Network security assessment / Chris McNab.

Format:

Book

Author/Creator:

McNab, Chris (Chris R.), 1980-

Language:

English

Subjects (All):

Computer networks--Security measures--Evaluation.

Computer networks.

Computers--Access control--Evaluation.

Computers.

Physical Description:

1 online resource (400 p.)

Edition:

First edition.

Place of Publication:

Sebastopol, California : O'Reilly Media, Inc., 2004.

Language Note:

English

System Details:

text file

Summary:

There are hundreds--if not thousands--of techniques used to compromise both Windows and Unix-based systems. Malicious code and new exploit scripts are released on a daily basis, and each evolution becomes more and more sophisticated. Keeping up with the myriad of systems used by hackers in the wild is a formidable task, and scrambling to patch each potential vulnerability or address each new attack one-by-one is a bit like emptying the Atlantic with paper cup. If you're a network administrator, the pressure is on you to defend your systems from attack. But short of devoting your

Contents:

Network Security Assessment; Preface; CESG CHECK; Hackers Defined; Organization; Audience; Mirror Site for Tools Mentioned in This Book; Using Code Examples; Conventions Used in This Book; Comments and Questions; Acknowledgments; 1. Network Security Assessment; 1.2. IP: The Foundation of the Internet; 1.3. Classifying Internet-Based Attackers; 1.4. Assessment Service Definitions; 1.5. Network Security Assessment Methodology; 1.5.2. Bulk Network Scanning and Probing; 1.5.3. Investigation of Vulnerabilities; 1.5.4. Exploitation of Vulnerabilities; 1.6. The Cyclic Assessment Approach

2. The Tools Required2.1.2. Linux; 2.1.3. MacOS X; 2.1.4. VMware; 2.2. Free Network Scanning Tools; 2.2.2. Nessus; 2.2.3. NSAT; 2.2.4. Foundstone SuperScan; 2.3. Commercial Network Scanning Tools; 2.4. Protocol-Dependent Assessment Tools; 2.4.1.2. Brute-force password guessing tools; 2.4.2. DNS; 2.4.3. HTTP and HTTPS; 3. Internet Host and Network Enumeration; 3.1.1.2. Effective search query strings; 3.1.2. Searching Newsgroups; 3.2. NIC Querying; 3.2.1.2. Using the Unix whois utility; 3.2.1.3. Directly querying ARIN; 3.2.1.4. Harvesting user details through WHOIS; 3.3. DNS Querying

3.3.1.2. Forward DNS querying through host3.3.1.3. Forward DNS querying through dig; 3.3.1.4. Information retrieved through forward DNS querying; 3.3.2. DNS Zone Transfer Techniques; 3.3.2.2. Information retrieved through DNS zone transfer; 3.3.2.3. Performing DNS zone transfers using host and dig; 3.3.2.4. Further querying; 3.3.2.5. Mapping subdomains with host; 3.3.2.6. Example of a DNS zone transfer refusal; 3.3.3. Reverse DNS Sweeping; 3.3.4. SMTP Probing; 3.4. Enumeration Technique Recap; 3.5. Enumeration Countermeasures; 4. IP Network Scanning; 4.1.2. nmap

4.1.3. Gleaning Internal IP Addresses4.1.4. Identifying Subnet Broadcast Addresses; 4.2. TCP Port Scanning; 4.2.1.2. Half-open SYN flag scanning; 4.2.2. Stealth TCP Scanning Methods; 4.2.2.2. ACK flag probe scanning; 4.2.2.2.2. Analysis of the WINDOW field of received packets; 4.2.2.2.3. Tools that perform ACK flag probe scanning; 4.2.3. Third-Party and Spoofed TCP Scanning Methods; 4.2.3.2. Proxy bounce scanning; 4.2.3.3. Sniffer-based spoofed scanning; 4.2.3.4. IP ID header scanning; 4.3. UDP Port Scanning; 4.4. IDS Evasion and Filter Circumvention; 4.4.1.2. fragroute; 4.4.1.3. nmap

4.4.2. Emulating Multiple Attacking Hosts4.4.3. Source Routing; 4.4.3.1.2. lsrtunnel; 4.4.4. Using Specific TCP and UDP Source Ports; 4.5. Low-Level IP Assessment; 4.5.1.2. firewalk; 4.5.2. Passively Monitoring ICMP Responses; 4.5.3. IP Fingerprinting; 4.5.4. TCP Sequence and IP ID Incrementation; 4.6. Network Scanning Recap; 4.7. Network Scanning Countermeasures; 5. Assessing Remote Information Services; 5.2. systat and netstat; 5.3. DNS; 5.3.2. DNS Zone Transfers; 5.3.3. DNS Information Leaks and Reverse Lookup Attacks; 5.3.4. BIND Vulnerabilities

5.3.5. Microsoft DNS Service Vulnerabilities

Notes:

Includes bibliographical references (p. 354-355) and index.

"Know your network"--Cover.

Includes index.

Description based on print version record.

ISBN:

9780596520809

0596520808

9780596552558

0596552556

OCLC:

609841314