|
Free ebooks
 More computer ebooks Networking Network Security Assessment: Guarding Your IT Infrastructure (2nd Edition) - O'Reilly
|
 Chapter 1, Network Security Assessment, discusses the rationale behind network security assessment and introduces security as a process, not a product.Chapter 2, Network Security Assessment Platform, covers the various operating systems and tools that make up a professional security consultant’s attack platform. Chapter 3, Internet Host and Network Enumeration, logically walks through the Internet-based options that a potential attacker has to map your network, from open web searches to DNS sweeping and querying of authoritative name servers. Chapter 4, IP Network Scanning, discusses all known IP network scanning techniques and their relevant applications, also listing tools and systems that support such scanning types. Chapter 5, Assessing Remote Information Services, defines the techniques and tools that execute information leak attacks against services such as LDAP, finger, and DNS. Chapter 6, Assessing Web Servers, covers the assessment of underlying web services, including Microsoft IIS, Apache, Tomcat, and subsystems such as OpenSSL, Microsoft FrontPage, and Outlook Web Access. Chapter 7, Assessing Web Applications, covers assessment of various web application technologies, including ASP, JSP, PHP, middleware, and backend databases such as MySQL, Oracle, and Microsoft SQL Server. Chapter 8, Assessing Remote Maintenance Services, details the tools and techniques used to correctly assess all common maintenance services. Chapter 9, Assessing Database Services, covers IP-based assessment of database servers including Oracle, Microsoft SQL Server, and MySQL. Chapter 10, Assessing Windows Networking Services, tackles security assessment for Windows components in a port-by-port fashion. Each component are detailed, from the DCE locator service listening on port 135 through to the CIFS direct listener on port 445. Chapter 11, Assessing Email Services, details assessment of SMTP, POP-3, and IMAP services that transport email. Often, these services can fall foul to information-leak and brute-force attacks, and, in some instances, process manipulation. Chapter 12, Assessing IP VPN Services, covers assessment of IP services that provide secure inbound network access, including IPsec, Microsoft PPTP, and SSL VPNs. Chapter 13, Assessing Unix RPC Services, comprehensively covers assessment of Unix RPC services found running on Linux, Solaris, IRIX, and other platforms. Chapter 14, Application-Level Risks, defines the various types of application-level vulnerabilities that hacker tools and scripts exploit. Chapter 15, Running Nessus, details how to set up and configure the Nessus vulnerability scanner to perform effective and fast automated testing of networks. Chapter 16, Exploitation Frameworks, covers the selection and use of exploitation frameworks, including the Metasploit Framework (MSF), Immunity CANVAS, and CORE IMPACT. Download free ebook on networking: Network Security Assessment 2nd edition
|
