Close Menu
CEH

CEH v12 Module 03: Scanning Networks | PDF Download

By
CEH v12 Module 03

CEH v12 Module 03: Scanning Networks covers the process used by attackers to discover and gather information about a computer network.

Countermeasures are strategies or security measures employed to protect a network from unauthorized scanning and potential attacks. Here’s an overview of some network scanning techniques and countermeasures:

Network Scanning Techniques:

  1. Ping Sweeps:
    • Technique: Sending ICMP Echo Request (ping) messages to a range of IP addresses to determine which hosts are live.
    • Countermeasure: Disable ICMP responses, and use firewalls to block ICMP traffic.
  2. Port Scanning:
    • Technique: Scanning for open ports on a target system to identify services and potential vulnerabilities.
    • Countermeasure: Regularly update and patch systems, use intrusion detection/prevention systems, implement firewalls, and limit unnecessary services.
  3. TCP SYN Scanning:
    • Technique: Sending TCP SYN packets to see how the target responds, identifying open ports.
    • Countermeasure: Implementing intrusion detection/prevention systems, using stateful firewalls, and rate-limiting connections.
  4. UDP Scanning:
    • Technique: Sending UDP packets to identify open ports on a target system.
    • Countermeasure: Disable unnecessary UDP services, use firewalls to block unwanted UDP traffic.
  5. OS Fingerprinting:
    • Technique: Analyzing the network responses to determine the operating system and software versions in use.
    • Countermeasure: Implementing host-based firewalls, disabling unnecessary services, and keeping systems up to date.
  6. ICMP Scanning:
    • Technique: Using ICMP packets to gather information about hosts on a network.
    • Countermeasure: Filtering ICMP traffic, disabling unnecessary ICMP responses.

Countermeasures:

  1. Firewalls:
    • Employing firewalls to filter and control incoming and outgoing network traffic based on an organization’s previously established security policies.
  2. Intrusion Detection/Prevention Systems (IDS/IPS):
    • Deploying IDS/IPS to monitor network and/or system activities for malicious activities or security policy violations.
  3. Regular Patching and Updates:
    • Ensuring that operating systems, applications, and network devices are regularly updated with the latest security patches to address vulnerabilities.
  4. Access Control Lists (ACLs):
    • Using ACLs to restrict network access and control the flow of traffic based on predefined rules.
  5. Network Segmentation:
    • Dividing a network into segments or zones to limit the potential impact of a security breach and to contain malicious activities.
  6. Honeypots:
    • Deploying honeypots, which are decoy systems designed to attract attackers and gather information about their tactics and techniques.
  7. Encryption:
    • Using encryption to protect sensitive data during transmission, makes it more difficult for attackers to intercept and analyze.
  8. Security Policies and Training:
    • Establishing and enforcing security policies, as well as providing regular security awareness training for employees reduce the likelihood of successful attacks.

Implementing a combination of these network scanning countermeasures can significantly enhance the security posture of an organization’s network.

CEH v12 Module 03: Scanning Networks | PDF Download

Download CEH Module 03
Share.

We’re dedicated to giving you the very best of the latest Tricks and topics related trends with insightful analysis on hardware, software, mobile computing,Cybersecurity, Android, AI technology & many more.

Related Posts

Add A Comment
Leave A Reply