Network intelligence is the gathering of information about a network using publicly available data and applications. When preparing an attack against a network, a hacker usually tries to obtain as much information about it as possible. Network reconnaissance is done in the form of DNS queries, ping sweeps, and port scans.
DNS queries help you understand who owns a particular domain and what addresses are assigned to that domain. A ping sweep of DNS-exposed addresses allows you to see which hosts are actually running in a given environment. After obtaining a list of hosts, a hacker uses port scanning tools to compile a complete list of services supported by those hosts. Finally, the hacker analyzes the characteristics of the applications running on the hosts. As a result, information is obtained that can be used for hacking.
It is impossible to completely get rid of network intelligence. If, for example, you disable ICMP echo and echo reply on peripheral routers, you will get rid of the pings, but you will lose the data needed to diagnose network failures. In addition, you can scan ports without pinging first. It just will take longer, since you will have to scan non-existent IP addresses as well ccna wireless salary.
IDS systems at the network and host level usually do a good job of notifying the administrator about ongoing network intelligence, which allows you to better prepare for an impending attack and alert the ISP on whose network the system is showing excessive curiosity.
No comments:
Post a Comment