Running Head: PING SWEEPS & PORT SCANS 1

Ping Sweeps & Port Scans:

Potential Dangers and Defense Strategies
SEC 280 Week 1 Case Study
Nikia Moore
DeVry University

PING SWEEPS & PORT SCANS 2


Ping Sweeps & Port Scans: Potential Dangers and Defense Strategies
This is an assessment of ping sweeps and port scans, which are computer network
penetrating tools that can be used to infiltrate a network. For many businesses in the United
States, a key feature in security is assuring the protection of private company information.
Network systems must be designed to ensure the availability, confidentiality, integrity, and the
overall safety of sensitive information. This is a very important business requirement that cannot
be pushed aside. The aim of this report is to explain what these techniques are and how they can
be used to address and avoid potentially harmful activity inside the network. Ping sweeps and
port scans can have a positive effect on the company if both the potential risks and defense
strategies of the probing methods are understood and used properly.
A ping sweep, also called an Internet Control Message Protocol (ICMP) sweep is one of
several diagnostic tests called network probes that can be used to see what range of Internet
Protocol (IP) addresses are in active and available within a network. Nicknamed ping sweeps for
the ping sound that is received when there are active technologies on a network. First the
hacker sends out a series of ICMP ping messages to map out a computer network. (Conklin, 15)
Once the ICMP echo request is sent out the hacker waits for a response, whichever computer(s)
that sends a signal back stand available for attack. (Conklin 12) Moreover, there are additional
commands that can be sent with the ping sweep request that can extract even more valuable
information from the network. Ping sweeps can also be used by network administrators to
discover the vulnerabilities that are in their networks, so there are legitimate reasons why ping
sweeps are used too. There is in addition network monitoring software available that detect ping
sweeps in the networks traffic such as Microsoft Network Monitor, Solarwinds, ManageEngine
OpManager, and others.
PING SWEEPS & PORT SCANS 3


The port scan is the next level in the network probing process. A port scan actually
examines Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports to
determine which ones are open and what services are running on that device. (Conklin, 210) This
procedure can find out which operating system (known as OS fingerprinting) is being used on
the active computer, along with the application programs and services that are available
(recognized as banner grabbing). (Conklin 12-13) This gives hackers significant information
about the services on the active workstation, thus making it easier to gain access and
fundamentally do damage to the network. Knowing the system makes it that much easier for
network intrusion and exploitation of weaknesses in a network.
Ping sweeps can also be used legitimately by the system network administrators to find
vulnerability, but when mischievous computer hackers perform these activities on a network, it
usually means that they are attempting to attack. in the network system. In either case, there need
to be tools in place to avoid any foul play in your network. Fortunately there are semi-simple
ways to protect your network and avoid these types of problems. All of the most recent up-to-
date patches for that are applicable for that particular operating system all patches for the
operating system and applications must be installed, limiting the services that need to be patched,
and limiting the disclosure of private information about the organization can avoid infiltration.
(Conklin 391)There should be a strict password policy in place for users of the network and that
means using password procedures accordingly (consistent changes, special characters, etc.).
Finally, there must be a good back up just in case an intrusion is successful.
Ping sweeps are IP scans that are performed for host detection purposes and port scans are
used to find a back door that will as author William Arthur Conklin put it help identify which
ports are open, thus giving an indication of which services may be running on the targeted
PING SWEEPS & PORT SCANS 4


machine. (Conklin 15) In order to safeguard against nefarious computer activity, preventive
security measures have to be taken to ensure that intruders cannot gain access to confidential
information within a network. There is also ethical hacking that can be used by network
administrators to be a step ahead of attackers combined with network monitoring tools that can
be used to detect and defend against intrusion, beating the bad guy to the punch. Furthermore,
this same network probing tactics can be used as an analyzing approach to troubleshoot
application issues. Businesses are ethically and legally required to protect private and/or
confidential information. The computer system network managers/administrators have to go
above and beyond to protect vital company data from unwelcomed prowlers and that takes first
make sure on-site and online data recovery back up plan is working correctly, firewalls must be
up, assuring that good network monitoring tools are available, all security patches for operating
systems and all applications used are up-to-date, and access controls are put in place to
effectively secure the network.



PING SWEEPS & PORT SCANS 5


References
Conklin, Wm. A. (2010) Principles of Computer Security: Security+ and Beyond, 2nd Edition.
(pp. 15) Columbus, OH: McGraw-Hill Learning Solutions.
Conklin, Wm. A. (2010) Principles of Computer Security: Security+ and Beyond, 2nd Edition.
(pp. 12) Columbus, OH: McGraw-Hill Learning Solutions.
Conklin, Wm. A. (2010) Principles of Computer Security: Security+ and Beyond, 2nd Edition.
(pp. 210) Columbus, OH: McGraw-Hill Learning Solutions.
Conklin, Wm. A. (2010) Principles of Computer Security: Security+ and Beyond, 2nd Edition.
(pp. 12-13) Columbus, OH: McGraw-Hill Learning Solutions.
Conklin, Wm. A. (2010) Principles of Computer Security: Security+ and Beyond, 2nd Edition.
(pp. 391)Columbus, OH: McGraw-Hill Learning Solutions.