Port Scans and Ping Sweeps: an Issue of Concern

Many companies depend on network communication. This high dependency leads to vulnerability in the information security of an organization. This has been caused by computer crimes such as a break into systems, code bypass, and cyber-terrorism. This insecurity threat to computer systems comes with impacts. This paper will look at what port scans and ping sweeps are. Their impact and if these activities should be an issue of concern to a company.

Port scans are a type of network. They are used by Intruders to break into systems. They use a port scan to hack into the unsuspecting host computer (McClure, Scambray & Kurtz, 2009: 54). They do this by planning an attack on the vulnerable services that they find. For instance, they may use port 143 if it is open; through this port, they can find the kind of version the host machine is running on. When the version is susceptible the intruder may gain access to the computer through the use of a program that penetrates the security hole (Teo, 2000).

The port scan is very easy to use to intrude on computers. The intruder only needs to connect a sequence of ports on a target machine to find the compatible one. The port scanner is easy to write by programmers using java (Teo, 2000).

On the contrary, the port scan can be detected easily on the operating system of the machine. Therefore intruders avoid doing a port scan as listing 1 shows all the current port scans. Due to this challenge, the hackers have come up with another sophisticated port scan known as half-open. This scan connects to a port and then shuts down immediately thus a full connection does not occur. Therefore the host machine cannot detect this intrusion. However, all is not lost as programs to detect the half-open have been created (Teo, 2000).

Pig sweeps are also network probes. In this probe, the hacker uses ICMP ECHO packets which are sent to a system of computers identified through the IP addresses and targets the ones that respond. Consequently, those that respond are a target for intrusion (McClure et al, 2009: 44; Teo, 2000).

The intruders use a tool called fping to carry out ping sweeps. The fping uses IP addresses to send ping packets. The fping sends ping packets faster to particular IP address lists when reading from a file unlike a normal ping (McClure et al, 2009: 45). Not only does the fping show computers that are responsive in a certain are but those that are out of reach.

The ping sweeps can be detected just like the port scans. A tool called Ippl is used. It is a logger for the IP protocol which logs UDP, ICMPA, and TCP. This tool sits at the back and looks out for a packet thus can detect ping sweeps. Moreover, there is another tool known as pingd. This tool uses ICMP traffic to detect sweep pigs at the host computer; it also utilizes TCP wrappers’ which allow only specific people to ping thus more control of intruders ping packets. This is done using TCP wrappers control files (/etc/hosts.allow and /etc/hosts.deny) (McClure et al, 2009:51; Teo, 2000).

Port scans and ping sweeps have an economic impact. Through these probes, the virus can be sent to computers. Therefore companies and other organizations incur extra costs to clean up their systems. During the cleanup, period revenue is lost and the productivity of the workers is impacted negatively. In addition, the company’s confidential information can be accessed by unauthorized persons who may give its competitors an undue advantage. If the company is involved in eCommerce it may lose money in case of credit card number theft or fraud. The customers may be discouraged from engaging in eCommerce.

This nefarious activity is something to worry about. It enables people to hack into information that they can use to cause harm to innocent people. Different people intrude on network systems for different reasons. For example, some do so to find information to embarrass others, disgruntled employees may use the information to get back at their employers for being fired, terrorists, to get information on the security of a certain country to plan for attacks. Due to some of the mentioned concerns about network probing more needs to be done to ensure that there is security in the network system by reducing the chances of hackers intruding on the systems.

Reference list

McClure S, Scambray, J. & Kurtz G. (2009). Hacking Exposed, Sixth Edition: Network Security SecretsAnd Solutions Issue 6 of Hacking Exposed Network Security Secrets & Solutions. New York: McGraw Hill Professional.

Teo, Lawrence (2000). Network Probes Explained: Understanding Port Scans and Ping Sweeps. Linux Journal. Web.

Find out your order's cost