NopSec's 2017 State of Vulnerability Risk Management Report

Purpose of Scanning the Network: Stealth Attacks

Examine the purpose of network scanning is to gather the information about the victim’s network. Various network mapping tools and techniques are there which an ethical hacker has to go through for performing network scanning.

Every cracker (Criminal Hacker) first surely wanted scan any network, and every intelligent one first think about ‘How his attack will go unnoticed by the Network security administrator’ He wanted to hide himself. (of course if he is committing a crime he don’t wish to go to jail)

Reducing suspicion on Network   – If because of attacker any kind of alert has been announced each and every network activity will be traced more strictly, which makes it harder for attacker to intrude further. (But Not Impossible)

Remaining unnoticed through out the attack – Cracker’s attack can be done successfully and easily only if his every activity is remained unnoticed. Any intelligent cracker will therefore certainly use the stealthiest tools and techniques
available to minimize the likelihood of discovery.

To increase the stealth he can use wide range of attack techniques which are as follows:
Log files can be inspected manually.
Scanning and enumerating over a long period of time. (Means should not be frequent)
Avoiding programmed thresholds in security tools.
Advanced operating mode of tools provides different level of stealth.

A very visible intrusion technique is considered as High Risk technique, where as a technique subjected to discovery by a skilled administrator or well configured security device is considered as Medium Risk Level. Attack which can not at all be detected is termed as Low Level attack.

So, this is how stealth attacks are done by crackers. Knowledge of such techniques can surely help any Network Security Administrator and Ethical hacker to protect network by scanning.

Published by

Amol Wagh

Author is a Tech blogger & loves to share his work on web by writing guidelines for Ethical Hacking students & Security professionals. Performing various types of hacking from pen test to smartphone hacking – He enjoys hacking just for personal research purpose. Working with more of 'grey as well as black hat' hackers for learning advanced hacking as well as defending techniques & share them with learners. His prime area of research is Cyber Criminals & currently working on a Video Product Development to teach hacking & Pen Testing for absolute beginners.