{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

Chapter 12 - Linux Networking and Security Chapter 12...

Info icon This preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon
Linux Networking and Security Chapter 12 Network Intrusion Detection
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Network Intrusion Detection Use network scanning and packet-sniffing utilities Understand basic intrusion detection systems Perform automated security audits of your Linux system
Image of page 2
Scanners and Sniffers Cracker can employ the following techniques in order to gain access to a Linux system: Port scanning, in which packets are sent to a host to gain information about it based on its response Packet sniffing, in which every packet on the network has its header and data examined Network administrators also use these techniques to check for security weaknesses, and though some feel their use is illegitimate, it is important to stay ahead of crackers
Image of page 3

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Port Scanning A port scan enables someone to identify a network’s operating system and any services that could potentially allow greater access Port scans typically use the TCP protocol and its associated flags to gather information about the host and its network services Some port scanners use ICMP and UDP packets, which do not provide as much data as TCP, but can offer some information that TCP cannot
Image of page 4
Port Scanning
Image of page 5

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Port Scanning The most widely used port-scanning utility is nmap, the network mapper nmap is a command-line utility that uses a variety of scanning methods nmap allows for fingerprinting hosts, greater output, and configuration of timing policy nmap can also perform a Ping scan, which reports hosts that are reachable using ICMP echo packets
Image of page 6
Port Scanning
Image of page 7

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Port Scanning
Image of page 8
Port Scanning
Image of page 9

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Packet Sniffing A packet sniffer allows for the examination of any or all
Image of page 10
Image of page 11
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern