Question

In: Computer Science

Mention any three reconnaissance techniques. Briefly explain each of them (just one or two sentences). Why...

Mention any three reconnaissance techniques. Briefly explain each of them (just one or two sentences). Why reconnaissance is a threat to network security?

Solutions

Expert Solution

Answer:

Information Gathering and getting to know the target systems is the first process in ethical hacking.Reconnaissance is a set of processses and techniques(Footprinting,Scanning&Enumeration) used to covertly discover and collect information about a target system.

Techniques:

1.)Footprinting Technology:

Unsourced material may be challenged and removed.Footprinting(also known as reconnaissance) is the technique used for gathering information about computer systems and the entities they belong to.To get this information,a hacker might use various tools and technologies.

2.)Port Scanning:As the name implies,this is the act of scanning a range of ports on a victim.A port is used to make connections and manage communications for net-workable services or applications.Any open port is possible avenue of attack.There are multiple kinds of port scans,but those go beyond the scope of this introductory article.

3.)Discovery:This is the act of discoverying possible victims.Discovering is essential to reconnaissance as it tells us who our potential victims are.

Security threat involves three goals:

1.Confidentiality

2.Integrity

3.Availability

Confidentiality:This goal defines how we keep our data private from eavesdropping.Packing capturing and replaying are the example threats for this goal.Data encryption is used to achieve this goal.

Integrity:This goal defines how we avoid our data from being altered.MiTM(Man in the middle attacks) is the example threat gor this goal.Data hashing is used to take the fingerprint of data.Through hashing we can match data from its original source.

Availability:This goal defines how we keep available data to our genuine users.Dos(Denial of service attacks) is the example threat for this goal.User rate limit and firewall are used to mitigate the threat for this goal.

--Reconnaissance attack:

In this kind of attack,an adversary collects as much information about your network as he needed for other attacks.This information includes IP address range,server location,running OS,software version,types of devices etc.Packet capturing software,Ping command,traceroot command,whois lookup are some example tools which can be used to collect this information.Adversary will use this information in mapping your infrastructure for next possible attack.  


Related Solutions

Using the appropriate diagram for each question briefly explain (one or two sentences) each of the...
Using the appropriate diagram for each question briefly explain (one or two sentences) each of the following. Explain how price is determined in a perfectly competitive industry. Now explain how price is determined in a monopoly. Now explain how the firm in a competitive industry can determine its profit-maximizing level of output. Will the firm that follows your answer to part c always make a profit at its profit-maximizing level of output? Explain your answer. Should a competitive firm shut-down...
List and explain (in one to two sentences each) three problems with IRR, and whether or...
List and explain (in one to two sentences each) three problems with IRR, and whether or not MIRR solves each problem (you can note this for each problem after you explain the problem). Your explanation should include why these are problems (why we can't just ignore these issues).
List three (3) methods or techniques for generating business ideas and briefly describe each of them.
List three (3) methods or techniques for generating business ideas and briefly describe each of them.
Mention 4 major categories of the international business environment. Mention and explain each of them.
Mention 4 major categories of the international business environment. Mention and explain each of them.
Describe each of the three compliance techniques, explain why each leads to compliance, and provide an...
Describe each of the three compliance techniques, explain why each leads to compliance, and provide an example of each.
List and explain (in one to two sentences each) two problems with payback period that are...
List and explain (in one to two sentences each) two problems with payback period that are not problems for NPV. Your explanation should include why these are problems (why we can't just ignore these issues).
In two or three sentences for each system, explain how redundancy is achieved in: a. power...
In two or three sentences for each system, explain how redundancy is achieved in: a. power transmission systems b. highway systems c. water treatment and distribution systems d. source water supply
briefly explain each of the following terms. give examples and/or structures where appropriate. three sentences max....
briefly explain each of the following terms. give examples and/or structures where appropriate. three sentences max. steady-state assumption bohr effect hemiacetal amphiphile integral membrane protein competitive inhibitor kcat GPI-linked protein
In one or two sentences, explain what is meant by each of the following terms when...
In one or two sentences, explain what is meant by each of the following terms when working with or designing a database. Primary key , Composite key, One-to-many relationship Data integrity Accountin Information system
List the players in a general immune response and explain each with one to two sentences.
List the players in a general immune response and explain each with one to two sentences.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT