attacks in and of themselves, they are probing activities. Ping sweeps are automated processes that show the malicious user which computers on a network are active, whereas port scans identify the potential points of entry into a network from which to launch an attack. Both ping sweeps and port scans are threats that can be averted in order to protect network security.
Ping sweeps are akin to shouting aloud in a canyon and waiting for a response, or sending a call on a radio. Usually, intruders can create robots to conduct ping sweeps for them. One protocol used is the ICMP ECHO (Teo, 2000). The ICMP ECHO sends messages within a range of IP addresses. Another type of ping sweep is the fp tool, which works more in a "round robin" fashion by sending a ping individually to each address (Teo, 2000). Computers that are online will, if they are unprotected, answer the call. Those computers that respond are vulnerable to attack, as the intruder has narrowed down which systems are available...
Of course, it is easy to see how ping sweeps have become a necessary part of network diagnostics. Therefore, ping sweeps are not all bad, but they can be used in malicious ways.
Port scans are mechanisms that detect open ports on the network, which can allow malicious users direct entry into the system. The process is much like a thief watching a house to scan for open windows or doors ("Ping Sweeps and Port Scans," 2014). In order to communicate on a network, sending data back and forth through protocols and systems like email, ports need to be opened and closed periodically. Port scanners capitalize on these normal behaviors by recognizing which ports are being used for two-way communication and identifying the protocols being used to access those ports. Continuing with the analogy, it is as if the thief is determining how high up the window is and what tools are needed to enter the house. Port scans are "the most common type of network probe" and are "actually very simple to perform," (Teo, 2000). Once the malicious user determines which ports are open, a series of further tests can be used to identify…
References
"Defending Yourself Against Port Scanners," (2010). TechWorld. Retrieved online: http://www.techworld.com/security/defending-yourself-against-port-scanners-490/
"Ping Sweeps and Port Scans," (2014). Retrieved online: http://www.linuxjournal.com/article/4234
Teo, L. (2000). Network probes explained. Linux Journal. Dec 1, 2000. Retrieved online: http://www.linuxjournal.com/article/4234
This is also known as a vulnerability assessment (Shimonski, 2005). Enlisting senior management support so that security is taking seriously within the organization and so that employee and manager alike understand the value of assets and the seriousness threats that may exist (Shimonski, 2005; Schwartz, 2003). Establish a security budget so that from year to year an organization has the finances necessary to deal with security threats as they occur but