Answer: provided in the explanation section
Explanation:
Network’s vulnerabilities:
Vulnerability is a weak spot in your network that might be exploited by a security threat. Risks are the potential consequences and impacts of unaddressed vulnerabilities. In other words, failing to do Windows Updates on your Web server is vulnerability.
Regularly scheduled network vulnerability scanning can help an organization identify weaknesses in their network security before the bad guys can mount an attack. The goal of running a vulnerability scanner or conducting an external vulnerability assessments is to identify devices on your network that are open to known vulnerabilities without actually compromising your systems.
The overall objective of a Vulnerability Assessment is to scan, investigate, analyze and report on the level of risk associated with any security vulnerabilities discovered on the public, internet-facing devices and to provide your organization with appropriate mitigation strategies to address those discovered vulnerabilities.
Network topology issues:
Coverage Topology
Coverage problem reflects how well an area is monitored or tracked. The coverage and connectivity problems in networks have received considerable attention in the research community in recent years
Geographic routing
Geographic routing uses geographic and topological information of the network to achieve optimal routing schemes with high routing efficiency and low power consumption
Port Numbers
Port Numbers While IP addresses determine the physical endpoints of a network connection, port numbers determine the logical endpoints of the connection. Port numbers are 16-bit integers with a useful range from 1 to 65535.
Port numbers are assigned by an organization called IANA and ports are allocated to various needs to avoid confusion.
Ports are classified into 3 main categories.
Well Known Ports (Port numbers 0 - 1023)
In a client-server application, the server usually provides its service on a well-known port number. Well-known port numbers are a subset of the numbers which are assigned to applications. According to RFC1700 [5], well-known port numbers are managed by the Internet Assigned Numbers Authority (IANA). They used to be in the range from 1 to 255, but in 1992 the range was increased up to 1023.
Registered Ports (Port numbers1024 - 49151)
Such ports are used by programs run by users in the system.
In addition to the well-known ports below 1024 there are more port numbers assigned to applications but are located anywhere from 1024 to 65535.
Private or Dynamic Ports (Port numbers 49152 - 65535)
Private ports are not assigned for any specific purpose.
Discuss the concepts of well-known ports and give a brief description of the most commonly used ports: 20, 21, 23, 25, 53, and 110.
Commonly Used Port Numbers
The following port numbers are unofficial list of commonly used for linux/unix based servers.
20&21 TCP FTP (File server protocol)
FTP is one of the most commonly used file transfer protocols on the Internet and within private networks. An FTP server can easily be set up with little networking knowledge and provides the ability to easily relocate files from one system to another. FTP control is handled on TCP port 21 and its data transfer can use TCP port 20 as well as dynamic ports depending on the specific configuration.
23 TCP/UDP Telnet
Telnet is the primary method used to manage network devices at the command level. Unlike SSH which provides a secure connection, Telnet does not, it simply provides a basic unsecured connection. Many lower level network devices support Telnet and not SSH as it required some additional processing. Caution should be used when connecting to a device using Telnet over a public network as the login credentials will be transmitted in the clear.
25 TCP/UDP SMTP (for sending outgoing emails)
SMTP is used for two primary functions, it is used to transfer mail (email) from source to destination between mail servers and it is used by end users to send email to a mail system.
53 TCP/UDP DNS Server (Domain name service for DNS request)
The DNS is used widely on the public internet and on private networks to translate domain names into IP addresses, typically for network routing. DNS is hieratical with main root servers that contain databases that list the managers of high level Top Level Domains (TLD) (such as .com). T
110 TCP POP3 (For receiving emails)
POP version 3 is one of the two main protocols used to retrieve mail from a server. POP was designed to be very simple by allowing a client to retrieve the complete contents of a server mailbox and then deleting the contents from the server.
