Posted October 09, 2019 10:12:30Byron Riggs, an information security expert at Northeastern University, has written a blog post for the University of Pennsylvania Law School’s website, explaining what you should be looking for when scanning a network.
The first thing to note is that there is no single “standard” scanning method for detecting cyber-attacks.
Riggs explained that, while you could easily pick a particular target on the network, it’s likely that there are many different ways to do it.
“You can look at your traffic and see if there are malicious or maliciously crafted packets, or malicious or crafted packets that contain malware,” he said.
“Or you can look and see whether your system is vulnerable to certain types of attacks.
If it’s vulnerable to the kind of attacks you might see on the Internet, you might find malware.”
The second thing you need to consider is the location of the network.
“I’d say that your primary target is probably a system running a Linux distro,” Riggs said.
If you’re not sure what Linux distros are, you could use an online search to look up them.
But that’s not always the case.
“If you’re running Windows, you should probably run Windows,” he continued.
“But if you’re a Linux user and you’re using Linux, you may have a different experience because you’re operating from an untrusted source.
So you may want to be more cautious.”
Once you’ve found out which network is most likely to contain malware, you need only to identify the type of malware that is present.
“It’s important to note that not all malware is malicious, and not all systems are vulnerable to malware,” Rigses said.
“In general, malware can be targeted at a number of different kinds of systems, including network access devices, servers, storage devices, and other components,” Riggles wrote.
“For example, the common types of malware used by malware like Trojans, Cryptolocker, ransomware, and a wide range of other types of cyber-malware are often distributed on networks in the form of network-based tools, such as malware, spyware, and trojans.”
The third thing you want to keep in mind is that many attacks aren’t as simple as scanning a large number of networks.
“Sometimes you may see a few systems infected with malware,” said Riggs.
“In those cases, the attacker could have simply been looking for a network that was vulnerable, or that had an obvious target, but there were other systems in the network that weren’t vulnerable, so the attacker’s only real goal was to get to a specific target.”
The fourth thing to look out for is the frequency of the attack.
“Attackers often make it very clear to the victim that they want to make a serious effort to get into the network,” he added.
“They might use a lot of resources to try and compromise systems that have a lot fewer systems on it.
So, as you can see, that’s another reason to be cautious.”
So, what are you doing to protect yourself from cyber-crime?
“You should make sure that you have some protections on your network,” Riggs said.
You can use a firewall, you can configure a firewall to block certain kinds of traffic, you have a firewall that can block certain types, or you can use the firewall that you already have on your system.
“When you’re doing this, it doesn’t have to be complicated,” he concluded.
“A lot of people think that you need a dedicated security device to do this, but the reality is that it’s not a one-size-fits-all,” he explained.
“The best way to protect your network is to have a diverse array of devices in your network.
That way, if one of the devices is compromised, you’re going to have something else in your system that can be taken offline and restored.”