Security Vulnerability test - vulnerability scanning


 Network Scanning 

Describe the test and purpose of the test? 

Network scanning refers to the use of a computer network to gather information regarding computing systems. Network scanning is mainly used for security assessment, system maintenance, and also for performing attacks by hackers.

the purpose of network scanning is: 
  • Recognize filtering systems between the user and the targeted host
  • Reduces the fallout from security breaches, including legal action that can steal your private information. 
  • to prevent malicious attack  

Discuss how it works?
Methods of Port Scanning
Refers to the process of sending packets to specific ports on a host and analyzing the responses to learn details about its running services or locate potential vulnerabilities.

Once available hosts on a network have been found via networking scanning, port scanning can be used to discover the services in use on specific ports. In general, port scanning attempts to classify ports into one of three classification:
·         Open: the destination responds with a packet indicating it is listening on that port, which also indicates that whatever service was used for the scan (commonly TCP or UDP) is in use as well

 open means that an application on the target machine is listening for connections/packets
·         Closed: the destination received the request packet but responds with a reply indicating that there is no service listening at the port
·         Filtered: the port might be open, but the packet has been filtered out by a firewall and dropped, so no reply is received
filtered means Allowing or blocking network packets into or out of a device or the network

When a hacker probes your system with a port scan attack, each port will react one of three ways: it will respond as “open” or “closed,” or it won’t respond at all. An open, or “listening,” port will respond to the port scan’s request, alerting the hacker that your device is on the other end. A closed port will respond as well, but it will deny the request. Unfortunately, even a denied request reveals that there’s a device behind the scanned IP address.
If a port doesn’t respond at all, it means it’s block by a firewall However, blocked ports actually violate the TCP/IP rules of conduct, so your firewall may not block every port on your device. Instead, it will set some ports to “closed” instead, which means a scan could still detect the device.
Some firewalls, on the other hand, now use “adaptive behavior,” meaning they’ll block open and closed ports if a suspect IP address is probing them. These firewalls can also be configured to alert admins if they detect connection requests across many ports from only one host. However, even adaptive firewalls aren’t a perfect defense against port scans, as hackers can conduct scans in “strobe” or “stealth” mode. Strobe mode means that they scan a small number of ports at a time, while stealth mode means they can scan the ports over a longer period. These tactics reduce the chance that the firewall will detect the scan or trigger an alert.
discuss solution 


















https://www.youtube.com/watch?v=R5nA_W6dhfo

https://www.youtube.com/watch?v=orSl_UMbbS0

https://www.extrahop.com/company/blog/2016/how-to-recognize-malicious-network-scanning-port-scanning/

https://www.varonis.com/blog/port-scanning-techniques/









https://www.techopedia.com/7/31171/networking/ip-addressing/how-does-network-scanning-work
https://www.swascan.com/swascan-network-scanning/
https://www.techopedia.com/definition/16124/network-scanning


Comments

Post a Comment

Popular posts from this blog

WD&D (DNS)

Image
1. what is domain names is the website name that address website to access by user use to find and identify website no two website can have same domain name example: facebook.com 2. what is DNS services a phone book of the internet manage, maintain and process DN and their combine record DNS translate DN onto IP address so browser can load the resource on the internet 3. communication protocol to access a website http - (Hyper Text Transfer Protocol) used for transmitting web-page information such as text, graphic image, sound, video and other multimedia files on the WWW. https://techterms.com/definition/http ftp - File Transfer Protocol protocol is a system of rules that network computer use to communicate with one another. use to transfer files between computer on the internet. let user upload and download files https  - hyper text transfer protocol secure secure way to send data between a web server and web browser. (scocn) example of program that use htt
Read more

kclothings.org

Image
ISP - Telbru $100 per year https://www.telbru.com.bn/feesandcharges/index.php?= Domain name -  kclothings.store https://namechk.com/ website hosting - price- $7.50 BND website management - CMS, choose 1 picture and reason for choosing https://www.beewits.com/free-cms-alternatives-to-wordpress/ https://magento.com/ Magento   support various layouts, which you can choose when you are in the Design part of creating a new page.
Read more

WDD-LO1-server

explain what is a server?  a server store information or resource that will be manage over the internet provide data to other computers identify different web browser?  google chrome, internet explore, opera mini, safari, Firefox and etc. give the purpose of each of the identified server: 1. application server : server that is design to install, operate and host program and associated service for end user, IT service and organizations. 2. proxy server:  it act as a getaway between computer and the internet. to secure data it hide user real IP address from the rest of the world. 3. blade server  used in data center to save space and improve system management. 4. mail server:  it act as virtual post office  store incoming mail and sends out outgoing mail  application that receive and forward email. send and receive email using standard protocol such as SMTP and POP3 5. virtual server  shares hardware and software resources with other operating systems (OS), ve
Read more