IP Network Scanning and Security Reconnaissance - Reconnaissance
(Page 3 of 4 )
Network reconnaissance is the process by which a potential intruder will gain all of the information they need to know about your network. Reconnaissance uses the basic technology of port scanning to quickly gain detailed information about—potentially—thousands of computers. Typically, a hacker will perform scans on specific ports in the hope that they will find an open port which corresponds with a security issue of which they are aware.
Once the intruder has identified a computer with the ports they desire open, they are capable of gaining even more information about that computer. Through the lightning fast communication of several packets, the intruder can determine your operating system and what application is using the ports that are open. They can also find the patch information for the OS and application, which will enable them to know whether the security exploit they are knowledgeable of exists or has been fixed. In a matter of minutes, a hacker can scan through a massive list of computers, identify computers running the program they are looking for, and ascertain that the program is the correct version.
Reconnaissance also allows a hacker to gain access to an even greater list of computers which are potential targets. By targeting a large network, an intruder can locate sub-networks with even more computers on them. If the wrong person comes across a large unsecured network, they could find themselves with a list of thousands of computers which are all potentially susceptible to whatever type of cyber crime they wish to commit.
Hackers have also developed a method for performing reconnaissance in such a way that they do not even have to work for it. Be developing a program called a “worm,” hackers can force susceptible computers to do their bidding and scan through networks to find more susceptible computers. This viral tactic can potentially grant a hacker access to millions of computers.
