• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month
Page
  1. 1
    1
  2. 2
    2
  3. 3
    3
  4. 4
    4
  5. 5
    5
  6. 6
    6
  7. 7
    7
  8. 8
    8
  9. 9
    9
  10. 10
    10
  11. 11
    11
  12. 12
    12
  13. 13
    13
  14. 14
    14
  15. 15
    15
  16. 16
    16
  17. 17
    17
  18. 18
    18
  19. 19
    19
  20. 20
    20
  21. 21
    21
  22. 22
    22
  23. 23
    23
  24. 24
    24
  25. 25
    25
  26. 26
    26
  27. 27
    27
  28. 28
    28
  29. 29
    29
  30. 30
    30
  31. 31
    31
  32. 32
    32
  33. 33
    33
  34. 34
    34
  35. 35
    35
  36. 36
    36
  37. 37
    37
  38. 38
    38
  39. 39
    39
  40. 40
    40
  41. 41
    41
  42. 42
    42
  43. 43
    43
  44. 44
    44
  45. 45
    45
  46. 46
    46
  47. 47
    47
  48. 48
    48
  49. 49
    49
  50. 50
    50
  51. 51
    51
  52. 52
    52

So in order to understand what the main areas where organisation should be aware of securing data, we should understand the terminologies like footprinting, scanning and enumeration

Extracts from this document...

Introduction

Introduction to assignment: This assignment is about exploring some of the network security issues in organisations. The information and data about any organisation is very important for them to be protect from outside real and cyber world. The information should be kept according to the standards of security so that it can be protected from hackers. So in order to understand what the main areas where organisation should be aware of securing data, we should understand the terminologies like footprinting, scanning and enumeration. These three terminologies can be called as three steps for hackers to explore the secrete information of an organisation. In this assignment we will get the basic understand of footprinting i.e. gathering information about organization's network, scanning ports and enumeration, the actual process of gaining information access of an organization. We will take 5 internet organizations and will test there networks via different softwares like Nmap, Nbrute, Sam Spade and many others. During testing we will follow a procedure which identifies the internal components of the examined websites from its webpages that are open to public using techniques like WHOIS, DNS, Interrogations and others. Also getting the range of IP addresses of network of that organization and the host machines that are active within an organisation. After getting the understandings of all the issues, we will suggest some hacking preventative measures, which can be used to protect the attack against footprinting, scanning and enumeration. At the end we will draw conclusions about the security of the scrutinised organizations. What is Hacking? (http://www.bookrags.com/sciences/computerscience [accessed 15 November 2005]) For years, "hacker" was a positive term that described computer enthusiasts who had a zeal for computer programming. Those who hacked took pride in their ability to write computer programs that stretched the capabilities of computer systems and find clever solutions to seemingly impossible problems. Although many computer enthusiasts still ascribe to this definition, the everyday usage of the word has changed significantly. ...read more.

Middle

The firewall then becomes a waypoint for further investigations. We try again to traceroute the same machine, this time we use a different traceroute- like probe using a different transport protocol. If we get a response we can conclude the following: * That particular traffic is allowed by the firewall * We know a host behind the firewall If we are continuously kept blocked by the ACL filters at out waypoint, we know that this kind of traffic is blocked. Trying to pass packets on all ports and protocols through the firewall and monitor the response, will produce the ACL. Sending packets to every host behind the packet-filtering device can generate an accurate map of a network's topology. 1. (http://gaia.ecs.csus.edu/~ghansahi/classes/notes/196n_at_def_notes/lectures/wk02.ppt [accessed 18 November 2005]) 2. (http://www.informit.com/index.asp [accessed 18 November 2005]) 3. (http://www.dirc.org.uk/publications/techreports/papers/5.pdf. [accessed 18 November 2005]) 4. (http://www.auditmypc.com/freescan/readingroom/port_scanning.asp [accessed 18 November 2005]) 5. (http://www.oreilly.com/catalog/networksa/chapter/ch04.pdf. [accessed 18 November 2005]) Enumeration Introduction: "From the results of port scanning, we gain a list of open ports on the target machines. An open port does not entirely indicate what listening service may be active. Ports below 1024 have been assigned to various services and if these are found open, they generally indicate the assigned service. Additionally, other applications have been run on certain ports for so long that they have become the de facto standard, such as port 65301 for pcAnywhere and 26000 for Quake. Of course system administrators can change the port a service runs on in an attempt to "hide it" (an example of security through obscurity). Therefore, we attempt to connect to the open port and grab a banner to verify the service running. Knowing which applications the target hosts are running goes a long way toward performing vulnerability analysis. Just as with knowing the OS, we can run the list of applications through the Internet and find a list of known vulnerabilities and exploits for these applications-again, often from the vendors themselves. ...read more.

