 |
Network Security Assessment, 2nd Edition View Larger Image | Chris McNab
O'Reilly Media, Paperback, 2nd edition, Published November 2007, 456 pages, ISBN 0596510306 | List Price: $39.99
Our Price: $24.95
You Save: $15.04 (38% Off)
| | | Availability: In-Stock |
Read an excerpt:
Chapter 4: IP Network Scanning
Excerpt provided courtesy of O'Reilly Media. Copyright © O'Reilly Media, Inc. Written permission from the publisher is required for any use of this material.
|
Be the First to Write a Review and tell the world about this title!People who purchase this book frequently purchase: - Network Warrior; Gary A. Donahue, $27.95, 38% Off!
- Security Power Tools; Bryan Burns, et al, $37.50, 37% Off!
- The Practice of System and Network Administration, 2nd Edition; Thomas A. Limoncelli, et al, $46.95, 22% Off!
- Linux Networking Cookbook; Carla Schroder, $27.95, 38% Off!
Books on similar topics, in best-seller order:Books from the same publisher, in best-seller order:
How secure is your network? The best way to find out is to attack it. Network
Security Assessment provides you with the tricks and tools professional
security consultants use to identify and assess risks in Internet-based networks-the
same penetration testing model they use to secure government, military, and
commercial networks. With this book, you can adopt, refine, and reuse this testing
model to design and deploy networks that are hardened and immune from attack.
Network Security Assessment demonstrates how a determined attacker
scours Internet-based networks in search of vulnerable components, from the
network to the application level. This new edition is up-to-date on the latest
hacking techniques, but rather than focus on individual issues, it looks at
the bigger picture by grouping and analyzing threats at a high-level. By grouping
threats in this way, you learn to create defensive strategies against entire
attack categories, providing protection now and into the future.
Network Security Assessment helps you assess:
- Web services, including Microsoft IIS, Apache, Tomcat, and subsystems such
as OpenSSL, Microsoft FrontPage, and Outlook Web Access (OWA)
- Web application technologies, including ASP, JSP, PHP, middleware, and backend
databases such as MySQL, Oracle, and Microsoft SQL Server
- Microsoft Windows networking components, including RPC, NetBIOS, and CIFS
services
- SMTP, POP3, and IMAP email services
- IP services that provide secure inbound network access, including IPsec,
Microsoft PPTP, and SSL VPNs
- Unix RPC services on Linux, Solaris, IRIX, and other platforms
- Various types of application-level vulnerabilities that hacker tools and
scripts exploit
Assessment is the first step any organization should take to start managing
information risks correctly. With techniques to identify and assess risks in
line with CESG CHECK and NSA IAM government standards, Network Security
Assessment gives you a precise method to do just that.
Table of Contents
Foreword
Preface
1. Network Security Assessment
The Business Benefits
IP: The Foundation of the Internet
Classifying Internet-Based Attackers
Assessment Service Definitions
Network Security Assessment Methodology
The Cyclic Assessment Approach
2. Network Security Assessment Platform
Virtualization Software
Operating Systems
Reconnaissance Tools
Network Scanning Tools
Exploitation Frameworks
Web Application Testing Tools
3. Internet Host and Network Enumeration
Querying Web and Newsgroup Search Engines
Querying Domain WHOIS Registrars
Querying IP WHOIS Registrars
BGP Querying
DNS Querying
Web Server Crawling
Automating Enumeration
SMTP Probing
Enumeration Technique Recap
Enumeration Countermeasures
4. IP Network Scanning
ICMP Probing
TCP Port Scanning
UDP Port Scanning
IDS Evasion and Filter Circumvention
Low-Level IP Assessment
Network Scanning Recap
Network Scanning Countermeasures
5. Assessing Remote Information Services
Remote Information Services
DNS
Finger
Auth
NTP
SNMP
LDAP
rwho
RPC rusers
Remote Information Services Countermeasures
6. Assessing Web Servers
Web Servers
Fingerprinting Accessible Web Servers
Identifying and Assessing Reverse Proxy Mechanisms
Enumerating Virtual Hosts and Web Sites
Identifying Subsystems and Enabled Components
Investigating Known Vulnerabilities
Basic Web Server Crawling
Web Servers Countermeasures
7. Assessing Web Applications
Web Application Technologies Overview
Web Application Profiling
Web Application Attack Strategies
Web Application Vulnerabilities
Web Security Checklist
8. Assessing Remote Maintenance Services
Remote Maintenance Services
FTP
SSH
Telnet
R-Services
X Windows
Citrix
Microsoft Remote Desktop Protocol
VNC
Remote Maintenance Services Countermeasures
9. Assessing Database Services
Microsoft SQL Server
Oracle
MySQL
Database Services Countermeasures
10. Assessing Windows Networking Services
Microsoft Windows Networking Services
Microsoft RPC Services
The NetBIOS Name Service
The NetBIOS Datagram Service
The NetBIOS Session Service
The CIFS Service
Unix Samba Vulnerabilities
Windows Networking Services Countermeasures
11. Assessing Email Services
Email Service Protocols
SMTP
POP-2 and POP-3
IMAP
Email Services Countermeasures
12. Assessing IP VPN Services
IPsec VPNs
Attacking IPsec VPNs
Microsoft PPTP
SSL VPNs
VPN Services Countermeasures
13. Assessing Unix RPC Services
Enumerating Unix RPC Services
RPC Service Vulnerabilities
Unix RPC Services Countermeasures
14. Application-Level Risks
The Fundamental Hacking Concept
Why Software Is Vulnerable
Network Service Vulnerabilities and Attacks
Classic Buffer-Overflow Vulnerabilities
Heap Overflows
Integer Overflows
Format String Bugs
Memory Manipulation Attacks Recap
Mitigating Process Manipulation Risks
Recommended Secure Development Reading
15. Running Nessus
Nessus Architecture
Deployment Options and Prerequisites
Nessus Installation
Configuring Nessus
Running Nessus
Nessus Reporting
Running Nessus Recap
16. Exploitation Frameworks
Metasploit Framework
CORE IMPACT
Immunity CANVAS
Exploitation Frameworks Recap
A. TCP, UDP Ports, and ICMP Message Types
B. Sources of Vulnerability Information
C. Exploit Framework Modules
Index
About the Author
Chris McNab is the technical director of Matta, a vendor-independent security
consulting outfit based in the United Kingdom. Since 2000, Chris has presented
and run applied hacking courses across Europe, training a large number of financial,
retail, and government clients in practical attack and penetration techniques,
so that they can assess and protect their own networks effectively.
Chris speaks at a number of security conferences and seminars, and is routinely
called to comment on security events and other breaking news. He has appeared
on television and radio stations in the UK (including BBC 1 and Radio 4), and
in a number of publications and computing magazines.
Responsible for the provision of security assessment services at Matta, Chris
and his team undertake Internet-based, internal, application, and wireless security
assessment work, providing clients with practical and sound technical advice
relating to secure network design and hardening strategies. Chris boasts a 100%
success rate when compromising the networks of multinational corporations and
financial services companies over the last five years.
|
|
