Computer System Vulnerability Scan.

Introduction.

both hackers as well as security personnel needs to be aware of computer system vulnerabilities, either to exploit them or to plug the holes in security.

vulnerability scanning is method that allows to learn about possible threats to computer system's security (the more we know about open ports & software on target machine, the higher probability of a succesful hack - done or averted).


Host Address.

in networks, including the Internet, computers need to be uniquely addressed, for example with an IP Address.

this address might be for example: '192.168.1.100' or other.


Applications & Ports.

operating systems often provide services, applications that can be 'talked with'. these applications 'listen' on a given port(s), waiting for communication to occur.

for example, a web server might listen on port 80 for internet traffic, once contacted these serve web pages or other internet resources.


Known Ports.

often enough a given port is widely recognized as dedicated for a given service, for example:
- port 22 for ssh,
- port 80 for serving web pages,
... etc.

these ports are usually used as expected, but occasionally might be reassigned to different number for security purposes.


Port Scanning.

a vulnerability scanner is capable of determining the ports that are open on a system by sending successive requests to the various ports, with analysis of the responses to determine which ones are active.

this often leaves a mark of contact attempt, that is logged (written in some form) within a computer system.

an example of a port scanning code is available on a screenshot below (it's written in Java Programming Language):




a simple port scan.


above code is also available for download.


more sophisticated vulnerability scanners might try to guess which application in which version is listening on a given port, by analyzing communication & trying to recognize protocol (form of messages exchanged & their ordering).

even more sophisticated vulnerability scanners might attempt to guess Operating System & Version installed on a computer system, by checking available services & their versions. this is called OS Fingerprinting.

this often is a prelude to hacking attempt.


Speed.

above port scan is fairly slow, there might be speed ups or delays if we use:
- different timeout value (maximum time for attempting port connection),
- parallelization (trying multiple ports at the same time).


Professional Tools.

there are professional tools, for example: NMap.

About Computer Sciences & Hacking.

Computer Sciences.

Computer Sciences are a vast field of knowledge, it's more than one person can learn during a lifetime. Large projects last for years, many employees work on them at the same time. In case of programming, it's not only knowing a single programming language, but also mathematics, software production methodologies & a lot of theoretical background. Programmers are people who understand how computers work, are able to make them work in a certain way, as ordered by customers.


Technology Race.


Once a while new technologies, new solutions appear, competing to float above others as far as sales go. These can be compared to a toolbox of a programmer, different hammers, drills, nails, etc ... Part of these technologies are open source & freely available, as for example emerging Dragonfly Algorithm is, others are patented trade secrets. Because of competition & a fast work pace, security errors are a part of the race.


Hacking.



Hackers are Information Technology personnel who specialize in Software Security. Once they are aware of a problem in application's security they can break it, gaining access & control over a machine it's run on, or disable the Service’s Internet access, for a while at least.


Common hacking Methods.

Most known of hacks is the Buffer Overflow Hack, where computer memory is overwritten with specificially prepared data, known as shellcode ... in the end shellcode is run instead of original application, doing hackers' will. Other important parts of hackers' toolbox are: Heap Overflow Hacks, Format String Hacks, Rootkits, Backdoors, Social Engineering Hacks, SQL Injection Hacks, Denial of Service Hacks, probably more as well ...


Service Security.

It's not uncommon for Corporations to hire hackers as Security Personnel to 'patch the holes', as well as to use other means of increasing security of Corporate Systems. Antivirus software also helps, often it's best to use a combination of Firewall Software, Antivirus Software, Intrusion Detection System Software & Security Personnel.

Computer Networking.

a Professional Book about The Internet.


it's one of the most important books i have,

it's easy to read as well,

it's a Professional book about the Internet, for Information Technology Professionals & related.

... i read it a whole, returning occasionally as well.

this a Book provides a Professional overview of the Internet Technology, how one can think about this a World's Wonder,

for me the Internet is a Graph of Computers linked by Physical Links,

as well as Protocol Stack that enables the Communication,

there's a lot of Technical Details provided,

more can be found elsewhere,

... the Internet is a Vast Topic,

i think there's more knowledge to absorb than in an one Person's a lifetime.


... i recommend this a Book, to those interrested.