• Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month
Page
  1. 1
    1
  2. 2
    2
  3. 3
    3
  4. 4
    4
  5. 5
    5
  6. 6
    6
  7. 7
    7
  8. 8
    8
  9. 9
    9
  10. 10
    10
  11. 11
    11
  12. 12
    12
  13. 13
    13
  14. 14
    14
  15. 15
    15
  16. 16
    16
  17. 17
    17
  18. 18
    18
  19. 19
    19
  20. 20
    20
  21. 21
    21
  22. 22
    22
  23. 23
    23
  24. 24
    24
  25. 25
    25
  26. 26
    26
  27. 27
    27
  28. 28
    28
  29. 29
    29
  30. 30
    30
  31. 31
    31
  32. 32
    32
  33. 33
    33
  34. 34
    34
  35. 35
    35
  36. 36
    36
  37. 37
    37
  38. 38
    38
  39. 39
    39
  40. 40
    40
  41. 41
    41
  42. 42
    42
  43. 43
    43
  44. 44
    44
  45. 45
    45
  46. 46
    46
  47. 47
    47
  48. 48
    48
  49. 49
    49
  50. 50
    50
  51. 51
    51
  52. 52
    52

So in order to understand what the main areas where organisation should be aware of securing data, we should understand the terminologies like footprinting, scanning and enumeration

Extracts from this document...

Introduction

Introduction to assignment: This assignment is about exploring some of the network security issues in organisations. The information and data about any organisation is very important for them to be protect from outside real and cyber world. The information should be kept according to the standards of security so that it can be protected from hackers. So in order to understand what the main areas where organisation should be aware of securing data, we should understand the terminologies like footprinting, scanning and enumeration. These three terminologies can be called as three steps for hackers to explore the secrete information of an organisation. In this assignment we will get the basic understand of footprinting i.e. gathering information about organization's network, scanning ports and enumeration, the actual process of gaining information access of an organization. We will take 5 internet organizations and will test there networks via different softwares like Nmap, Nbrute, Sam Spade and many others. During testing we will follow a procedure which identifies the internal components of the examined websites from its webpages that are open to public using techniques like WHOIS, DNS, Interrogations and others. Also getting the range of IP addresses of network of that organization and the host machines that are active within an organisation. After getting the understandings of all the issues, we will suggest some hacking preventative measures, which can be used to protect the attack against footprinting, scanning and enumeration. At the end we will draw conclusions about the security of the scrutinised organizations. What is Hacking? (http://www.bookrags.com/sciences/computerscience [accessed 15 November 2005]) For years, "hacker" was a positive term that described computer enthusiasts who had a zeal for computer programming. Those who hacked took pride in their ability to write computer programs that stretched the capabilities of computer systems and find clever solutions to seemingly impossible problems. Although many computer enthusiasts still ascribe to this definition, the everyday usage of the word has changed significantly. ...read more.

Middle

The firewall then becomes a waypoint for further investigations. We try again to traceroute the same machine, this time we use a different traceroute- like probe using a different transport protocol. If we get a response we can conclude the following: * That particular traffic is allowed by the firewall * We know a host behind the firewall If we are continuously kept blocked by the ACL filters at out waypoint, we know that this kind of traffic is blocked. Trying to pass packets on all ports and protocols through the firewall and monitor the response, will produce the ACL. Sending packets to every host behind the packet-filtering device can generate an accurate map of a network's topology. 1. (http://gaia.ecs.csus.edu/~ghansahi/classes/notes/196n_at_def_notes/lectures/wk02.ppt [accessed 18 November 2005]) 2. (http://www.informit.com/index.asp [accessed 18 November 2005]) 3. (http://www.dirc.org.uk/publications/techreports/papers/5.pdf. [accessed 18 November 2005]) 4. (http://www.auditmypc.com/freescan/readingroom/port_scanning.asp [accessed 18 November 2005]) 5. (http://www.oreilly.com/catalog/networksa/chapter/ch04.pdf. [accessed 18 November 2005]) Enumeration Introduction: "From the results of port scanning, we gain a list of open ports on the target machines. An open port does not entirely indicate what listening service may be active. Ports below 1024 have been assigned to various services and if these are found open, they generally indicate the assigned service. Additionally, other applications have been run on certain ports for so long that they have become the de facto standard, such as port 65301 for pcAnywhere and 26000 for Quake. Of course system administrators can change the port a service runs on in an attempt to "hide it" (an example of security through obscurity). Therefore, we attempt to connect to the open port and grab a banner to verify the service running. Knowing which applications the target hosts are running goes a long way toward performing vulnerability analysis. Just as with knowing the OS, we can run the list of applications through the Internet and find a list of known vulnerabilities and exploits for these applications-again, often from the vendors themselves. ...read more.

