Network Security Tools: Nmap and Metasploit
Added on 2023-06-04
9 Pages1824 Words206 Views
Network Security 1
[Name]
[Institution]
[Name]
[Institution]
Introduction
Network security is a critical component of any firm, especially with the rising incidences of
cyber espionage. Deploying and maintaining the best security exposure requires that a firm
understands vulnerabilities that can be exploited on its network, and take mitigation measures
to avoid being a victim of a cyber attack. To understand how well a network and computers
on the network are secured, it is important to carry out security scans - at a minimum - or a
full penetration testing.
A number of tools can be used to scan a network for vulnerabilities. Key among them
include; Open VAS,TCPdump, Metasploit, Nmap, PRTG and GFI LanGuard. For this
assignment, the tools of choice are Metasploit and Nmap.
Nmap or Network Mapper is a tool for network scanning; a process that entails discovery of
active hosts on a given network, as well as information about the given hosts [1]. NMAP
scans a network and builds a map of the network, informing on active hosts, operating system
running on the hosts, active ports , applications and services. Nmap maps out a network by
sending out well crafted packets to the host, and depending on the responses, the tool can tell
the active hosts [1]. The tool provides 4 basic scanning facilities; Network Mapping, Port
Scanning, Service and Version Detection and OS Detection. Additionally, the tool can be
extended to perform advanced network scanning such as evading firewalls and perimeter
defences, vulnerability detection, masking the origin of the scan and timed scans which
enable stealthy scans [1].
Information obtained through Nmap, such as open ports is used to launch attacks through the
openings. For the case where Nmap reports on software versions running on a host, the
information can be used to look for specific vulnerabilities for the given software version.
Metasploit is a tool for scanning a network or host for security vulnerabilities [2]. The tool
comes bundled with the ability to scan for vulnerabilities, exploits that can be used to
compromise the vulnerabilities, payloads for the exploits, encoders and auxiliary modules [2].
The exploits are OS and application specific, thus when a scan finds an application with a
known vulnerability, it can easily be exploited using the bundled exploits and payload [2].
Network security is a critical component of any firm, especially with the rising incidences of
cyber espionage. Deploying and maintaining the best security exposure requires that a firm
understands vulnerabilities that can be exploited on its network, and take mitigation measures
to avoid being a victim of a cyber attack. To understand how well a network and computers
on the network are secured, it is important to carry out security scans - at a minimum - or a
full penetration testing.
A number of tools can be used to scan a network for vulnerabilities. Key among them
include; Open VAS,TCPdump, Metasploit, Nmap, PRTG and GFI LanGuard. For this
assignment, the tools of choice are Metasploit and Nmap.
Nmap or Network Mapper is a tool for network scanning; a process that entails discovery of
active hosts on a given network, as well as information about the given hosts [1]. NMAP
scans a network and builds a map of the network, informing on active hosts, operating system
running on the hosts, active ports , applications and services. Nmap maps out a network by
sending out well crafted packets to the host, and depending on the responses, the tool can tell
the active hosts [1]. The tool provides 4 basic scanning facilities; Network Mapping, Port
Scanning, Service and Version Detection and OS Detection. Additionally, the tool can be
extended to perform advanced network scanning such as evading firewalls and perimeter
defences, vulnerability detection, masking the origin of the scan and timed scans which
enable stealthy scans [1].
Information obtained through Nmap, such as open ports is used to launch attacks through the
openings. For the case where Nmap reports on software versions running on a host, the
information can be used to look for specific vulnerabilities for the given software version.
Metasploit is a tool for scanning a network or host for security vulnerabilities [2]. The tool
comes bundled with the ability to scan for vulnerabilities, exploits that can be used to
compromise the vulnerabilities, payloads for the exploits, encoders and auxiliary modules [2].
The exploits are OS and application specific, thus when a scan finds an application with a
known vulnerability, it can easily be exploited using the bundled exploits and payload [2].
Literature Review
Network security attacks can be devastating to an organization, business or even a
government. Recent attacks, such as the hack on Sony Systems, attacks on Equifax - an
American credit company [3], and Ashley Madison just shows how devastating an attack can
be. In all the attacks, the hacking follows four critical steps, as outline in [4] ;
Figure 1.0 Steps in carrying out a cyber attack. [4]
Reconnaissance or Information gathering is the first stage of an attack, and is the subject of
this paper. An attacker gathers information through scanning the target, Enumerating the
services and foot printing the victim [5]. Information gathering helps in identifying network
vulnerabilities can be exploited on the target network or system. The attacker understands the
attack environment by getting information about ports, machines on the network, services
running, operating systems among other.
After gathering sufficient information, and depending on the nature of vulnerability, an
attacker can launch an attack through a number of attack vectors. The most common attack
types as outline in [6] includes; Denial-of-Service Attack, Intrusion, Virus, Worms, Trojans,
Buffer Overflow attacks, Advanced Persistent Threats, Eavesdropping and Traffic analysis
attacks.
With intrusion attacks, a hacker tries to gain unauthorized access to a computing resource, to
access or manipulate information [7]. With DoS attacks, the target is flooded with too many
bogus requests, from other compromised hosts, to take up computing resources, thus starving
genuine requests and rendering the network or computer unusable [7]. Viruses and Worms on
Network security attacks can be devastating to an organization, business or even a
government. Recent attacks, such as the hack on Sony Systems, attacks on Equifax - an
American credit company [3], and Ashley Madison just shows how devastating an attack can
be. In all the attacks, the hacking follows four critical steps, as outline in [4] ;
Figure 1.0 Steps in carrying out a cyber attack. [4]
Reconnaissance or Information gathering is the first stage of an attack, and is the subject of
this paper. An attacker gathers information through scanning the target, Enumerating the
services and foot printing the victim [5]. Information gathering helps in identifying network
vulnerabilities can be exploited on the target network or system. The attacker understands the
attack environment by getting information about ports, machines on the network, services
running, operating systems among other.
After gathering sufficient information, and depending on the nature of vulnerability, an
attacker can launch an attack through a number of attack vectors. The most common attack
types as outline in [6] includes; Denial-of-Service Attack, Intrusion, Virus, Worms, Trojans,
Buffer Overflow attacks, Advanced Persistent Threats, Eavesdropping and Traffic analysis
attacks.
With intrusion attacks, a hacker tries to gain unauthorized access to a computing resource, to
access or manipulate information [7]. With DoS attacks, the target is flooded with too many
bogus requests, from other compromised hosts, to take up computing resources, thus starving
genuine requests and rendering the network or computer unusable [7]. Viruses and Worms on
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Identification of Threats using Nmap and Metasploit Network Security Toolslg...
|9
|1788
|54
Overview of Network Securitylg...
|11
|1474
|434
Penetration Testing and Intrusion Detection Name of the University Authorlg...
|57
|5094
|316
Network Vulnerability And Cyber Securitylg...
|15
|1453
|15
Metasploit Framework Assignment PDFlg...
|26
|1193
|325
Cyber Security - Assignment PDFlg...
|8
|2242
|71