Network Security Tools and Threats
VerifiedAdded on 2020/02/24
|7
|1141
|38
AI Summary
This assignment delves into the world of network security tools, focusing on vulnerability scanning and its role in safeguarding networks against attacks. It outlines various common threats like packet replay, modification, spoofing, and social engineering, emphasizing the importance of robust security measures. The discussion highlights Nessus as a powerful vulnerability scanner and provides practical steps for its installation and configuration.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
1
NETWORK SECURITY TOOLS
Demonstration of a network security tools
NETWORK SECURITY TOOLS
Demonstration of a network security tools
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
2
NETWORK SECURITY TOOLS
Abstract
Network security vulnerability scanning is the automated process identifying any security
vulnerabilities occurring in a network and determining whether the system can be threatened o
exploited by a person with no authority at any point on the system. If and where a system can be
exploited and threatened. Public servers assist in communication and transferring of data. These
public servers are however vulnerable to potentially harmful security issues and malicious
attacks. The vulnerability scan is employed to ensure such occurrences don’t happen and the
network system remains safe and in proper working condition. The vulnerability scanning
software checks for all security threats and compares them to the ones it has in a database and
gives a report which is usable by the individual or company to makes the security of its network
tighter. The most important function of the vulnerability scanner is to scan systems that have an
internet connection. It is also possible to audit a company's internal network and detect any
malicious software and suspicious employees in the enterprise.
NETWORK SECURITY TOOLS
Abstract
Network security vulnerability scanning is the automated process identifying any security
vulnerabilities occurring in a network and determining whether the system can be threatened o
exploited by a person with no authority at any point on the system. If and where a system can be
exploited and threatened. Public servers assist in communication and transferring of data. These
public servers are however vulnerable to potentially harmful security issues and malicious
attacks. The vulnerability scan is employed to ensure such occurrences don’t happen and the
network system remains safe and in proper working condition. The vulnerability scanning
software checks for all security threats and compares them to the ones it has in a database and
gives a report which is usable by the individual or company to makes the security of its network
tighter. The most important function of the vulnerability scanner is to scan systems that have an
internet connection. It is also possible to audit a company's internal network and detect any
malicious software and suspicious employees in the enterprise.
3
NETWORK SECURITY TOOLS
Common threats and attacks on networked Information Systems.
Information systems need to be secure to prevent intrusion and malicious use of software
that may cause them harm. There are many ways intruder tries to get into the system for different
reasons. The most common threats and attacks include Packet replay, Packet modification,
Internet Protocol spoofing and Mail bombing.
Impersonation is when a sender of an email creates a fake return address [1]. It happens
when somebody manually modifies a moving header or the sender automatically connect them to
an SMTP port on the receiving node.
Eavesdropping occurs when Email headers and contents are sent without first being
encrypted. This makes it possible for the contents to be altered before arriving at the receiver or
modification is done on the header changing or hiding the sender. A hacker will thereby manage
to make a fake activity flow of the network. It will help them access sensitive information such
as passwords and other relevant data.
Packet modification is another vulnerability involving modification and interception of a
package by a system that was not the designated receiver [2]. The packet information required
may also get damaged due to the modification.
Packet replay works by recording and retransmitting message packets in a given network.
It affects all programs that need sequences to be authenticated and allows intruders to replay the
fake authentication sequences and manage to gain access to the attacked system.
Another common attack is an intrusion. It happens when a hacker uses their means, e.g.,
cracking tools and gains access to a system [2]. The use of a vulnerability tool would help the
technicians note any intrusion occurring in the network system.
Social engineering, another possible attack is employed by both outsiders and people
working inside the organization since it collaborates with the help of the user. The user gets
tricked to a level of revealing their security information, e.g., passwords which then used for the
malicious purpose. The best solution to social engineering is educating the users and ensuring
there are kept well aware of such tricks.
NETWORK SECURITY TOOLS
Common threats and attacks on networked Information Systems.
Information systems need to be secure to prevent intrusion and malicious use of software
that may cause them harm. There are many ways intruder tries to get into the system for different
reasons. The most common threats and attacks include Packet replay, Packet modification,
Internet Protocol spoofing and Mail bombing.
Impersonation is when a sender of an email creates a fake return address [1]. It happens
when somebody manually modifies a moving header or the sender automatically connect them to
an SMTP port on the receiving node.
Eavesdropping occurs when Email headers and contents are sent without first being
encrypted. This makes it possible for the contents to be altered before arriving at the receiver or
modification is done on the header changing or hiding the sender. A hacker will thereby manage
to make a fake activity flow of the network. It will help them access sensitive information such
as passwords and other relevant data.
Packet modification is another vulnerability involving modification and interception of a
package by a system that was not the designated receiver [2]. The packet information required
may also get damaged due to the modification.
Packet replay works by recording and retransmitting message packets in a given network.
It affects all programs that need sequences to be authenticated and allows intruders to replay the
fake authentication sequences and manage to gain access to the attacked system.
Another common attack is an intrusion. It happens when a hacker uses their means, e.g.,
cracking tools and gains access to a system [2]. The use of a vulnerability tool would help the
technicians note any intrusion occurring in the network system.
Social engineering, another possible attack is employed by both outsiders and people
working inside the organization since it collaborates with the help of the user. The user gets
tricked to a level of revealing their security information, e.g., passwords which then used for the
malicious purpose. The best solution to social engineering is educating the users and ensuring
there are kept well aware of such tricks.
