Analysis of features of implementing a “Port scanning” attack using a “Zombie” computer-Reference-Cited by-同舟云学术

Analysis of features of implementing a “Port scanning” attack using a “Zombie” computer

Published:2024-07-25 Issue:2 Volume:51 Page:53-61
ISSN:2542-095X
Container-title:Herald of Dagestan State Technical University. Technical Sciences
language:
Short-container-title:Vestn. Dagest. gos. teh. univ., Teh. nauki

Author:

Boldyrikhin N. V.¹,Karpenko M. V.¹,Sosnovsky I. A.¹,Yadrets E. A.¹

Affiliation:

1. Don State Technical University

Abstract

Objective. Analyze the implementation features of a “Port scanning” attack using a “Zombie” computer to hide the IP address of the attacking machine.Method. The method is based on computer simulation of a “port scanning” attack using a virtual infrastructure of the network.Result. Theoretical aspects related to the implementation of a “port scanning” attack using a “zombie” computer are analyzed. The parameters by which a “zombie” machine is selected on the network are indicated. A computer simulation of a “port scanning” attack using a virtual infrastructure of the network was carried out. Simulation results illustrating the successful implementation of the attack are presented. A simple way to counter this attack is proposed.Conclusion. When implementing a port scanning attack using the Nmap utility, you can obtain a lot of valuable information related to open TCP ports and services running on the attacked systems. To ensure security when conducting port scanning, attackers can successfully use technology to mask the IP address of the attacking machine by using a “zombie” computer. The technique of replacing the attacker’s IP address with the IP address of a “zombie” machine is not only effective, but also safe for attackers. By using a “zombie” machine, the attacker scans ports without revealing his real location, which allows him to avoid legal consequences associated with illegal activity on the network. By analyzing the data obtained after scanning, an attacker can obtain information about which ports are open on the target computer and create a map of the vulnerabilities of the attacked system. As a way to protect against this attack, it is enough to use the Windows Firewall with standard settings.

Publisher

FSB Educational Establishment of Higher Education Daghestan State Technical University

Reference22 articles.

1. Andersson A. Standardizing information security – a structurational analysis / Andersson A., Hedström K., Karlsson F.. Information & Management. 2022; 59( 3). 103623. DOI:10.1016/j.im.2022.103623.

2. Vedadi A. Herd behavior in information security decision-making / Vedadi A., Warkentin M., Dennis A. Information & Management. 2021; 58( 8). 103526. DOI:10.1016/j.im.2021.103526.

3. Stallings W. Computer security: principles and practice. Stallings W. Boston. Pearson. 2012;182.

4. Miroshnichenko E.L. Development of a model for collecting information about the state of the protected system to solve problems of managing a system for detecting, preventing and eliminating the consequences of computer attacks / Miroshnichenko E.L., Kalach A.V., Zenin A.A. Bulletin of the Voronezh Institute of the Federal Penitentiary Service of Russia. 2020;1:102-107. (In Russ).

5. Shelukhin O.I. Detection of intrusions into computer networks (network anomalies) / O.I. Shelukhin, D.Zh. Sakalema, A.S. Filinova. M: Hotline-Telecom. 2013; 220. (In Russ).