|
Network Security Assessment 2nd Edition
How secure is your network? The best way to find out is to
attack it. Network Security Assessment provides you with the
tricks and tools professional security consultants use to
identify and assess risks in Internet-based networks-the
same penetration testing model they use to secure
government, military, and commercial networks.
With this
book, you can adopt, refine, and reuse this testing model to
design and deploy networks that are hardened and immune from
attack.
Network Security Assessment demonstrates how a determined
attacker scours Internet-based networks in search of
vulnerable components, from the network to the application
level. This new edition is up-to-date on the latest hacking
techniques, but rather than focus on individual issues, it
looks at the bigger picture by grouping and analyzing
threats at a high-level. By grouping threats in this way,
you learn to create defensive strategies against entire
attack categories, providing protection now and into the
future.
Network Security Assessment helps you assess:
Web services, including Microsoft IIS, Apache, Tomcat, and
subsystems such as OpenSSL, Microsoft FrontPage, and Outlook
Web Access (OWA)
Web application technologies, including ASP, JSP, PHP,
middleware, and backend databases such as MySQL, Oracle, and
Microsoft SQL Server
Microsoft Windows networking components, including RPC,
NetBIOS, and CIFS services
SMTP, POP3, and IMAP email services
IP services that provide secure inbound network access,
including IPsec, Microsoft PPTP, and SSL VPNs
Unix RPC services on Linux, Solaris, IRIX, and other
platforms
Various types of application-level vulnerabilities that
hacker tools and scripts exploit
Assessment is the first step any organization should take to
start managing information risks correctly. With techniques
to identify and assess risks in line with CESG CHECK and NSA
IAM government standards, Network Security Assessment gives
you a precise method to do just that.
CONTENTS:
Foreword
Preface
1. Network Security Assessment
The Business Benefits
IP: The Foundation of the Internet
Classifying Internet-Based Attackers
Assessment Service Definitions
Network Security Assessment Methodology
The Cyclic Assessment Approach
2. Network Security Assessment Platform
Virtualization Software
Operating Systems
Reconnaissance Tools
Network Scanning Tools
Exploitation Frameworks
Web Application Testing Tools
3. Internet Host and Network Enumeration
Querying Web and Newsgroup Search Engines
Querying Domain WHOIS Registrars
Querying IP WHOIS Registrars
BGP Querying
DNS Querying
Web Server Crawling
Automating Enumeration
SMTP Probing
Enumeration Technique Recap
Enumeration Countermeasures
4. IP Network Scanning
ICMP Probing
TCP Port Scanning
UDP Port Scanning
IDS Evasion and Filter Circumvention
Low-Level IP Assessment
Network Scanning Recap
Network Scanning Countermeasures
5. Assessing Remote Information Services
Remote Information Services
DNS
Finger
Auth
NTP
SNMP
LDAP
rwho
RPC rusers
Remote Information Services Countermeasures
6. Assessing Web Servers
Web Servers
Fingerprinting Accessible Web Servers
Identifying and Assessing Reverse Proxy Mechanisms
Enumerating Virtual Hosts and Web Sites
Identifying Subsystems and Enabled Components
Investigating Known Vulnerabilities
Basic Web Server Crawling
Web Servers Countermeasures
7. Assessing Web Applications
Web Application Technologies Overview
Web Application Profiling
Web Application Attack Strategies
Web Application Vulnerabilities
Web Security Checklist
8. Assessing Remote Maintenance Services
Remote Maintenance Services
FTP
SSH
Telnet
R-Services
X Windows
Citrix
Microsoft Remote Desktop Protocol
VNC
Remote Maintenance Services Countermeasures
9. Assessing Database Services
Microsoft SQL Server
Oracle
MySQL
Database Services Countermeasures
10. Assessing Windows Networking Services
Microsoft Windows Networking Services
Microsoft RPC Services
The NetBIOS Name Service
The NetBIOS Datagram Service
The NetBIOS Session Service
The CIFS Service
Unix Samba Vulnerabilities
Windows Networking Services Countermeasures
11. Assessing Email Services
Email Service Protocols
SMTP
POP-2 and POP-3
IMAP
Email Services Countermeasures
12. Assessing IP VPN Services
IPsec VPNs
Attacking IPsec VPNs
Microsoft PPTP
SSL VPNs
VPN Services Countermeasures
13. Assessing Unix RPC Services
Enumerating Unix RPC Services
RPC Service Vulnerabilities
Unix RPC Services Countermeasures
14. Application-Level Risks
The Fundamental Hacking Concept
Why Software Is Vulnerable
Network Service Vulnerabilities and Attacks
Classic Buffer-Overflow Vulnerabilities
Heap Overflows
Integer Overflows
Format String Bugs
Memory Manipulation Attacks Recap
Mitigating Process Manipulation Risks
Recommended Secure Development Reading
15. Running Nessus
Nessus Architecture
Deployment Options and Prerequisites
Nessus Installation
Configuring Nessus
Running Nessus
Nessus Reporting
Running Nessus Recap
16. Exploitation Frameworks
Metasploit Framework
CORE IMPACT
Immunity CANVAS
Exploitation Frameworks Recap
A. TCP, UDP Ports, and ICMP Message Types
B. Sources of Vulnerability Information
C. Exploit Framework Modules
Index
|
