Impact of Ping Sweeps and Port scans on IT SYSTEMS
- Details
- Hits: 41155
Thesis Statement
Are ping sweeps and port scans a security threat to its systems
Introduction
Ping sweeps and port scans are generally computer tricks that unscrupulous persons can use as a doorway to gain access to other people’s personal computers or a company’s network. Usually ping sweeps are the first to be carried out by those who want to gain entry, they help in discovering the end- points on a computer network connection; after which a port scan is carried out and it aides in determining an “open-door” for that exact end-point already established. Once this is accomplished, the rogue person can enjoy unlimited accesses to all kinds of internet activities by taking advantage of the “open-doors” on the systems and reach vital and classified files store in the network’s computers (Engebretson, 2013). As such, any organization needs to worry because Port scans as they pose a huge security threat to their information if they go-on unobserved.
What are ping sweeps and port scans?
Ping sweeps are a regular activity in the field of IT that any one uses as a fundamental troubleshooting rung when there is a problem within the network; nonetheless, they can be carried out across a whole array of addresses. While an ordinary network overseer pings at least one or two anticipated destinations, a malevolent user will do a ping Sweep to all end-points in a network, which they have a link to (Williams, Cothren & Davis, 2004). Most of the utilities that execute this maneuver can also carry out a DNS visit to the existing IP addresses also to generate the end names.
Once the spiteful user has information about how to accesses computers, they can do an evaluation to find the machine that seems significant, or can decide to prance to launch a direct assault on an arbitrary machine. Either way the aggressor will now have critical knowledge of what they can launch assail. This is fundamentally, what a ping sweep is all about; it checks through each address on the network connection, determines the ones accessible and those that are not. Then it also gives some supportive information in recognition of which addresses are of interest for the assault and which ones are not worth the endeavor (Masica, 2008).
A port scan on the other hand is an extra directed assail, which tries to locate a breach on a particular end-point for an anticipated assault. This usually happens when a hacker has already done a ping sweep and found an address of interest for his attack. They then carry out a port scan on the address to spot any ports on the end that is open to entry. By locating the ports that are not closed, the invader will have a thought of the different services that are being executed on that end-point. This then enables the hacker to make out precise areas that they can concentrate their efforts on to try to take advantage of susceptibility (Engebretson, 2013).
For example, if one left the File Transfer Protocol (FTP) on port 21 open on their computer, with a common username and password, the attacker may duplicate all the files from that machine essentially stealing personal or corporate data. Or worse copy malicious programs to the computer that appears as harmless applications for any ordinary user. Upon execution by the unknowing user, they roll out as viruses that can be severe and might totally compromise the truthfulness of the data stored in that machine and render it unusable (Masica, 2008).
Conclusion
Whereas all of these invasions have the capacity to be a major security concern, with appropriate discharge of information protection procedures, policies and embedment of certain security devices and installation of requisite security software, the risk of an assault being triumphant is diminished. By a simple execution of a well-configured network and firewall, host centered intrusion Prevention System (IPS), these threats are minimized (Engebretson, 2013). Nevertheless as with many type of things, a regular monitoring and due assiduousness is constantly necessary for the sustained triumph of a person or company.