Friday, November 8, 2013

How to Find out If Someone Has Hacked Your Network

Each computer on a local area network, or LAN, needs to have a unique Internet Protocol (IP) address to be able to use the network for any form of communication. This includes both authorized and unauthorized users of the network. A hacker may get into your network by exploiting a software vulnerability, by convincing a legitimate network user to perform unsafe actions or by gaining physical access. Wireless installations bring up the possibility of hackers joining the networks without even being physically present, as radio signals are broadcast in all directions. You can find out if unauthorized users are in your network.

Suggestions

  1. Log into a computer that is connected to the LAN.
  2. Find the IP address for your computer. How to do this depends on your operating system. For example, on Windows, click "Start," type "run" into the Search box and then click "Run." Enter "cmd" and press "Enter," then click on the newly opened Command window. Type this command:
    ipconfig /all
    Press "Enter." Your current IP address is immediately after "IPv4 Address."

  3. Log into every other legitimate, authorized computer on the network and get its IP address as in Step 2. Make a list with all the IP addresses of authorized computers.

  4. Find out the subnet mask. For example, on Windows, the mask is immediately after "Subnet Mask" when you run "ipconfig /all" on any computer in the LAN.

  5. Convert the mask to binary. You can use Easycalculation.com's Decimal to Binary and Hexadecimal Converter page. Convert one number in the mask at a time. For example, if the mask is 255.255.128.0, the binary equivalent is 11111111.11111111.11000000.00000000.

  6. Count the number of ones in the binary mask. For example, 11111111.11111111.11000000.00000000 has 18 ones.

  7. Invoke the "Nmap" port scanner application to list the IP addresses of all live computers on the LAN (including both authorized and unauthorized users), by typing the following command into a Command window:

    nmap -v -sP 192.168.31.147/18
    Replace "192.168.31/147" with the IP address of your computer. Replace "18" with the number of ones from Step 6. Press "Enter."

  8. Find all live IP addresses in the output of Nmap; they are in lines that also contain the text "appears to be up." Check each of them against the list of authorized addresses from Step 3. All computers not in the list are unauthorized and deserve additional investigation.


The Executive Suite

___________________________________________

 

No comments:

Post a Comment