Conclusion

mail:(shadmankhan@hotmail.com) +92.091-5825713 Khybersoft Technologies Technical Contactor: main boulevard gulberg Lahore PK 54570 name:(www khybersoft com) mail:(domains@webtechnos.net) +92.425757359 Webtechnos Billing Contactor: Khybersoft Technologies 1st floor PSTP PDA building Phase 5 hayatabad Phase 5 Peshawar 54570 name:(www khybersoft com) mail:(shadmankhan@hotmail.com) +92.425757359 Khybersoft Technologies From who is I came to know about the all its branches their address, email address of each administrator and their phone numbers. IP Block: ReferralServer: whois://whois.apnic.net NetRange: 202.0.0.0 - 203.255.255.255 CIDR: 202.0.0.0/7 NetName: APNIC-CIDR-BLK NetHandle: NET-202-0-0-0-1 DNC Checks: 11/22/02 02:41:35 dns www.khybersoft.com Canonical name: virtual-webdata-rwp.paknet.com.pk Aliases: www.khybersoft.com Addresses: 203.135.1.114 Now after having the IP Block I will scan the website through Super Scan for its Domain Names: I got following results from Super Scan SuperScan Report - 11/22/02 02:46:37 IP 203.135.2.176 Hostname [Unknown] UDP Ports (2) 1037 [Unknown] 2967 SSC-AGENT / Norton Antivirus UDP Port Banner Total hosts discovered 21 Total open TCP ports 0 Total open UDP ports 2 5) www.jang.com (News website) Whois: Domain Name.......... jang.com Creation Date........ 1996-05-18 Registration Date.... 2000-06-01 Expiry Date.......... 2006-05-19 Organisation Name.... NetIdentity Organisation Address. 5190 Neil Road Organisation Address. Ste 430 Organisation Address. Reno Organisation Address. 89502 Organisation Address. NV Organisation Address. UNITED STATES Admin Name........... Get YourName@ThisDomain as an email address from www.netidentity.com Admin Address........ 5190 Neil Road Admin Address........ Suite 430 Admin Address........ Reno Admin Address........ 89502 Admin Address........ NV Admin Address........ UNITED STATES Admin Email.......... postmaster@netidentity.com Admin Phone.......... +1.3034130011 Admin Fax............ Tech Name............ Get YourName@ThisDomain as an email address from www.netidentity.com Tech Address......... 5190 Neil Road Tech Address......... Suite 430 Tech Address......... Reno Tech Address......... 89502 Tech Address......... NV Tech Address......... UNITED STATES Tech Email........... postmaster@netidentity.com Tech Phone........... +1.3034130011 Name Server.......... ns1.mailbank.com Name Server.......... ns2.mailbank.com DNS checks: 11/22/02 02:55:27 dns www.jang.com Canonical name: www.jang.com Addresses: 216.10.106.149 IP Block: Net Range: 216.10.96.0 - 216.10.127.255 CIDR: 216.10.96.0/19 Net Name: ARIN-NAVISITE-1BLK Traceroute: I got following results from Super Scan SuperScan Report - 11/22/02 02:58:07 IP 216.10.101.2 Hostname sjzafrt0202-v100.sjz.navisite.net UDP Ports (1) 161 SNMP UDP Port Banner IP 216.10.101.4 Hostname sjzafrt02x2-v100.sjz.navisite. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our University Degree Computer Science section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related University Degree Computer Science essays

  1. Design a web based online Appointment System for vehicle service centres in town to ...

    (Steering, 2002) SUSPENSION- On the suspension system there are many moving parts, the main component of which is rubber that can dry out over a period of time and can crack and perish. In the worst situation the rubber components can split.

  2. Traffic Light Simulation and Machine Code Program.

    For example : The IBM PC VGA screen base address is B800:0000 followed by 4000 more bytes. Binary Base two numbers used by digital systems. Count with two symbols [ 0 1 ] Binary numbers are composed of noughts and ones.

  1. Computer Crime - Hacking

    Therefore we need to build newer and better versions of software to overcome the found flaws and bugs. If there is no hacking in the world, the technology won't have advanced to today's standard and we won't have the improvement in software and system that we have today.

  2. Information systems development literature review. Since the 1960s Methodologies, Frameworks, Approaches and CASE ...

    * Entity Life History (ELH) SSADM provides numerous advantages stated within an educational resource document identifying: * Excellent level of user involvement * Highly documented developments * Differenciation bewteen logical and physical components MIT Notes Home. (2007). Nevertheless disadvantages are identified "Large, complex and highly detailed methodologies such as SSADM are sometimes known as monolithic, making them less attractive for small scale projects.

  1. Executive Support Systems: Organizational Decisions Tool.

    When product demand changes, the executive can use the system to pinpoint cause & effect relationships, determine what changes should be made to their product and track the decision affecting the product.

  2. Lifecycle Management Of Information Technology Project In Construction

    We have argued that participant? con?truct their own mental view? of project (derived from the?e ?ingle-per?pective document?) with the low degree of integration between view?. A? an example, in ?ituation of change to intended u?e of ?ome building ?pace mentioned previou?ly, real world fully exhibit?

  1. This report will discuss the benefits and constraints of network systems and topologies.

    Switch?s-is a device that provides a central connection point for cables from terminals Routers- Routers are the traffic directors of the global internet. All routers maintain complex routing tables which allow them to determine appropriate paths for packets destined for any address.

  2. A basic RFID system consists of main two elements an interrogator and a transponder

    transponder tag broadcasting its signal only when its with in the range of the reader it conserve battery life. 1. Beacons There main use in real time location system, the beacons sends signal with a unique identifier at a pre set timing it can send the signal every frequent second

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work