...Dear Sir, It has come to to my attention that you are curious about ping sweeps, and port scans. In the next couple of paragraphs I will explain what each of them are. Next, I will also tell you about the different types of port scans. Then, I will go about explaining how they can impact the company. Next, I will tell you based on the information I provided to you if it is something you should be worried about. First, what is a ping sweep? A ping sweep can also be called an ICMP Sweep. ICMP stands for Internet Control Message Protocol, its primilarily designed to work with our companies operating system and send an error message indicating that a service request is not available. It also can also check and see if the computer's on a domain is not able to connect to the hub or router. Now, a ping sweep is essentially the computer sends a "ping" to a particular destination whether its the domains router, hub switch, etc.. Now, you maybe wondering what is a "ping" is. It is essentially an echo where a computer sends a message and sees if it gets anything back. And if it does it assigns the message back as a protocol number. Sir, there are different ways to perform a ping sweep, I can always go in the command prompt and type the following in; fping,gping and nmap, now I can only use this for the Unix operationg system and I can use pinger software for Windows operating system. You also need to be aware that when I send out a ping it sends out multiple pings to see if a message...
Words: 946 - Pages: 4
...SEC280 Week 6 Assignment – Joseph Ercole Case Study: Creating an IDS Policy. As the need to secure corporate networks continually increases, the task of ensuring the security of sensitive company data so that it is not compromised becomes increasingly difficult with each day. Gem Infosys, a small software company, has decided to secure their computer systems. The organization uses ten PCs and a broadband connection to the Internet. The management at Gem needs to formulate an IDS policy. We need to identify the steps to be performed when formulating the IDS policy. One of the best ways to protect company networks and data from attackers is to have an Intrusion Detection System in place. Today, IDS’s are an integral part of many organizations’ network infrastructure. But having the IDS in place and not understanding why it’s in place, how it works or who will deploy and run it or how to respond in the event of an attack is counter-productive to its existence. This is why we need to formulate the IDS policy. Before the IDS is deployed, we will create a basic outline of what we are trying to accomplish with the IDS and from there, devise a strategy. So, what are we protecting the network from and how strict will we make accessibility? Sometimes beginning with the end in mind is a good way to execute the first step of any plan or strategy. Knowing how tightly or loosely you want to allow traffic to flow on the network in order to have better control over it is a good start. We...
Words: 831 - Pages: 4
...SEC280 Week 6 Case Study Gem Infosys, a small software company, has decided to better secure its computer systems after a malware attack shut down its network operations for 2 full days. The organization uses a firewall, three file servers, two Web servers, one Windows 2008 Active Directory server for user access and authentication, ten PCs, and a broadband connection to the Internet. The management at Gem needs you to formulate an incident-response policy to reduce network down time if future incidents occur. Develop an incident-response policy that covers the development of an incident-response team, disaster-recovery processes, and business-continuity planning. Gem Infosys Incident Response Policy To ensure timely response to a network disruption, an Incident Response Team has been formed. This team comprises contacts in several departments throughout the organization. The following policy outlines who to contact and what steps to take in case of an incident involving network related tasks. Incident Response Team Contacts DUTIES TEAM MEMBERS EXTENSION Team Lead Edward Einright 7001 Network Analysts Dave Firuzio 7002 Paul Gerschadt 7003 Security Analysts Rob Jensen 7004 Natalie Pierson 7005 Legal Affairs Frank Saddich 7006 Public Affairs Michelle Davenport 7007 Duties Team members will establish and implement policies in the following areas: a) Worm response procedure b) Virus response procedure c)...
Words: 870 - Pages: 4
...SEC280 | Week 1 | Case study on Port scans & sweeps | | Jared's | 11/3/2012 | Brief description of what they are and are they dangerous to company! | To answer the main questions for the concerns of our network, NO. These items that have been heard about do not require immediate attention as they are considered normal. We are protected behind our firewall as well as if the employees do as asked at the end of their shift, we will have absolutely nothing to worry about. As more in likely that situation was handled when we brought the network online. Here is a brief rundown on your concerned areas: Ping Sweeps and Port Scans are the two most common network probes that serve as important clues in sensing invasions or intrusions that can harm any type of network. Network probes are not actual intrusions, although, they could be potential causes of actual intrusions. Port scans and ping sweeps can lead to an intrusion of companies’ network system, however, with today’s technological advancements, these activities can be detected and prevented. Ping Sweeps; Ping sweeps are a set of ICMP Echo packets that are sent out to network of computers, actually a range of IP addresses, to see if there are any responses. As an intruder sends out the ping sweeps, he looks for responses so he can figure out which machines he can attack. “Note that there are legitimate reasons for performing ping sweeps on a network—a network administrator may be trying to find out which...
Words: 1129 - Pages: 5