Information system threats are central to developments in information systems and should be viewed positively. Introduction The emergence of computers effectively led to a change in the approach to business operations. Information technology led to the development of a completely different approach to operations and is cited as a key driver to globalization which is central to the high level of competition being experienced in different industries.
High levels of competition have led to an increase in the need for security since information is central to identification of opportunities and development of innovative approaches to operation. The internet as an information superhighway is especially laced with all kinds of security threats. Protocols are continuously being developed to try and ensure high levels of security; however the threats have managed to stay abreast due to the diversity they exhibit. Ping Sweep
There are different modes used by an attacker to gain and interfere with the operations of a system. However, most attacks require a system to be active and therefore implement a mechanism to detect the activity of a system. Ping is one such technique that has found use in by both black and white hat hackers. The first step in the hackers’ manual is to determine the activity of a network and its connection status to the internet after which codes are subjected to the system to try and gain its control (Kurtz, McClure, & Scambray, 2005).
The actual mechanism involved in ping operations includes sending network packets and awaiting some unique response that will show the activity of the system. To effectively attack a network an attacker must gather as much information as possible; this is done by a ping sweep (Kurtz et al, 2005). A number of ping operations are done and each targeted at a specific IP address (Kurtz et al, 2005). To be effective in remote information collection, multithreaded sweep tools that allow for customized time-outs (Kurtz et al, 2005). Port Scanning
The threats posed by ping operations are known to all administrators who often developed mechanisms to ensure that their security is not compromised. Open hosts are a key security threat and can be used by attackers to deal a deathly blow to systems (Scambray, & McClure, 2007). Port scanning as a system maintenance mechanism is mainly concerned with searching network hosts to determine which ports are open. Administrators and crackers use port scanners which are software component to determine states of networks thus their vulnerability.
Scanning can take on different approaches which include TCP, UDP or SYN scanning (Scambray, & McClure, 2007). It is worth noting that the objective of the scanner determines the effects that the scanning activity will have on the network or system. A port scanning mechanism where multiple hosts are scanned to determine the one that is listening is referred to as a port sweep (Scambray, & McClure, 2007). Implication Port scanning and ping sweeps can be dangerous depending on the objectives of the person or entity initiating them.
They can be considered system threats or maintenance procedures depending on whether they are being initiated by a hacker or a system analyst. There are several approaches that have been developed to minimize the risk of malicious ping sweeps against a network. Disabling ICMP protocols for networks connected directly to the internet and configurations of firewalls to do the same is effective in dealing with ping sweeps (Kurtz et al, 2005). Port scanning is used to gather information on a network’s security which can then be used to cause malfunctions such as buffer overflows.
Conclusion Port scans and ping sweeps can be used by administrators and hackers and are thus both beneficial and risk causing. Managers should ensure that their systems are developed in a manner that is security conscious in that even if it is scanned no security weakness should be discovered. Dealing with the threat of port scan can cause inefficiencies though ping sweeps can be dealt with effectively. Developing a robust network that is near perfect is the ultimate approach to dealing with the threats posed by ping seeps and port scans which are just information seeking mechanisms.
Being aware that versatile and creative hackers are in a position to scan a system is motivation enough to ensure system security is kept up to date with development in information technology. Thus, scanners and sweepers are motivators behind the development and improvements in information strategies aimed at development of secure information systems. References Kurtz, G. , McClure, S. ,& Scambray, J. (2005). Hacking Exposed: Network Security Secrets & Solutions. New York: McGraw-Hill Professional. Scambray, J. ,& McClure, S. (2007). Hacking Exposed Windows: Windows Security Secrets and Solutions. New York: McGraw-Hill Professional.