Free Essay

Sec280 Week 1

In:

Submitted By Misty26
Words 946
Pages 4
Dear Sir, It has come to to my attention that you are curious about ping sweeps, and port scans. In the next couple of paragraphs I will explain what each of them are. Next, I will also tell you about the different types of port scans. Then, I will go about explaining how they can impact the company. Next, I will tell you based on the information I provided to you if it is something you should be worried about. First, what is a ping sweep? A ping sweep can also be called an ICMP Sweep. ICMP stands for Internet Control Message Protocol, its primilarily designed to work with our companies operating system and send an error message indicating that a service request is not available. It also can also check and see if the computer's on a domain is not able to connect to the hub or router. Now, a ping sweep is essentially the computer sends a "ping" to a particular destination whether its the domains router, hub switch, etc.. Now, you maybe wondering what is a "ping" is. It is essentially an echo where a computer sends a message and sees if it gets anything back. And if it does it assigns the message back as a protocol number. Sir, there are different ways to perform a ping sweep, I can always go in the command prompt and type the following in; fping,gping and nmap, now I can only use this for the Unix operationg system and I can use pinger software for Windows operating system. You also need to be aware that when I send out a ping it sends out multiple pings to see if a message comes back. I can disable them if you should choose to, all you have to do you would have to have an administrator go in the network settings and reject ICMP echos or essentially messages coming back say that you have an error or not. Next, you wondering what a port scan is. A port scan is job is essentially to "help identify which ports are open, thus giving an indication of which services may be running on the targeted machine1." You might also want to think about it as a group of messages sent by someone who is trying to get into the network. They usually try to go in thru a well known port in a particular computer and know how to make the company or whatever it is suffer. Now, there are different types of port scans. I will describe a few of them and what they do. First, there is a UDP port scan which essentially is scans for any open User Datagram Protocol ports. Another one is called the FTP Bounce Scan, which attempts are directed through a FTP server and then to a hacker's location. Next, you have a Strobe Port Scan which which a hacker attempts to connect to a particular set of ports usually the ones under 20. There are many more you can find about you just have to realize that port scans can be really bad. Next, I will tell you my personal opinion on each thing you heard about; ping sweeps and port scans. Ping sweeps in my honest can be swayed both good and bad. Why you ask its because you can identify problems in your nework that are not working correctly in a heart beat and you can tell whats going on. Bad because if you have a person who is on the inside, they can figure out how to go around the ping sweep and make off with important information which could harm the company. Now, as for port scans, they are just plain bad news period. Why, because hackers or security protocols might not be good enough to catch a person who is attempting to break into a network. Since, it can be very difficult to do and even if you do catch the person who hacked your domain could have sold it to someone for large amounts of money. Next, you wondering if ping sweeps or port scans can be bad for the company that you own. Ping sweeps, I don't think they can hurt the company based on the information I provided for. I see them as very benefical and that if some thing should go wrong the IT Department can fix without it bringing down the network. As for port scans, that could corrupt the company fast because a hacker could steal the information from this company and make it fail. So sir, in my honest opinion ramp the security enough so you don't have to worry about port scans but not high enough so the IT department can't run a ping sweep. Finally, I have showed what ping sweeps are, what they are and how they work. I covered what port scans are, how they work and some of the different types of port scans. I also covered, my personal opinion of port scans and and ping sweeps and finally, I told you if you should be worried about these for your company.

References
1. Conklin, Wm. Arthur (2010). Principles of Computer Security: Security+ and Beyond [2] (VitalSource Bookshelf), Retrieved from http://online.vitalsource.com/books/0073398756/1/18
2. What is ping sweep (ICMP sweep)? - Definition from WhatIs.com. (n.d.). Midmarket CIO information, news and tips - SearchCIO-Midmarket.com. Retrieved November 4, 2012, from http://searchcio-midmarket.techtarget.com/definition/ping-sweep
3. What is port scan? - Definition from WhatIs.com. (n.d.). Midmarket IT Security information, news and tips - SearchMidmarketSecurity.com. Retrieved November 4, 2012, from http://searchmidmarketsecurity.techtarget.com/definition/port-scan

