security assessment of network

A network security evaluation combines both automated and manual risk checking. Since I'll be concentrating on footprinting and scanning, it's vital that I first understand what they are. Footprinting, which is a component of reconnaissance, refers to the method of collecting knowledge about computer systems and the various groups to which they belong. Footprinting exposes device vulnerabilities and increases the speed with which they can be manipulated (Wu, Zhang, & Cao, 2017). Scanning, on the other hand, refers to the process of finding active hosts on a network.

I will use the normal series of network assessment procedures, which include:

• Network footprinting to know the IP networks and hosts of interest.

• Network footprinting to know the IP networks and hosts of interest.

• Network scanning to identify some of the vulnerable hosts.

Various methods are typically used to query open sources as well as locating the hosts and network of interest. Through querying, attackers can get information about the structure of a target network. The first part, which is also referred to as the reconnaissance part, would help in discovering the network devices and other hosts of interest (Wu, Zhang, & Cao, 2017). I would use The Tried and true network mapper (Nmap). Usually, I’d use this tool to perform the alive scans to know some hosts which are online in the given network. Also, I’d also use the Nmap tool to dig deeper into the automated scans and to verify them. The tool will help me in scanning ports, listing services, and their version numbers. By using this tool, I will gather details about internal IP addresses collected from DNS servers, Internet-based network blocks, and insight into the target organization DNS structure. This is important because it uncovers hosts that are not adequately secured against unauthorized access. This constitutes the footprinting process part of the network security assessment.

The next step is the scanning of the network to locate and know networks of interest and the hosts, which are vulnerable. After identifying IP blocks of interest in the footprinting phase, I will go on about UDP, ICMP and TCP scanning of the network to locate hosts and network services (such as HTTP and POP-3), that could be used to acquire access to a confidential network space. This I would do using the N-stealth tool (McNab, 2007). In the first step, we identified which hosts are alive in the network. Here I would use the N-stealth tool to now know of the active hosts, which are vulnerable to attack.

The advantage with the N-stealth scanner is that it provides web server security checks, Common Gateway Interface (CGI), Hypertext Preprocessor (PHP) scripts, common cross-site scripting and SQL injection attacks (McNab, 2007).

Still, on the scanning, I will also employ the use of SNMPwalk. This entire insecure protocol runs over UDP. SNMPWalk that lets you query network devices installed with SNMP for relevant information (Wu, Zhang, & Cao, 2017). It uses an inbuilt query method to find out whether your SNMP devices were giving away information that they shouldn’t be giving out. This will be done with the sole purpose of unearthing information that hackers might use to gain access to the network.

After I have gathered all the valuable information regarding network system vulnerabilities, I would begin my analysis of the results obtained from the network scan and probe any weaknesses that may be present in the network services, which can be accessed.

The other steps, which involve further investigations of network probing and Exploitation of the vulnerabilities and preventing, are beyond footprinting and scanning. However, it is worth mentioning footprinting and scanning are the preliminary ones (McNab, 2007). They give crucial information regarding the vulnerabilities, which can be exploited. Once we know of the susceptibilities, we can come up with mechanisms to deny access.

References

McNab, C. (2007). Network security assessment: know your network. ”O’Reilly Media, Inc.”

Wu, S., Zhang, Y., & Cao, W. (2017). Network security assessment using a semantic reasoning and graph based approach. Computers & Electrical Engineering.