Scanning and Enumeration

Scanning and Enumeration
Name
Institutional Affiliation

Abstract
Network scanning heavily and enumeration testing relies heavily on network tools and different techniques to check whether a network system or target device or system has some vulnerabilities. Scanning and enumeration are important in helping a network or system administrator determine the kind of vulnerabilities that can be exploited by hackers to compromise the information. Different tools have been employed to perform port scanning and enumeration each with varying proficiency level and different outputs. Incorporating port scanners in and various defensive mechanisms serve as the solution to the problem of port scanning and enumeration. In this paper, great attention is given to explain scanning and enumeration. Further, different types of scanning vulnerabilities and the techniques employed are also identified where a solution is provided on the same. Similarly, the same process is taken when exploring enumeration, providing an explanation, types of enumeration techniques and the kind of security to be applied to eliminate the vulnerabilities.
Scanning and Enumeration
Under a highly globalized environment where everyone remains to be connected and cybercrime is at its highest peak, protection of vital information is vital to individuals, public, and private organizations. The main aim of this paper is to analyze the protection that spans two important hackers’ exploitation points, that is, scanning and enumeration.

According to Faircloth (2011), scanning is a technique that a tester or a hacker employs when in need of finding open doors of a target device or organization system. It connects through the UDP and TCP ports to find the open services. Once an IP address of the target organization is established using foot printing, the network has to be mapped. Performing a port scan is intended to provide necessary information that will show the best way to target the weaknesses or vulnerabilities in a target system CITATION Nik14 l 1033 (Jhala 2014). There are a plethora of scanning techniques such as UDP ICMP Port Scan, TCP XMAS Scan, TCIP FIN Scan, and TCP Reverse Ident Scan among others. Mainly, the prevention of scanning is best done by closing any unnecessary services that may be running on a system.
Enumeration, on the other hand, is basically the first attack that a hacker performs or a tester performs on a target network. Through enumeration, a hacker or tester gathers the relevant information about the target system through the established connection CITATION Jer11 l 1033 (Faircloth 2011). All the information gained by a tester or a hacker is employed in identifying the weaknesses or vulnerabilities within a target system and further exploitation of the same. Different techniques are employed for enumeration such as Brute Force Active Directory, extract usernames through use of email address, among others CITATION Nik14 l 1033 (Jhala 2014).
References
Faircloth J., BIBLIOGRAPHY 2011. “Chapter 3: Scanning and enumeration.” In Penetration Tester’s Open Source Toolkit, by Jeremy Faircloth, 95-139. Syngress. Accessed December 2, 2018. doi:10.1016/B978-1-59749-627-8.10003-0.
Jhala, Nikita. 2014. “Network Scanning & Vulnerability Assessment with Report Generation.” Master’s Thesis 1-91. https://www.researchgate.net/publication/263779662_Network_Scanning_Vulnerability_Assessment_with_Report_Generation.