Similar Documents

Premium Essay

Sec280 Week 1

...Week 1 Boss, Regarding your recent inquiry regarding ping sweeps and port scans, I wanted to provide some information to assuage any apprehension you may have had regarding the subject. Port scans and ping sweeps are common networking tools used by admins to perform common functions, such as checking to see if a server is running a particular service or if a desktop is on to receive an important update. It is also true that this same functionality can provide information to hackers who may use it for nefarious purposes, but you will see why that is less of a concern than it may seem. Port scans, like I stated earlier, are used to discover what services are running on a target machine. Each service offered by our servers makes use of “ports” by which TCP/IP requests are sent; for example our company’s website accepts connections on port 80. Hackers use this information to determine what types of vulnerabilities they can make use of, which is why we only leave the ports we are using open, so that there are no unnecessary openings. Additionally, because the majority of our network is inaccessible to the outside world a hacker would already need to be inside our network to gain access to any of the critical systems. Ping sweeps are often used in conjunction with Port scans in a similar discovery process. Ping sweeps instead are used to see what targets are available on the network. For instance, we may be on a 192.168.1.0 vlan with only a dozen or so machines. Typically the...

Words: 406 - Pages: 2

Premium Essay

Case Study: Creating an Ids Policy.

...SEC280 Week 6 Assignment – Joseph Ercole Case Study: Creating an IDS Policy. As the need to secure corporate networks continually increases, the task of ensuring the security of sensitive company data so that it is not compromised becomes increasingly difficult with each day. Gem Infosys, a small software company, has decided to secure their computer systems. The organization uses ten PCs and a broadband connection to the Internet. The management at Gem needs to formulate an IDS policy. We need to identify the steps to be performed when formulating the IDS policy. One of the best ways to protect company networks and data from attackers is to have an Intrusion Detection System in place. Today, IDS’s are an integral part of many organizations’ network infrastructure. But having the IDS in place and not understanding why it’s in place, how it works or who will deploy and run it or how to respond in the event of an attack is counter-productive to its existence. This is why we need to formulate the IDS policy. Before the IDS is deployed, we will create a basic outline of what we are trying to accomplish with the IDS and from there, devise a strategy. So, what are we protecting the network from and how strict will we make accessibility? Sometimes beginning with the end in mind is a good way to execute the first step of any plan or strategy. Knowing how tightly or loosely you want to allow traffic to flow on the network in order to have better control over it is a good start. We...

Words: 831 - Pages: 4

Premium Essay

Sec280 Week 6 Case Study

...SEC280 Week 6 Case Study Gem Infosys, a small software company, has decided to better secure its computer systems after a malware attack shut down its network operations for 2 full days. The organization uses a firewall, three file servers, two Web servers, one Windows 2008 Active Directory server for user access and authentication, ten PCs, and a broadband connection to the Internet. The management at Gem needs you to formulate an incident-response policy to reduce network down time if future incidents occur. Develop an incident-response policy that covers the development of an incident-response team, disaster-recovery processes, and business-continuity planning. Gem Infosys Incident Response Policy To ensure timely response to a network disruption, an Incident Response Team has been formed. This team comprises contacts in several departments throughout the organization. The following policy outlines who to contact and what steps to take in case of an incident involving network related tasks. Incident Response Team Contacts DUTIES TEAM MEMBERS EXTENSION Team Lead Edward Einright 7001 Network Analysts Dave Firuzio 7002 Paul Gerschadt 7003 Security Analysts Rob Jensen 7004 Natalie Pierson 7005 Legal Affairs Frank Saddich 7006 Public Affairs Michelle Davenport 7007 Duties Team members will establish and implement policies in the following areas: a) Worm response procedure b) Virus response procedure c)...

Words: 870 - Pages: 4

Premium Essay

Sec280

...SEC280 | Week 1 | Case study on Port scans & sweeps | | Jared's | 11/3/2012 | Brief description of what they are and are they dangerous to company! | To answer the main questions for the concerns of our network, NO. These items that have been heard about do not require immediate attention as they are considered normal. We are protected behind our firewall as well as if the employees do as asked at the end of their shift, we will have absolutely nothing to worry about. As more in likely that situation was handled when we brought the network online. Here is a brief rundown on your concerned areas: Ping Sweeps and Port Scans are the two most common network probes that serve as important clues in sensing invasions or intrusions that can harm any type of network. Network probes are not actual intrusions, although, they could be potential causes of actual intrusions. Port scans and ping sweeps can lead to an intrusion of companies’ network system, however, with today’s technological advancements, these activities can be detected and prevented. Ping Sweeps; Ping sweeps are a set of ICMP Echo packets that are sent out to network of computers, actually a range of IP addresses, to see if there are any responses. As an intruder sends out the ping sweeps, he looks for responses so he can figure out which machines he can attack. “Note that there are legitimate reasons for performing ping sweeps on a network—a network administrator may be trying to find out which...

Words: 1129 - Pages: 5