How do hackers find network security vulnerabilities?

Computer hackers always want to know as much information as possible, such as whether to connect to the Internet, the internal network architecture, and the status of security measures. Once experienced hackers target your network system, they will first analyze your system. This is why we say that using hacker "game rules" is the best way to deal with hackers. Looking at network security from the perspective of hackers, many potential security vulnerabilities are often discovered. This not only provides a different view of your network system, but also enables you to take the most effective network security measures from the perspective of your enemies, that is, hackers.

Next, let's take a look at the network system analysis process. This process requires open-source tools and related technologies.

Collect information using open-source tools

First, log on to the whois.com website to find the domain name of your enterprise. The search result will show the DNS server used by your network system. Then, some software tools, such as NSlookup, are used to further explore the details of the DNS server.

Next, you need to focus on the public websites of the enterprise and the anonymous FTP server you can find. Note: domain Name, IP address of these domain names, all information of the intrusion detection system, user name, phone number, email address, physical location, published security policy, business partner information, and new mergers and acquisitions enterprise information.

In addition, you must pay special attention to the information displayed and not displayed on these websites. It is best to store these webpages into your computer and use NotepadProgramOpen and viewSource code. Generally, you can view the source of a webpage.CodeA large amount of information is available, which is why some sites intentionally block source code from viewers. In the source code file, you may be able to understand how website developers build websites: the types of software they use, the software version, the website, and the website architecture, sometimes you can even find personal information of some website administrators.

Websites of business partners or sites of new mergers and acquisitions are often the key points of hacker intrusion. These sites are the best breakthrough for indirect intrusion into target sites, which are easily ignored by website administrators and provide a lot of opportunities for hackers. If you do not have enough vigilance and carelessness in this regard, it is very hasty to connect the website of a new business partner with your own website, which will often cause serious consequences, it brings great security threats to your site. Under such circumstances, security issues are more important than business problems, and security operations must be ensured.

Examine the network from the outside

With the above information collection, you can begin to review your network. You can use the path tracing command to view your network topology and access control settings. You will obtain a large number of switch features for bypass access control devices.

Note that the command feedback result varies depending on the operating system used. For UNIX operating systems, UDP can be used, or ICMP can be used. For Windows operating systems, ICMP is used by default to respond to requests (PING ).

You can also use open-source tools to manage a large number of Ping sweep, TCP/UDP protocol scans, and operating system probes. The purpose of this operation is to understand the running status and basic appearance and characteristics of your network system in the eyes of those external visitors. Therefore, you need to check your network system, which ports and services are open or available to external visitors, and whether external visitors can understand the operating systems and some programs you are using, extremely version information. To put it simply, you need to know which ports or services your network system has opened to those external visitors and which sites have the basic information leaked.

Before you start the above work, you must first obtain sufficient authorization to access the entire network system and conduct investigation and analysis on it. Do not inform anyone who understands the information of your kindness. Remember: security protection is an implementation process, not just a technology.