Ethical Hacking Techniques - Essay Example

It identifies these violations and notifies the administration of malevolent activities within the system. It can be used to protect an organization against an attack because it spots out and potentially prevents intrusions that breach the system’s firewalls or those that occur behind the local area network (LAN) or the firewall (IATAC, 2009, p.3). Thus, IDS can provide organizations with real-time or near-real-time monitoring of a host or a network and defend them from hacking.

IDS cannot always detect footprinting stages. The wrong results in an IDS are categorized into two kinds: false positives and false negatives (IATAC, 2009, p.4). False positives happen when an IDS wrongly sees a problem with benign traffic (IATAC, 2009, p.4). False negatives take place when malicious traffic is not recognized by the IDS (IATAC, 2009, p.4). When this happens, hackers’ footprinting efforts can enter the system and evade the systematic monitors of an IDS. Also, an IDS cannot evade successful social engineering tactics. These tactics gather useful information about the system that can be used to determine vulnerabilities and other useful information.

Two scanning and enumeration tools that the organization can use are Port Scanning and Null Session tools. Port scanning can be done by Nmap- it is a program made for network mapping tools. Nmap does different network functions, such as fingerprinting a system, finding ports that are common to a specific network device, and determining the servers, such as recognizing that System B is a Solaris server. The Windows Server Message Block (SMB) protocol provides free information. Null Sessions are not on by default in Win XP, Server 2003, Vista, and Windows 7 but open in Win 2000 and NT. Some of the Null Session Tools are Dumpsec, Winfo, Sid2User, and NBTenun 3.3.

Scanning and enumeration can be taken to the next level by using vulnerability assessment tools that respond to scanning and enumeration activities. Vulnerability assessment tools usually work by trying to mechanize the steps often employed to develop vulnerabilities: they start by doing a “footprint” analysis to find out what network services and/or software programs (as well as versions and patch levels) run on the target (IATAC, 2011, p.8). The tools then try to determine the indicators (patterns, attributes) of, or to take advantage of vulnerabilities that are in the system and to inform the administration of its findings (IATAC, 2011, p.8). Nearly all vulnerability assessment tools apply at least some intrusive “scanning” techniques that engage in locating a probable vulnerability (frequently through passive scanning), then inserting either random data or fake attack data into the “interface” made or shown by that vulnerability, and then studying the results (IATAC, 2011, p.8).