Access over 20 million homework & study documents

Database Vulnerabilities

Content type
User Generated
Subject
Computer Science
Type
Homework
Rating
Showing Page:
1/3
Surname 1
Name:
Course:
Instructor:
Date:
Database Vulnerabilities
Scanning and enumeration are the first phases of hacking and involve the hacker locating
target systems or networks. Notably, the enumeration is the next step after scanning is complete
and it is used to identify computer names, usernames, as well as shares. Scanning and
enumeration go in tandem because the hacking tools employed perform both.
In the process of scanning, the hacker carries on with collecting information concerning
the network as well as its separate host systems. According to Graves (42), data like IP
addresses, operating system, services and installed applications may help the hacker to determine
which form of exploit to use in hacking a system. Therefore, scanning is the procedure of
locating systems that are active and responding on the network. Moreover, scanning is used to
identify whether a system can be found on network and accessible. The scanning tools are used
to gather information regarding a system such as IP addresses, the operating system as well as
services running on the aimed computer. There are three fundamental types of scanning, they
include port scanning, which establishes open ports and services, network scanning which entails
IP addresses as well as vulnerability scanning which determines the presence of known
weaknesses.

Sign up to view the full document!

lock_open Sign Up
Showing Page:
2/3
Surname 2
On the other hand, enumeration occurs after scanning, and it is the process of gathering
as well as amassing usernames, machine labels, shares, network resources as well as services.
Additionally, it can refer to actively querying to an identified system to obtain information. The
aim of enumeration is to establish a user account for potential usage in hacking the identified
system. Many hacking tools are formulated for scanning IP networks to discover NetBIOS name
information.
Scanning and enumeration tools cannot only be employed by an attacker to scan for
active as well as live targets for IP, ports, and services. Moreover, the tools can also gain
valuable information regarding one's IP telephony network. The tools include Nessus, Nmap as
well as SIPVicious. Nessus supports credentialed as well as un-credentialed port scanning and
network-based susceptibility scanning that leads to vulnerability analysis. Nmap is an open
source utility for network exploration or security auditing. SIPVicious is a set of tools used to
audit or attack SIPbased IP telephony systems (Behl 44). Notably, the information or session
flooding and Dos attack tools present a new attack vector to bring down functional as well as
healthy IP Telephony system. Therefore, hackers bring into play various tools to carry out their
activities.

Sign up to view the full document!

lock_open Sign Up
Showing Page:
3/3

Sign up to view the full document!

lock_open Sign Up
Unformatted Attachment Preview
Surname 1 Name: Course: Instructor: Date: Database Vulnerabilities Scanning and enumeration are the first phases of hacking and involve the hacker locating target systems or networks. Notably, the enumeration is the next step after scanning is complete and it is used to identify computer names, usernames, as well as shares. Scanning and enumeration go in tandem because the hacking tools employed perform both. In the process of scanning, the hacker carries on with collecting information concerning the network as well as its separate host systems. According to Graves (42), data like IP addresses, operating system, services and installed applications may help the hacker to determine which form of exploit to use in hacking a system. Therefore, scanning is the procedure of locating systems that are active and responding on the network. Moreover, scanning is used to identify whether a system c ...
Purchase document to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Anonymous
Excellent resource! Really helped me get the gist of things.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4