Network Scanning

Network scanning is a process for identifying active devices in the network protocol, which awaiting response in a network protocol by employing an attribute or features on the signal devices. Today most network scanning is used in monitoring and management, but scanning can also be used to identify network elements or users for attacks. The specific protocol features used in scanning depend on the network, but scanning normally for the IP network sends a simple message (for example a ping) to each potential IP address in a specified range, and then on devices Uses another protocol to obtain data if the response to the ping has been received.

When used by monitoring and management systems, scanning is used to identify current network users, determine the state of the system and equipment, and take a list of network elements. Often, a list of instruments against the list of equipment required as a measure of health is compared. These are all valid management tasks and are used regularly by network administrators.

The scanning monitoring / management scanning used by the attackers depends on the same device and protocol. An attacker will first obtain the IP address limit assigned to a company using the Domain Name System (DNS) or the whois protocol. Addresses within the range of that address will be scanned in search of servers, their operating systems, system architecture and services running on each. Then the attacker may try to dissolve the target system and applications.