You are previewing Network Security Assessment, 3rd Edition.
O'Reilly logo
Network Security Assessment, 3rd Edition

Book Description

How secure is your network? The best way to find out is to attack it. Network Security Assessment provides you with the tools and techniques that professional security analysts use to identify and assess risks in government, military, and commercial networks. Armed with this book, you can work to create environments that are hardened and immune from unauthorized use and attack. The third edition is a complete overhaul—grouping and detailing the latest hacking techniques used to attack enterprise networks.

Table of Contents

  1. Cover Page
  2. Preface
    1. Overview
    2. Audience
    3. Organization
    4. Use of RFC and CVE References
    5. Vulnerabilities Covered in This Book
    6. Recognized Assessment Standards
      1. NIST SP 800-115
      2. NSA IAM
      3. CESG CHECK
      4. CESG Recognized Qualifications
      5. PCI DSS
    7. Mirror Site for Tools Mentioned in This Book
    8. Using Code Examples
    9. Conventions Used in This Book
    10. Comments and Questions
    11. Acknowledgements
      1. Technical Reviewers & Contributors
  3. 1 Network Security Assessment
    1. The State of the Art
    2. Threats and Attack Surface
      1. Attacking Desktop Software
      2. Attacking Server Software
      3. Attacking Web Applications
      4. Exposed Logic
        1. Exposed Logic Examples
        2. Understanding and Exploiting Exposed Logic
    3. Flavors of Assessment
      1. Static Analysis
        1. Design review
        2. Configuration review
        3. Static code analysis
      2. Dynamic Testing
        1. Network infrastructure testing
        2. Web application testing
        3. Web service testing
        4. Internet-based social engineering
    4. What This Book Covers
  4. 2 Assessment Workflow & Tools
    1. Network Security Assessment Methodology
      1. Reconnaissance
      2. Vulnerability Scanning
      3. Investigation of Vulnerabilities
        1. Public vulnerability sources
        2. Private vulnerability sources
      4. Exploitation of Vulnerabilities
      5. An Iterative Assessment Approach
    2. Your Testing Platform
      1. Updating Kali Linux
      2. Deploying a Vulnerable Server Image
  5. 4 Internet Network Discovery
    1. Querying Search Engines and Websites
      1. Google Search
        1. Enumerating Contact Details
        2. Identifying Web Servers
        3. Obtaining VPN Configuration Files
      2. Querying Netcraft
      3. Using SHODAN
      4. DomainTools
      5. PGP Public Key Servers
      6. Searching Linkedin
    2. Domain WHOIS
      1. Manual WHOIS Querying
    3. IP WHOIS
      1. IP WHOIS Querying Tools and Examples
        1. Enumerating Database Objects via WHOIS
        2. Using WHOIS Web Interfaces
    4. BGP Enumeration
    5. DNS Querying
      1. Forward DNS Querying
        1. Manual Querying
        2. Automated Querying
        3. Obtaining SRV Records
      2. DNS Zone Transfer Techniques
      3. Forward DNS Grinding
        1. Dictionary Attack
        2. NSEC and NSEC3 Enumeration
      4. Reverse DNS Sweeping
      5. IPv6 Host Enumeration
      6. Cross-Referencing DNS Datasets
    6. SMTP Probing
    7. Automating Enumeration
    8. Enumeration Technique Recap
    9. Enumeration Countermeasures
  6. Footnotes
    1. Preface
    2. 1 Network Security Assessment
    3. 2 Assessment Workflow & Tools
    4. 4 Internet Network Discovery