Case Study: Ping Sweeps and Port Scans
Ping sweeps and port scans are computer activities that unethical people could use to gain access to personal or company networks. In this article, I will explain what ping sweeps and port scans are, what they are used for, and how we can protect ourselves. I believe with the proper education software and support, we can take the first steps to preventing any malicious type of activities in our network. Ping sweeps and port scans can be dangerous, but can also be prevented. Ping sweeps is when an intruder sends an ICMP ECHO to a range of machines on a network. Then the machines on the network send a signal back to the intruder to let him/her know that they are on. The machines that are not on or available do not send a signal. This is an easy way for the intruder to know where to start on his/her intrusion. Now, pings sweeps is not 100% for intruders, but rather it is for network administrators on their own network. The ping sweeps are to determine which machines are alive and which ones are not. This could be for trouble shooting purposes or for licenses issues. Ping sweeps are a good tool unless you have a malicious person out there wanting to do damage. Port scans are the most common probing tool available. Port scans take ping sweeps to a different level. Port scans actually “look” at a machine that is alive and scan for an open port. Once the open port is found, it scans the port to find the service it is running. Once it finds the service the port is running, it gives the intruder power and knowledge about your system. It basically gives him/her an edge in taking over your machine. Protecting ourselves can be very easy. Number one rule to remember at all times is to always assume vulnerability. No one machine on a network is completely safe from an intruder. The best way to protect yourself is to never expose your important security information on a machine. Passwords, SSN, financial information and password hints should be kept on an encrypted flash drive. Keeping this information stored on your computer is like have your password to your ATM card in your purse or wallet. It allows the intruder to get your information faster. Education is key to protecting yourself. Keep up to date with readings about security prevention and download the latest security patches from your operating system or your Internet Security software. If the network does not have a DMZ zone, then your intranet may be vulnerable since intruders are unable to penetrate the DMZ zone. Lastly, firewalls are a must to keep open ports and machines protected. Remembering that there is no such thing as a intruder proof network will allow you to never take a chance on exposing yourself. Keep your software up to date and hire ethical people to watch the networks will decrease your chances of being hacked. Ping sweeps and port scans have been around for awhile and intruders are getting smarter. The “good guys” have to be one step ahead of the intruders in order to win this war against intrusions. It is possible to have a secure network of machines, but education, software and hiring process has to be up to par everyday. References Teo, Lawrence (2000, December
1). Network Probes Explained: Understanding Port Scans and Ping Sweeps.
Linux Journal, Retrieved March 8, 2008, from http://www.linuxjournal.com/article/4234 Unknown (2005).
Block unauthorized access to your computer to increase security . Xnews.ro, Retrieved March 8, 2008, from http://www.xnews.ro/QWblock_unauthorized_access.htm