Flylib.com
Network Security Assessment: Know Your Network
Network Security Assessment: Know Your Network
ISBN: 059600611X
EAN: 2147483647
Year: 2006
Pages: 166
Authors:
Chris McNab
BUY ON AMAZON
Network Security Assessment
Table of Contents
Copyright
Foreword
About Bob Ayers
Preface
Recognized Assessment Standards
Hackers Defined
Organization
Audience
Mirror Site for Tools Mentioned in This Book
Using Code Examples
Conventions Used in This Book
Comments and Questions
Acknowledgments
Chapter 1. Network Security Assessment
1.1 The Business Benefits
1.2 IP: The Foundation of the Internet
1.3 Classifying Internet-Based Attackers
1.4 Assessment Service Definitions
1.5 Network Security Assessment Methodology
1.6 The Cyclic Assessment Approach
Chapter 2. The Tools Required
2.1 The Operating Systems
2.2 Free Network Scanning Tools
2.3 Commercial Network Scanning Tools
2.4 Protocol-Dependent Assessment Tools
Chapter 3. Internet Host and Network Enumeration
3.1 Web Search Engines
3.2 NIC Querying
3.3 DNS Querying
3.4 Enumeration Technique Recap
3.5 Enumeration Countermeasures
Chapter 4. IP Network Scanning
4.1 ICMP Probing
4.2 TCP Port Scanning
4.3 UDP Port Scanning
4.4 IDS Evasion and Filter Circumvention
4.5 Low-Level IP Assessment
4.6 Network Scanning Recap
4.7 Network Scanning Countermeasures
Chapter 5. Assessing Remote Information Services
5.1 Remote Information Services
5.2 systat and netstat
5.3 DNS
5.4 finger
5.5 auth
5.6 SNMP
5.7 LDAP
5.8 rwho
5.9 RPC rusers
5.10 Remote Information Services Countermeasures
Chapter 6. Assessing Web Services
6.1 Web Services
6.2 Identifying the Web Service
6.3 Identifying Subsystems and Components
6.4 Investigating Web Service Vulnerabilities
6.5 Accessing Poorly Protected Information
6.6 Assessing CGI Scripts and Custom ASP Pages
6.7 Web Services Countermeasures
Chapter 7. Assessing Remote Maintenance Services
7.1 Remote Maintenance Services
7.2 SSH
7.3 Telnet
7.4 R-Services
7.5 X Windows
7.6 Microsoft Remote Desktop Protocol
7.7 VNC
7.8 Citrix
7.9 Remote Maintenance Services Countermeasures
Chapter 8. Assessing FTP and Database Services
8.1 FTP
8.2 FTP Banner Grabbing and Enumeration
8.3 FTP Brute-Force Password Guessing
8.4 FTP Bounce Attacks
8.5 Circumventing Stateful Filters Using FTP
8.6 FTP Process Manipulation Attacks
8.7 FTP Services Countermeasures
8.8 Database Services
8.9 Microsoft SQL Server
8.10 Oracle
8.11 MySQL
8.12 Database Services Countermeasures
Chapter 9. Assessing Windows Networking Services
9.1 Microsoft Windows Networking Services
9.2 Microsoft RPC Services
9.3 The NetBIOS Name Service
9.4 The NetBIOS Datagram Service
9.5 The NetBIOS Session Service
9.6 The CIFS Service
9.7 Unix Samba Vulnerabilities
9.8 Windows Networking Services Countermeasures
Chapter 10. Assessing Email Services
10.1 Email Service Protocols
10.2 SMTP
10.3 POP-2 and POP-3
10.4 IMAP
10.5 Email Services Countermeasures
Chapter 11. Assessing IP VPN Services
11.1 IPsec VPNs
11.2 Attacking IPsec VPNs
11.3 Check Point VPN Security Issues
11.4 Microsoft PPTP
11.5 VPN Services Countermeasures
Chapter 12. Assessing Unix RPC Services
12.1 Enumerating Unix RPC Services
12.2 RPC Service Vulnerabilities
12.3 Unix RPC Services Countermeasures
Chapter 13. Application-Level Risks
13.1 The Fundamental Hacking Concept
13.2 The Reasons Why Software Is Vulnerable
13.3 Network Service Vulnerabilities and Attacks
13.4 Classic Buffer-Overflow Vulnerabilities
13.5 Heap Overflows
13.6 Integer Overflows
13.7 Format String Bugs
13.8 Memory Manipulation Attacks Recap
13.9 Mitigating Process Manipulation Risks
13.10 Recommended Secure Development Reading
Chapter 14. Example Assessment Methodology
14.1 Network Scanning
14.2 Accessible Network Service Identification
14.3 Investigation of Known Vulnerabilities
14.4 Network Service Testing
14.5 Methodology Flow Diagram
14.6 Recommendations
14.7 Closing Comments
Appendix A. TCP, UDP Ports, and ICMP Message Types
A.1 TCP Ports
A.2 UDP Ports
A.3 ICMP Message Types
Appendix B. Sources of Vulnerability Information
B.1 Security Mailing Lists
B.2 Vulnerability Databases and Lists
B.3 Underground Web Sites
B.4 Security Events and Conferences
Colophon
Index
index_SYMBOL
index_A
index_B
index_C
index_D
index_E
index_F
index_G
index_H
index_I
index_J
index_K
index_L
index_M
index_N
index_O
index_P
index_Q
index_R
index_S
index_T
index_U
index_V
index_W
index_X
index_Y
Network Security Assessment: Know Your Network
ISBN: 059600611X
EAN: 2147483647
Year: 2006
Pages: 166
Authors:
Chris McNab
BUY ON AMAZON
Lotus Notes and Domino 6 Development (2nd Edition)
Sharing Images Within a Database
Creating a Frameset
Calculations
Analyzing Domino Applications
Using the Design Synopsis
Software Configuration Management
Introduction to Software Configuration Management
The DoD CM Process Model
Configuration Identification
Configuration Verification and Audit
Appendix E Test Plan
Adobe After Effects 7.0 Studio Techniques
Making the Most of the UI
Optimizing Your Projects
Effective Motion Tracking
The Essentials
Battle of the Color Spaces
Snort Cookbook
Running Snort as a Windows Service
Capturing Traffic from a Specific TCP Session
Detecting Fragmentation Attacks and Fragment Reassembly with Frag2
Experimental Preprocessors
Logging Application Traffic
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
Working with the Dialog Object
Events in the Outlook Object Model
Working with the NameSpace Object
Adding Windows Forms Controls to Your Document
VSTO Support for the WordML File Format
Programming .Net Windows Applications
Projects and Solutions
DialogResult
The Drawing Namespace
Labels and Buttons
Containers
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies