Principles of Information Security Assignment 1

My boss is inquiring about "nefarious" computer activities that may affect the company. Two of these activities include ping sweeps and port scans. While it is true that hackers can use these activities nefariously. The activities themselves are nothing but tools. Like any tool, it depends on how it is used that determines whether or not it is a nefarious activity.

A ping sweep, or IMCP sweep, by definition, is a basic network scanning technique used to determine which of a range of IP addresses map to live hosts. A simpler way to put it would be a ping that's broadcast to a specified range of different IP addresses. The sweep sees which IP addresses are in use because an active IP address will respond just like a normal ping. This is used to find unused IP addresses at a faster rate. A hacker can use a ping sweep in the same manner to determine what IP addresses are used in order to further gain access to the network (Rouse, 2005).

IMCP, or Internet Control Message Protocol, is one way that hackers have been able to use ping sweeps to their advantage. One of the main reasons why is because IMCP is trusted, meaning it can bypass authenication. Due to this nature, hackers were able to use IMCP to properly locate network devices and attack (Chappell, 2003). Fortunately, administrators can block ICMP ECHO requests from outside the network, eliminating this threat (Rouse, 2005).

A port scan is a series of messages sent by someone attempting to break into a computer to learn which computer network services, each associated with a "well-known" port number, the computer provides. While still a tool, port scanning is more commonly known to be used by hackers and it works similiar to a ping sweep, only instead locates active ports. These ports can then be assessed and probed for weaknesses (Rouse, 2005).

Rouse, M. Ping Sweep (ICMP sweep) SearchNetworking.

Retrieved from http://searchnetworking.techtarget.com/definition/ping-sweep-ICMP-sweep

Chappell,...