Network Security Assessment [Elektronisk resurs] Know Your Network.
-
McNab, Chris. (författare)
- ISBN 9780596552558
- Publicerad: Sebastopol : O'Reilly Media, Inc. 2009
- Engelska 1 online resource (400 p.)
Innehållsförteckning
Sammanfattning
Ämnesord
Stäng
- Network Security Assessment; Preface; CESG CHECK; Hackers Defined; Organization; Audience; Mirror Site for Tools Mentioned in This Book; Using Code Examples; Conventions Used in This Book; Comments and Questions; Acknowledgments; 1. Network Security Assessment; 1.2. IP: The Foundation of the Internet; 1.3. Classifying Internet-Based Attackers; 1.4. Assessment Service Definitions; 1.5. Network Security Assessment Methodology; 1.5.2. Bulk Network Scanning and Probing; 1.5.3. Investigation of Vulnerabilities; 1.5.4. Exploitation of Vulnerabilities; 1.6. The Cyclic Assessment Approach.
- 2. The Tools Required2.1.2. Linux; 2.1.3. MacOS X; 2.1.4. VMware; 2.2. Free Network Scanning Tools; 2.2.2. Nessus; 2.2.3. NSAT; 2.2.4. Foundstone SuperScan; 2.3. Commercial Network Scanning Tools; 2.4. Protocol-Dependent Assessment Tools; 2.4.1.2. Brute-force password guessing tools; 2.4.2. DNS; 2.4.3. HTTP and HTTPS; 3. Internet Host and Network Enumeration; 3.1.1.2. Effective search query strings; 3.1.2. Searching Newsgroups; 3.2. NIC Querying; 3.2.1.2. Using the Unix whois utility; 3.2.1.3. Directly querying ARIN; 3.2.1.4. Harvesting user details through WHOIS; 3.3. DNS Querying.
- 3.3.1.2. Forward DNS querying through host3.3.1.3. Forward DNS querying through dig; 3.3.1.4. Information retrieved through forward DNS querying; 3.3.2. DNS Zone Transfer Techniques; 3.3.2.2. Information retrieved through DNS zone transfer; 3.3.2.3. Performing DNS zone transfers using host and dig; 3.3.2.4. Further querying; 3.3.2.5. Mapping subdomains with host; 3.3.2.6. Example of a DNS zone transfer refusal; 3.3.3. Reverse DNS Sweeping; 3.3.4. SMTP Probing; 3.4. Enumeration Technique Recap; 3.5. Enumeration Countermeasures; 4. IP Network Scanning; 4.1.2. nmap.
- 4.1.3. Gleaning Internal IP Addresses4.1.4. Identifying Subnet Broadcast Addresses; 4.2. TCP Port Scanning; 4.2.1.2. Half-open SYN flag scanning; 4.2.2. Stealth TCP Scanning Methods; 4.2.2.2. ACK flag probe scanning; 4.2.2.2.2. Analysis of the WINDOW field of received packets; 4.2.2.2.3. Tools that perform ACK flag probe scanning; 4.2.3. Third-Party and Spoofed TCP Scanning Methods; 4.2.3.2. Proxy bounce scanning; 4.2.3.3. Sniffer-based spoofed scanning; 4.2.3.4. IP ID header scanning; 4.3. UDP Port Scanning; 4.4. IDS Evasion and Filter Circumvention; 4.4.1.2. fragroute; 4.4.1.3. nmap.
- 4.4.2. Emulating Multiple Attacking Hosts4.4.3. Source Routing; 4.4.3.1.2. lsrtunnel; 4.4.4. Using Specific TCP and UDP Source Ports; 4.5. Low-Level IP Assessment; 4.5.1.2. firewalk; 4.5.2. Passively Monitoring ICMP Responses; 4.5.3. IP Fingerprinting; 4.5.4. TCP Sequence and IP ID Incrementation; 4.6. Network Scanning Recap; 4.7. Network Scanning Countermeasures; 5. Assessing Remote Information Services; 5.2. systat and netstat; 5.3. DNS; 5.3.2. DNS Zone Transfers; 5.3.3. DNS Information Leaks and Reverse Lookup Attacks; 5.3.4. BIND Vulnerabilities.
- 5.3.5. Microsoft DNS Service Vulnerabilities.
- There are hundreds--if not thousands--of techniques used to compromise both Windows and Unix-based systems. Malicious code and new exploit scripts are released on a daily basis, and each evolution becomes more and more sophisticated. Keeping up with the myriad of systems used by hackers in the wild is a formidable task, and scrambling to patch each potential vulnerability or address each new attack one-by-one is a bit like emptying the Atlantic with paper cup. If you're a network administrator, the pressure is on you to defend your systems from attack. But short of devoting your life to bec
Ämnesord
- Computer networks --Security measures --Evaluation.
- Computers --Access control --Evaluation.
Genre
- Electronic books. (LCSH)
Klassifikation
- QA76.9.A25M4355 2004 (LCC)
- 005.8 (DDC)
- Pubds (kssb/8 (machine generated))
Inställningar
Hjälp
Titeln finns på 5 bibliotek.
Ange som favorit
-
Kungliga Tekniska högskolan, E-resurser (Tdig)Ange som favorit
-
Bibliotekets lokala katalog
-
-
Läs hela (Online access for KTHB) (fulltext) (O'Reilly Learning)
Öppettider, adress m.m.
Ange som favorit
-
Göteborgs universitetsbibliotek, E-resurser (Gdix)Ange som favorit
-
Bibliotekets lokala katalogFind@GU
-
-
Läs hela (Tillgänglig för Göteborgs universitet / Online access for the University of Gothenburg) (O'Reilly Online Learning: Academic/Public Library Edition:Full Text)
Öppettider, adress m.m.
-
Högskolan i Borås, Biblioteket, Digitala resurser (Hibd)Ange som favorit
-
Bibliotekets lokala katalog
-
-
Läs hela (Tillgänglig för användare inom Högskolan i Borås) (fulltext) (O’Reilly eBooks)
Öppettider, adress m.m.
Ange som favorit
-
Blekinge Tekniska Högskola, biblioteket, Digitala resurser (Bthd)Ange som favorit
-
Bibliotekets webbplats
-
-
Läs hela (Online access for BTH) (O'Reilly Online Learning: Academic/Public Library Edition)
Öppettider, adress m.m.
-
Högskolan Kristianstad, E-resurser (KrhE)Ange som favorit
-
Bibliotekets webbplats
-
-
Läs hela (Online access for HKR) (O'Reilly Academic)
Öppettider, adress m.m.