Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 506 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
506
Dung lượng
6,03 MB
Nội dung
[...]... appendix: Preface | xix Chapter 1, NetworkSecurity Assessment, discusses the rationale behind networksecurityassessment and introduces security as a process, not a product Chapter 2, NetworkSecurityAssessment Platform, covers the various operating systems and tools that make up a professional security consultant’s attack platform Chapter 3, Internet Host and Network Enumeration, logically walks... comprehensive blueprint for security testing and assessment xxiv | Preface Chapter 1 CHAPTER 1 NetworkSecurityAssessment 1 This chapter discusses the rationale behind Internet-based networksecurityassessment and penetration testing at a high level To retain complete control over your networks and data, you must take a proactive approach to security, an approach that starts with assessment to identify... this book NetworkSecurityAssessment Methodology The best practice assessment methodology used by determined attackers and networksecurity consultants involves four distinct high-level components: • Network reconnaissance to identify IP networks and hosts of interest • Bulk network scanning and probing to identify potentially vulnerable hosts • Investigation of vulnerabilities and further network probing... the networking protocol suite all public Internet sites currently use to communicate and transmit data to one another From a networksecurityassessment methodology standpoint, this book comprehensively discusses the steps that should be taken during the securityassessment of any IPv4 network IPv6 is an improved protocol that is gaining popularity among academic networks IPv6 offers a 128-bit network. .. Figure 1-2 The cyclic approach to networksecurityassessment 8 | Chapter 1: NetworkSecurityAssessment Account usernames Brute Force Password Grinding Using multipe vectors (remote maintenance, email, and FTP services in particular) to compromise valid user passwords This flowchart includes network enumeration, then bulk network scanning, and finally specific service assessment It may be the case that... formulate effective countermeasures and risk mitigation strategies Network Security Assessment Methodology | 7 The Cyclic Assessment Approach Assessment of large networks in particular can become a very cyclic process if you are testing the networks of an organization in a blind sense and are given minimal information As you test the network, information leak bugs can be abused to find different types... assurance and understanding of the technical security of the network, along with adherence to security policy and incident response procedures In this book, I discuss assessment of technical security and improving the integrity and resilience of IP networks Taking heed of the advice presented here and acting in a proactive fashion ensures a decent level of network security IP: The Foundation of the Internet... identify and categorize your risks Networksecurity assessment is an integral part of any security life cycle The Business Benefits From a commercial standpoint, information assurance is a business enabler As a security consultant, I have helped a number of clients in the retail sector secure their 802.11 wireless networks used in stores By designing and implementing secure networks, these retailers can... of security mechanisms This complete methodology is relevant to Internet-based networks being tested in a blind fashion with limited target information (such as a single DNS domain name) If a consultant is enlisted to assess a specific block of IP space, he skips initial network enumeration and commences bulk network scanning and investigation of vulnerabilities 4 | Chapter 1: NetworkSecurity Assessment. .. policies After gaining insight into accessible hosts and network services, analysts can begin offline analysis of the bulk results and investigate the latest vulnerabilities in accessible network services Network Security Assessment Methodology | 5 Investigation of Vulnerabilities New vulnerabilities in network services are disclosed daily to the security community and the underground alike through Internet . Attackers 2
Assessment Service Definitions 3
Network Security Assessment Methodology 4
The Cyclic Assessment Approach 8
2. Network Security Assessment Platform
free.
Network Security Assessment
SECOND EDITION
Chris McNab
Beijing
•
Cambridge
•
Farnham
•
Köln
•
Paris
•
Sebastopol
•
Taipei
•
Tokyo
Network Security Assessment,