Conclusion

mail:([email protected]) +92.091-5825713 Khybersoft Technologies Technical Contactor: main boulevard gulberg Lahore PK 54570 name:(www khybersoft com) mail:([email protected]) +92.425757359 Webtechnos Billing Contactor: Khybersoft Technologies 1st floor PSTP PDA building Phase 5 hayatabad Phase 5 Peshawar 54570 name:(www khybersoft com) mail:([email protected]) +92.425757359 Khybersoft Technologies From who is I came to know about the all its branches their address, email address of each administrator and their phone numbers. IP Block: ReferralServer: whois://whois.apnic.net NetRange: 202.0.0.0 - 203.255.255.255 CIDR: 202.0.0.0/7 NetName: APNIC-CIDR-BLK NetHandle: NET-202-0-0-0-1 DNC Checks: 11/22/02 02:41:35 dns www.khybersoft.com Canonical name: virtual-webdata-rwp.paknet.com.pk Aliases: www.khybersoft.com Addresses: 203.135.1.114 Now after having the IP Block I will scan the website through Super Scan for its Domain Names: I got following results from Super Scan SuperScan Report - 11/22/02 02:46:37 IP 203.135.2.176 Hostname [Unknown] UDP Ports (2) 1037 [Unknown] 2967 SSC-AGENT / Norton Antivirus UDP Port Banner Total hosts discovered 21 Total open TCP ports 0 Total open UDP ports 2 5) www.jang.com (News website) Whois: Domain Name.......... jang.com Creation Date........ 1996-05-18 Registration Date.... 2000-06-01 Expiry Date.......... 2006-05-19 Organisation Name.... NetIdentity Organisation Address. 5190 Neil Road Organisation Address. Ste 430 Organisation Address. Reno Organisation Address. 89502 Organisation Address. NV Organisation Address. UNITED STATES Admin Name........... Get [email protected] as an email address from www.netidentity.com Admin Address........ 5190 Neil Road Admin Address........ Suite 430 Admin Address........ Reno Admin Address........ 89502 Admin Address........ NV Admin Address........ UNITED STATES Admin Email.......... [email protected] Admin Phone.......... +1.3034130011 Admin Fax............ Tech Name............ Get [email protected] as an email address from www.netidentity.com Tech Address......... 5190 Neil Road Tech Address......... Suite 430 Tech Address......... Reno Tech Address......... 89502 Tech Address......... NV Tech Address......... UNITED STATES Tech Email........... [email protected] Tech Phone........... +1.3034130011 Name Server.......... ns1.mailbank.com Name Server.......... ns2.mailbank.com DNS checks: 11/22/02 02:55:27 dns www.jang.com Canonical name: www.jang.com Addresses: 216.10.106.149 IP Block: Net Range: 216.10.96.0 - 216.10.127.255 CIDR: 216.10.96.0/19 Net Name: ARIN-NAVISITE-1BLK Traceroute: I got following results from Super Scan SuperScan Report - 11/22/02 02:58:07 IP 216.10.101.2 Hostname sjzafrt0202-v100.sjz.navisite.net UDP Ports (1) 161 SNMP UDP Port Banner IP 216.10.101.4 Hostname sjzafrt02x2-v100.sjz.navisite. ...read more.

The above preview is unformatted text

This student written piece of work is one of many that can be found in our University Degree Computer Science section.

Found what you're looking for?

  • Start learning 29% faster today
  • 150,000+ documents available
  • Just £6.99 a month

Not the one? Search for your essay title...
  • Join over 1.2 million students every month
  • Accelerate your learning by 29%
  • Unlimited access from just £6.99 per month

See related essaysSee related essays

Related University Degree Computer Science essays

  1. Design a web based online Appointment System for vehicle service centres in town to ...

    (Steering, 2002) SUSPENSION- On the suspension system there are many moving parts, the main component of which is rubber that can dry out over a period of time and can crack and perish. In the worst situation the rubber components can split.

  2. Computer Crime - Hacking

    Therefore we need to build newer and better versions of software to overcome the found flaws and bugs. If there is no hacking in the world, the technology won't have advanced to today's standard and we won't have the improvement in software and system that we have today.

  1. There are different types of voting systems used around the world in this assignment ...

    Voters are given a much wider choice of candidates, with the major parties fielding multiple candidates within a constituency. Voters are then required to rank the candidates in order of preference.

  2. The purpose of this assignment is to research about Electronic data interchange and needs ...

    Sometimes, this agent-assigned number, (Rowecom Canada calls it a "Subscription ID"), can be automatically posted during the invoice load. (18) 14.0 Purpose of EDI EDI is for exchanging trading information such as orders, delivery notices, invoices, remittance advice's, statements, and so on, on paper increasingly involves the re-keying of data.

  1. Traffic Light Simulation and Machine Code Program.

    Electronically this is achieved by circuits that are switched off or on. Bit Masks Patterns of noughts and ones used with AND, OR and XOR to extract or inserts bits into bytes. Bits Binary digits. Single digits that are nought or one.

  2. What are the advantages and disadvantages of using an internal consultant as opposed to ...

    Internal consultants are at a better position to learn from established consultancy firm in the investigation skills. In the attempt those consultancy firms try to keep their knowledge a secret, internal consultant could re-engineered or network with the firm to gain access to this new knowledge.

  1. What evidence is there to suggest that there is a crisis in the British ...

    Riots are another aspect of prison crisis. Often riots are caused by overcrowding or bad conditions. For example the Guardian reported "three prison riots in one week as overcrowding hits record level" (9th may 2002)

  2. This report will discuss the benefits and constraints of network systems and topologies.

    Switch?s-is a device that provides a central connection point for cables from terminals Routers- Routers are the traffic directors of the global internet. All routers maintain complex routing tables which allow them to determine appropriate paths for packets destined for any address.

  • Over 160,000 pieces
    of student written work
  • Annotated by
    experienced teachers
  • Ideas and feedback to
    improve your own work