4
NETWORK SECURITY TOOLS
A network can also get spoofed where a computer system will impersonate another
system already in the company's network system. The spoofing system will then receive all the
intended information just like it was the intended receiver.
Viruses are also used by attackers to break into network systems and to gain access to
information which they could have otherwise been denied [1]. It is done by developing malicious
codes and spreading them by ordinary means such as emails to the system they want to harm.
Password cracking is another threat that attackers use to gain access surreptitiously just
like the permitted user. It can be easily avoided if the users use passwords that cannot be easily
guessed or weak. A password cracker uses their knowledge of the user as a tool to predict the
password a user could be using and gain access to the network system comfortably like them.
Most of the vulnerabilities can be avoided and controlled by use of a vulnerability
detection tool. Nessus is one of the most modern and capable vulnerability scanners which
originally was built for UNIX systems as an open source software [1]. Nessus has a Tenable
Network Security that does the vulnerability checks and produces results in various formats [1].
It will help in detecting and controlling access to the network system by any intruder and deny
service to any malformed packets which may otherwise be used by the intruder.
To download and install Nessus, visit Nessus website here to get the installer package
and the installation guide. After successful download, click the installer to start installation. After
the steps provided in the page above, the installer will lead you to the Ready to Install the
Program screen, select the Install button [7]. After successful installation, go to settings and
NETWORK SECURITY TOOLS
A network can also get spoofed where a computer system will impersonate another
system already in the company's network system. The spoofing system will then receive all the
intended information just like it was the intended receiver.
Viruses are also used by attackers to break into network systems and to gain access to
information which they could have otherwise been denied [1]. It is done by developing malicious
codes and spreading them by ordinary means such as emails to the system they want to harm.
Password cracking is another threat that attackers use to gain access surreptitiously just
like the permitted user. It can be easily avoided if the users use passwords that cannot be easily
guessed or weak. A password cracker uses their knowledge of the user as a tool to predict the
password a user could be using and gain access to the network system comfortably like them.
Most of the vulnerabilities can be avoided and controlled by use of a vulnerability
detection tool. Nessus is one of the most modern and capable vulnerability scanners which
originally was built for UNIX systems as an open source software [1]. Nessus has a Tenable
Network Security that does the vulnerability checks and produces results in various formats [1].
It will help in detecting and controlling access to the network system by any intruder and deny
service to any malformed packets which may otherwise be used by the intruder.
To download and install Nessus, visit Nessus website here to get the installer package
and the installation guide. After successful download, click the installer to start installation. After
the steps provided in the page above, the installer will lead you to the Ready to Install the
Program screen, select the Install button [7]. After successful installation, go to settings and
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
5
NETWORK SECURITY TOOLS
configure the scanner as illustrated below.
Upon successful configuration, create a new user and specify the users’ role.
NETWORK SECURITY TOOLS
configure the scanner as illustrated below.
Upon successful configuration, create a new user and specify the users’ role.
6
NETWORK SECURITY TOOLS
References
[1] I. J. Douglas and P. J. Olson, Audit and control of computer networks, Manchester: NCC
Publications, 1986.
[2] C. M. Davis, M. Schiller and K. Wheeler, IT auditing : using controls to protect information
assets, Emeryville, Calif: McGraw-Hill/Osborne, 2011.
[3] U. S. D. o. H. S. O. o. I. General., Improved security required for Transportation Security
Administration networks, Washington, DC: U.S. Dept. of Homeland Security, Office of
Inspector General, 2011.
[4] G. E. Smith, Network auditing : a control assessment approach, New York : John Wiley,
1999.
[5] M. Carey, R. Rogers, P. Criscuolo and M. Petruzzi, Nessus network auditing, Burlington:
Syngress Publishing, Inc, 2008.
[6] R. Nieva, "Nessus security tool closes its source," 25 Augus 2017. [Online]. Available:
https://www.cnet.com/news/nessus-security-tool-closes-its-source/. [Accessed 26 08 2017].
[7] I. Tenable™, "Download Nessus," Nessus, [Online]. Available:
https://www.tenable.com/products/nessus/select-your-operating-system. [Accessed 29
August 2017].
NETWORK SECURITY TOOLS
References
[1] I. J. Douglas and P. J. Olson, Audit and control of computer networks, Manchester: NCC
Publications, 1986.
[2] C. M. Davis, M. Schiller and K. Wheeler, IT auditing : using controls to protect information
assets, Emeryville, Calif: McGraw-Hill/Osborne, 2011.
[3] U. S. D. o. H. S. O. o. I. General., Improved security required for Transportation Security
Administration networks, Washington, DC: U.S. Dept. of Homeland Security, Office of
Inspector General, 2011.
[4] G. E. Smith, Network auditing : a control assessment approach, New York : John Wiley,
1999.
[5] M. Carey, R. Rogers, P. Criscuolo and M. Petruzzi, Nessus network auditing, Burlington:
Syngress Publishing, Inc, 2008.
[6] R. Nieva, "Nessus security tool closes its source," 25 Augus 2017. [Online]. Available:
https://www.cnet.com/news/nessus-security-tool-closes-its-source/. [Accessed 26 08 2017].
[7] I. Tenable™, "Download Nessus," Nessus, [Online]. Available:
https://www.tenable.com/products/nessus/select-your-operating-system. [Accessed 29
August 2017].
7
NETWORK SECURITY TOOLS
NETWORK SECURITY TOOLS
1 out of 7
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.