2 cissp ® Official Study Guide Eighth Edition



Download 19,3 Mb.
Pdf ko'rish
bet874/881
Sana08.04.2023
Hajmi19,3 Mb.
#925879
1   ...   870   871   872   873   874   875   876   877   ...   881
Bog'liq
(CISSP) Mike Chapple, James Michael Stewart, Darril Gibson - CISSP Official Study Guide-Sybex (2018)

IP Probes 
IP probes
(also called
IP sweeps
or
ping sweeps
) are often the fi rst type of network recon-
naissance carried out against a targeted network. With this technique, automated tools 
simply attempt to ping each address in a range. Systems that respond to the ping request 
are logged for further analysis. Addresses that do not produce a response are assumed to be 
unused and are ignored. 
The Nmap tool is one of the most common tools used to perform both IP 
probes and port scans. It’s available for free download from
www.nmap.org
 .
IP probes are extremely prevalent on the internet today. Indeed, if you confi gure a sys-
tem with a public IP address and connect it to the internet, you’ll probably receive at least 
one IP probe within hours of booting up. The widespread use of this technique makes a 
strong case for disabling ping functionality, at least for users external to a network.
Port Scans 
After an attacker performs an IP probe, they are left with a list of active systems on a given 
network. The next task is to select one or more systems to target with additional attacks. 

Masquerading Attacks 
941
Often, attackers have a type of target in mind; web servers, file servers, and other servers 
supporting critical operations are prime targets.
To narrow down their search, attackers use 
port scan
software to probe all the active 
systems on a network and determine what public services are running on each machine. For 
example, if the attacker wants to target a web server, they might run a port scan to locate 
any systems with a service running on port 80, the default port for Hypertext Transfer 
Protocol (HTTP) services. Administrators should use this information to disable unneces-
sary services on systems under their control. This reduces the attack surface of the system
making it more difficult for an attacker to find a foothold from which to begin an attack.

Download 19,3 Mb.

Do'stlaringiz bilan baham:
1   ...   870   871   872   873   874   875   876   877   ...   881



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2025
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish