Purpose of Scanning the Network: Stealth Attacks
Examine the purpose of network scanning is to gather the information about the victim’s network. Various network mapping tools and techniques are there which an ethical hacker has to go through for performing network scanning.
Every cracker (Criminal Hacker) first surely wanted scan any network, and every intelligent one first think about ‘How his attack will go unnoticed by the Network security administrator’ He wanted to hide himself. (of course if he is committing a crime he don’t wish to go to jail)
Reducing suspicion on Network – If because of attacker any kind of alert has been announced each and every network activity will be traced more strictly, which makes it harder for attacker to intrude further. (But Not Impossible)
Remaining unnoticed through out the attack – Cracker’s attack can be done successfully and easily only if his every activity is remained unnoticed. Any intelligent cracker will therefore certainly use the stealthiest tools and techniques
available to minimize the likelihood of discovery.
To increase the stealth he can use wide range of attack techniques which are as follows:
Log files can be inspected manually.
Scanning and enumerating over a long period of time. (Means should not be frequent)
Avoiding programmed thresholds in security tools.
Advanced operating mode of tools provides different level of stealth.
A very visible intrusion technique is considered as High Risk technique, where as a technique subjected to discovery by a skilled administrator or well configured security device is considered as Medium Risk Level. Attack which can not at all be detected is termed as Low Level attack.
So, this is how stealth attacks are done by crackers. Knowledge of such techniques can surely help any Network Security Administrator and Ethical hacker to protect network by scanning.