Server Administration
  Home arrow Server Administration arrow Page 4 - IP Network Scanning and Security Recon...
Codewalker Forums 
  Tutorials  
Database Articles  
Miscellaneous  
Navigation Usability  
PEAR Articles  
Programming Basics  
Server Administration  
XML Tutorials  
  Reviews  
Database Book Reviews  
Linux Book Reviews  
Miscellaneous Reviews  
PHP Book Reviews  
PHP Software Reviews  
Server Admin Reviews  
SQL Tool Reviews  
  Code Gallery  
Content Management Code  
Contest Code  
Counters Code  
Database Code  
Date Time Code  
Discussion Board Code  
Email Code  
File Manipulation Code  
GUI Code  
Link Farm Code  
Miscellaneous Code  
Search Code  
Site Navigation Code  
User Management Code  
Mobile Linux 
App Generation ROI 
IBM® developerWorks 
Download TestComplete 
Forums Sitemap 
Weekly Newsletter 
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid 
Request Media Kit
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
SERVER ADMINISTRATION

IP Network Scanning and Security Reconnaissance
By: Joe Eitel
  • Search For More Articles!
  • Disclaimer
  • Author Terms
    		•
    Rating: 5 stars5 stars5 stars5 stars5 stars / 1
    2008-08-13

    Table of Contents:
  • IP Network Scanning and Security Reconnaissance
  • Port Scanning
  • Reconnaissance
  • Security
    		•

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
    		 
     
    ADVERTISEMENT

    IP Network Scanning and Security Reconnaissance - Security
    (Page 4 of 4 )

    Rather than addressing each security concern as it arises, network security analysts have developed a method of beating intruders before they have even started. This method, anti-reconnaissance, blocks hackers at the very first stage by nullifying the effects of port scanning. Through use of proxies, firewalls, and other more recent technologies, security analysts are able to obfuscate data being sent to hackers in such a way that it is virtually impossible to gain access to any network, secured or not.

    There are two forms of anti-reconnaissance: active and passive. The active variety identifies port scanning activities which could potentially be indicative of an intrusion attempt. Once it has identified these scans, it can either outright block them or send false data that will mislead a hacker. The passive kind randomizes the data which is returned from a port scan. This is a much simpler implementation, and is almost as effective as active anti-reconnaissance.

    The chance that a single computer has the security issue a hacker is searching for is very low; a hacker may need a list of thousands of computers to find a single vulnerable one. If such a small fraction as 20 out of 1000 computers is falsely reporting that it is open to attack, a hacker will have to waste the time to go through frustrated hacking attempts on all of these computers before he or she finds a computer that really is vulnerable. They may not even be able to find a truly vulnerable one, if that one happens to be running anti-reconnaissance and falsely indicates that it is not vulnerable.

    In essence, anti-reconnaissance effectively nullifies the effects of reconnaissance, the primary method by which hackers collect the information necessary for their exploits. The technology has developed quickly to allow security analysts the opportunity to efficiently and effectively prevent all forms of network intrusion.

    There are now numerous tools on the market that will allow you to analyze the security of your network. Many will also provide information and advice on how to raise that security. The effectiveness of each tool varies by the situation, and no one tool is the best for every facet of your security. If you are looking for some utilities to start with, you can look into Nmap, Nessus, or SAINT.


    DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.


     
    >>> Be the FIRST to comment on this article!

    SERVER ADMINISTRATION ARTICLES

    - Processes in the UNIX Shell
    - Migrating from Windows to Wine
    - Wine: Not Another Emulator
    - Preventive Measures to Block SSH Attacks
    - Monitoring Temperatures with Cacti
    - Cacti: RRDTool-based Graphing Solution
    - Network Magic 5.0 Review
    - Netfilter and Iptables Overview
    - Installing and Configuring Squid
    - Clickfree PC Backup Systems Compared
    - Squid, the Caching Proxy
    - Regular Expressions in the Unix Shell
    - Source Code Version Control Solutions
    - OTRS: Open Source Ticket Request System
    - Clonezilla: Free Mass Disk-Cloning Utility
    Find More Server Administration Articles




    © 2003-2009 by Developer Shed. All rights reserved. DS Cluster 2 Hosted by Hostway
    For more Enterprise Application Development news, visit eWeek