- 162 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
About this book
Python Passive Network Mapping: P2NMAP is the first book to reveal a revolutionary and open source method for exposing nefarious network activity.
The "Heartbleed" vulnerability has revealed significant weaknesses within enterprise environments related to the lack of a definitive mapping of network assets. In Python Passive Network Mapping, Chet Hosmer shows you how to effectively and definitively passively map networks. Active or probing methods to network mapping have traditionally been used, but they have many drawbacks - they can disrupt operations, crash systems, and - most importantly - miss critical nefarious activity. You require an accurate picture of the environments you protect and operate in order to rapidly investigate, mitigate, and then recover from these new attack vectors. This book gives you a deep understanding of new innovations to passive network mapping, while delivering open source Python-based tools that can be put into practice immediately.
Python Passive Network Mapping is for practitioners, forensic investigators, IT teams, and individuals who work together when performing incident response and investigating potential damage, or are examining the impacts of new malware threats. Those defending critical infrastructures will have a special interest in this book, as active or probing methods of network mapping are rarely used within these environments as any resulting impacts can be disastrous. Python Passive Network Mapping is ideally suited for use as a text in a variety of academic programs to expose and engage students in the art of passively mapping enterprise networks, with the added benefit of providing exposure to open source Python solutions.
- First book to show you how to use open source Python to conduct passive network mapping
- Provides a new method for conducting incident response and investigating the extent of potential damage to your systems
- Python code forensics toolkit for network mapping included on the companion website
Frequently asked questions
Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
- Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
- Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 990+ topics, we’ve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Python Passive Network Mapping by Chet Hosmer in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Networking. We have over one million books available in our catalogue for you to explore.
Information
Chapter 1
Introduction
Abstract
This chapter provides an overview of traditional and passive network mapping. The chapter introduces the concept of Python Passive Network Mapping (P2NMAP) and examines the pros and cons of such an approach. The chapter also examines some of the dangers and pitfalls of active network scanning, especially in critical infrastructure based environments.
Keywords
Python
Passive
Network
Mapping
Nmap
Zenmap
ping
icmp
tcpdump
echo
reply
“Measure what is measurable, and make measurable what is not so.”
Galileo Galilei
Conventions Used in This Text
I use standard typographical conventions (bold, italics, etc.), to highlight text that stands out from the overall body of the paragraph. The font styles I will be using throughout the text are:
Italic
Used for file and directory names and to emphasize terms
Constant width
Used for code listings and script generated output
Constant Width and Bold
Used for user input
Enterprise Networks today are complex, difficult to investigate, require specialized tools and demand exceptional and expert skills in order to properly respond to incidents. When dealing with incidents that involve critical infrastructure or other regulated industry environments the specialization of the toolkits can indeed be daunting.
One of the first challenges that face incident response teams and forensic investigation units is “What does your network consist of and how is it configured?” This may seem like a simple question that is easily answered by the Information Technology group. However, when responding to incidents like Heartbleed, Operation Shady Rat, and breaches at major retailers, the technical information and details regarding the network map can be vital.
More specific questions may also include:
▪ What internet protocol (IP) addresses and subnets do you operate?
▪ What servers and end points are running?
▪ Are the Servers local, hosted at an external site or in the cloud?
▪ What Operating Systems are in use? What versions and are they up-to-date?
▪ What Services (open ports) are available on each server and host?
▪ What applications and databases are in use?
▪ How is your network configured, protected and isolated?
▪ What connections are allowed between servers, hosts and Internet users?
▪ Wh...
Table of contents
- Cover
- Title page
- Table of Contents
- Copyright
- Dedication
- Biography
- Preface
- Acknowledgments
- Chapter 1: Introduction
- Chapter 2: What You DON’T Know About Your Network
- Chapter 3: Capturing Network Packets Using Python
- Chapter 4: Packet Capture Analysis
- Chapter 5: PCAP Extractor and OS Fingerprinting
- Chapter 6: Future Considerations and Challenge Problems
- Subject Index