Which of the following is frequently used by administrators to verify security policies of their networks and by attackers to identify running services on a host with the view to compromise it?
A.
Fuzzer
B.
Port scanner
C.
MegaPing
D.
UDP scan
Explanation:
A port scanner is a software application designed to probe a network host for open ports. This is often used by administrators to verify security policies of their networks and by attackers to identify running services on a host with the view to compromise it. To portscan a host is to scan for listening ports on a single target host. To portsweep is to scan multiple hosts for a specificlistening port. The latter is typically used in searching for a specific service, for example, an SQL-based computer worm may portsweep looking for hosts listening on TCP/UDP port 1433.Answer option A is incorrect. The programs and frameworks that are used to create fuzz tests or perform fuzz testing are called fuzzers. Fuzzing has evolved from a niche technique into a full testing discipline with support from both the security research and traditional QA testing communities. Fuzzing (Fuzz testing) is an automated software testing technique that involves providing invalid, unexpected, or random data to the inputs of a computer program. The program is then monitored for exceptions such as crashes or failing built-in code assertions. Fuzzing is commonly used to test for security problems in software or computer systems.
Answer option D is incorrect. UDP scan is little difficult to run. UDP is a connectionless protocol so there is no equivalent to a TCP SYN packet. However, if a UDP packet is sent to a port that is not open, the system will respond with an ICMP port unreachable message. Most UDP port scanners use this scanning method, and use the absence of a response to infer that a port is open. However, if a port is blocked by a firewall, this method will falsely report that the port is open. If the port unreachable message is blocked, all ports will appear open. This method is also affected by ICMP rate limiting.
Answer option C is incorrect. MegaPing is used to provide all essential network utilities for information system specialists, system administrators, or individuals. It also includes comprehensive security scanner, host and port monitor, and network utilities. All these scanners can scan individual computers, domains, any range of IP addresses, selected type of computers inside domains, and user specified host lists.