Btec It Level 3, Unit 7, P1 - Potential Threats on Organisation's Computers

P1 – Potential Threats on Organisation’s Computers
Unauthorised Access
Internal
Scanning
Nmap is a graphical representation of a network which shows all of the computers and devices connected, and how they are connected. For them to appear, they have to support UPnP technology or Web Services for Devices for Windows. Anyone using Nmap will be able to find any devices, authorised or unauthorised on the system. This will mean hackers may be able to find out how many computers are connected to a network and potentially access it. Organisations can protect themselves by making sure there is no way for unauthorised devices to connect to the network. They will have to make sure spare ports are closed. They can also use Nmap themselves which will show when an unauthorised device connects to the network.
Packet Sniffing
A Sniffer is a program or device which can monitor data travelling over a network. Although sniffing can be used legitimately by organisations, they can also be used to steal information from a network. Because it’s impossible to detect unauthorised sniffers, it can be dangerous to the security on a network. If a hacker uses a sniffer on an organisations network, they will be able to steal information being sent along the network. This could mean the organisation loses money because customer details could have been compromised (meaning they may have to pay a fine and/or compensation), or their own information regarding their finances may be taken. Organisations can use applications like Wireshark which can be used for network troubleshooting, analysis, and software and communications protocol development.
ARP Poisoning
ARP poisoning is a method of attacking an Ethernet LAN by updating the target’s ARP cache with forged ARP requests and reply packets. This should change the Layer 2 Ethernet MAC address (network card address) to one where it can be monitored by the attacker. The targeted computer will now send packets to the attacker’s computer before...