The ping is an important utility of the Internet Control Message Protocol (ICMP) that helps in verifying that a given host is operational (Chen & Davis, 2006). Ping sweeps are used to detect the IP addresses that are being used by live hosts. Ping messages are made up of a pair of ICMP messages referred to as Echo Request and Echo Reply (Chen & Davis, 2006). Unfortunately, ping is usually taken advantage of by attackers to scan a block of IP addresses for a set of active hosts. There are many tools that can perform a ping sweep, and this further makes it easy for attackers to exploit. The major advantage is that ping sweeps can easily be noticed. In addition, it possible for ICMP messages to be blocked, and therefore some organizations might opt to block these messages as a safety precaution. When the administrator wants to carry out a ping sweep, he may enable the ICMP messages temporarily and block them after the ping sweep (Chen & Davis, 2006). Generally, ping sweeps are an old and slower technology, and are rarely used today.
A port scan refers to a series of messages sent by an individual with the intent of breaking into a computer system (Christopher, 2014). The messages are sent to each port one by one. Once the attacker breaks into the computer, he will be able to learn about the computer network services each associated with a port number provided by that computer (Christopher, 2014). The attacker can also learn about the owners of these services and understand whether or not anonymous logins are supported on that computer. A server that is publicly accessible is highly susceptible to port scans. Luckily, port scans are easy to detect. In addition, using the proper tools, the amount of information relating to open services can be limited. One way of limiting this information is the use of TCP Wrappers which allow the administrator greater levels of flexibility